Skip navigation
McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams
957 Views 7 Replies Latest reply: Mar 20, 2013 2:27 AM by asabban RSS
satbir Apprentice 85 posts since
Oct 9, 2011
Currently Being Moderated

Mar 18, 2013 5:56 AM

MWG port fowarding fallback settings

Hi,

 

In MWG v6 we can set multiple port fowardings for same set of source subnet and destination port. This settings is implememnted in one of my customer's envirnonment. Now, they want to upgrade to MWG v7. In MWG v7, this settings is not allowed. My question is in MWG v6, if same set of source subnet and destination port is configured multiple times with different set of destination IPs then how does MWG v6 process it. Can we achieve same functionality in MWG v7?

 

Regards,port fowarding query.png

Satbir


SS
  • Jon Scholten McAfee SME 857 posts since
    Nov 3, 2009
    Currently Being Moderated
    1. Mar 18, 2013 4:24 PM (in response to satbir)
    Re: MWG port fowarding fallback settings

    I'm a bit confused, can you post a screenshot of what you had in MWG 6 for reference?

     

    Best,

    Jon

  • asabban McAfee SME 1,354 posts since
    Nov 3, 2009
    Currently Being Moderated
    3. Mar 19, 2013 4:32 AM (in response to satbir)
    Re: MWG port fowarding fallback settings

    Hello,

     

    did you ever try if that worked as expected? As far as I know port forwarding is a 1:1 relationship. You cannot open a port multiple times and have it forwarded to different destination addresses. I wonder if you were able to enter a port multiple times in MWG 6 erroneously.

     

    Best,

    Andre

  • asabban McAfee SME 1,354 posts since
    Nov 3, 2009
    Currently Being Moderated
    5. Mar 19, 2013 9:36 AM (in response to satbir)
    Re: MWG port fowarding fallback settings

    Hello,

     

    I configured Port 80 two times with different destinations on my MWG 6.x. Here is what the log says:

     

    Mar 19 15:35:27 MWG6-1 xinetd[1965]: bind failed (Address already in use (errno = 98)). service = forwarder_80

    Mar 19 15:35:27 MWG6-1 xinetd[1965]: Service forwarder_80 failed to start and is deactivated.

     

    Only the first entry is used, all additional using the same port are disabled.

     

    Best,

    Andre

  • asabban McAfee SME 1,354 posts since
    Nov 3, 2009
    Currently Being Moderated
    7. Mar 20, 2013 2:27 AM (in response to satbir)
    Re: MWG port fowarding fallback settings

    To be sure you could SSH into one of the existing machines at your customer and run

     

    /etc/init.d/xinetd restart

     

    Then watch the log files in /var/log (check messages or syslog) and you should notice similar messages. I am pretty sure (lets say 95%) that this has been configured someday in the past with the assumption of having a fallback, but was never tested and did never work.

     

    Another good example why upgrading from 6 to 7 is a good chance to get rid of old, useless or broken stuff ;-)

     

    Best,

    Andre

More Like This

  • Retrieving data ...

Bookmarked By (0)

Legend

  • Correct Answers - 5 points
  • Helpful Answers - 3 points