Skip navigation
McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams
354 Views 1 Reply Latest reply: May 17, 2013 5:19 PM by Jon Scholten RSS
trevorw2000 Apprentice 49 posts since
Sep 25, 2012
Currently Being Moderated

May 17, 2013 5:00 PM

Network Interfaces

If we have two network interfaces setup in MWG, is it possible to direct traffic out a specific interface given their source IP address?  The reason for this is that we have multiple ISPs and prior to the MWG we were sending traffic from certain networks out one pipe and then everything else out a different pipe.  I don't know if anyone has run into this yet or if it's possible in explicit proxy mode.  We're running version 7.3.0.2.0 if that matters...upgrade to the latest version is on the to-do list over the next two weeks.

 

Thanks,

 

Trevor

  • Jon Scholten McAfee SME 856 posts since
    Nov 3, 2009
    Currently Being Moderated
    1. May 17, 2013 5:19 PM (in response to trevorw2000)
    Re: Network Interfaces

    Hi Trevor,

     

    I havent seen this done, this would be considered policy based routing being done ON the MWG.

     

    If you have a device upstream from the MWG that can split things based on source IP, then you could enable IP spoofing on the MWG (that way all the traffic would retain the original source address), BUT you'd have you make sure your network is good to do this in. When IP spoofing is introduced asynchronous routes can cause split path issues (syn goes out one path, syn ack comes back another).

     

    Best,

    jon

More Like This

  • Retrieving data ...

Bookmarked By (1)

Legend

  • Correct Answers - 5 points
  • Helpful Answers - 3 points