We are using MVM 7.5 to scan throug firewalls - it works as expected.
Firewall needs to be configured so that MVM traffic are allowed "unaltered" (no proxy or NAT).
It will work if you do as jhaynes proposes to "allow all trafic" - but to me it's a bit drastic.
Our setup works with only the ports listed in the KB below opened.
To check if things are correct setup in the firewall just try to do a quick asset scan.
If MVM returns assets on all IP adresses and maybe two assests for "live" addresses you have not configured the firewall correct.
BTW we are using Mcfee Enterprise firewall.
Agreed..scanning through firewalls will work--but--there are circumstances where it's a bad idea.
I've scanned successfully for years without issue--until a service running as part of of an application misbehaved when it recieved a udp packet.
So yes, the service was buggy, but it caused a continuous traffic loop with one of my scan appliances on the other side of a firewall, which in turn, caused a state table to fill up in the firewall, which exhausted firewall resources and begain causing some issues with other apps.
I'm looking to get a new appliance for the other side of the firewall to avoid this..at least where there are alot of hosts on "the other side".