Skip navigation
McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams
211 Views 2 Replies Latest reply: Feb 18, 2014 7:39 PM by com RSS
com Newcomer 3 posts since
Feb 17, 2014
Currently Being Moderated

Feb 17, 2014 8:46 PM

Issues with transparent router proxy

I have installed Web Gateway v7.3 as VM on ESXi and configured it as a transparent router. The firewall is configured to do policy based routing to route http traffic to Web Gateway. When i run tcpdump on Web Gateway, I am able to see the http traffic routed into the proxy interface but Web Gateway is not intercepting the traffic. Console to the Web Gateway shows that there is no entry in the iptables. Any other configurations required for the Web Gateway to work in transparent proxy mode?





Message was edited by: com on 2/17/14 8:46:26 PM CST
  • Jon Scholten McAfee SME 856 posts since
    Nov 3, 2009
    Currently Being Moderated
    1. Feb 18, 2014 10:17 AM (in response to com)
    Re: Issues with transparent router proxy



    There is more that need to be configured that your screenshots do not reveal. For example the management IP, this needs to be the physical Ip of the appliance. Nor does it show if a priority is set (needs to be set in order to start taking traffic). Also, the current proxy ports are not shown. For example if 9090 is not defined then this will not work either.


    For reference, MWG does not use iptables for the redirection. It uses a kernel driver to redirect called mfend.


    To check the status of mfend, you can type:

    mfend-lb -s


    To see if MWG is propertly ready to accept traffic type:

    /usr/bin/mwg-mon -c


    To see what state MWG is in:

    cat /var/run/mfend/state


    For complete setup information see page 114-118 of the 7.3.2 Product Guide -





    Message was edited by: jscholte on 2/18/14 10:17:46 AM CST

More Like This

  • Retrieving data ...

Bookmarked By (0)


  • Correct Answers - 5 points
  • Helpful Answers - 3 points