1 Reply Latest reply on Mar 3, 2014 2:59 AM by asabban

    MWG7 host entry does not work

    manfred.muenzker

      Hi all,

       

      I want to redirect www.vatican.com (which is 198.61.172.123) to www.cisco.com (which is IP 2.21.96.170).

       

      I do this with an entry in the host file --> see file host.jpg

       

      You can see the result in --> firefox.jpg

       

      The trace file is here --> trace.pcap

           (10.100.106.25          mwg proxy

            10.0.14.180               my IP)

       

      HAS ANYONE A IDEA HOW TO HANDLE THE DNS REDIRECTION ?

        • 1. Re: MWG7 host entry does not work
          asabban

          Hello,

           

          I don't think the redirection will work properly this way. The client requested http://www.vatican.com, so if you rewrite the DNS response MWG will contact the cisco web server, but it will ask for www.vatican.com. This can be seen in the dump you added:

           

          2014-03-03 09_55_23-vsphere.securelabs.local - vSphere Client.png

           

          On top of this www.cisco.com points to Akamai, which means it has more than one IP address and most likely the IP addresses will vary from time to time. Instead you could try a rule like this:

           

          2014-03-03 09_53_31-McAfee _ Web Gateway - MWG7-Test-2 - 10.150.64.145.png

           

          What it does is if the Host accessed is www.vatican.com MWG will rewrite the URL in the rule engine. When the request cycle is over MWG will perform a DNS lookup for cisco.com and contact to the right destination server. Because URL.Host has been rewritten the Host: header should also be corrected, and access works:

           

          2014-03-03 09_59_10-Cisco Systems, Inc - Cisco.png

           

          Best,

          Andre