cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
yediaelchrist
Level 8
Report Inappropriate Content
Message 1 of 4
‎06-29-2021 09:58 PM

Configure Interface on MWG for Handling Dedicated Traffic

Jump to solution

Hi Everyone,

Hope you are all doing good during this tough time.

Is it possible to configure interfaces in MWG to handle dedicated traffic? For example interface eth0 is dedicated for handling MGMT traffic (Console) and interface eth1 is dedicated for handling data plane traffic (users web traffic, LDAP-related traffic, etc)?

 

Thanks.

 

Best regards,

Yedi

0 Kudos
Reply
1 Solution

Accepted Solutions
mkutrieba
Employee
Employee
Report Inappropriate Content
Message 2 of 4
‎07-01-2021 05:38 AM

Re: Configure Interface on MWG for Handling Dedicated Traffic

Jump to solution

hello @yediaelchrist,

I did not test all of this but still answer to give you further hints and idea.

Yes this is possible on different ways. For example UI management traffic can be separated from normal user traffic via source based routing, explained in product guide here:
https://docs.mcafee.com/bundle/web-gateway-9.2.x-product-guide/page/GUID-0D45627C-C0D7-4313-AD1D-9E0...

To also split other traffic initiated by MWG like LDAP, DNS etc. you would need to configure static routes via Configuration > select appliance > Static Routes:
https://docs.mcafee.com/bundle/web-gateway-10.2.x-product-guide/page/GUID-D21E6B2A-AFEE-40D2-B723-74...

Static Routes are configured destination based. So if 1.2.3.4 is the LDAP server, configure a rule with destination 1.2.3.4 and once a connection is triggered from MWG to this destination, it will lookup the static routes table.

Normal user initiated traffic should still come in and leave on normal way (default gateway/interface) if no other networking rules are matching.

Of course, all need to be setup and tested.

Regards,
Marcel Kutrieba
Technical Support Engineer

If you find this post useful, Please give it a Kudos! Also, Please don't forget to select "Accept as a solution" if this reply resolves your query!

View solution in original post

0 Kudos
Reply
3 Replies
mkutrieba
Employee
Employee
Report Inappropriate Content
Message 2 of 4
‎07-01-2021 05:38 AM

Re: Configure Interface on MWG for Handling Dedicated Traffic

Jump to solution

hello @yediaelchrist,

I did not test all of this but still answer to give you further hints and idea.

Yes this is possible on different ways. For example UI management traffic can be separated from normal user traffic via source based routing, explained in product guide here:
https://docs.mcafee.com/bundle/web-gateway-9.2.x-product-guide/page/GUID-0D45627C-C0D7-4313-AD1D-9E0...

To also split other traffic initiated by MWG like LDAP, DNS etc. you would need to configure static routes via Configuration > select appliance > Static Routes:
https://docs.mcafee.com/bundle/web-gateway-10.2.x-product-guide/page/GUID-D21E6B2A-AFEE-40D2-B723-74...

Static Routes are configured destination based. So if 1.2.3.4 is the LDAP server, configure a rule with destination 1.2.3.4 and once a connection is triggered from MWG to this destination, it will lookup the static routes table.

Normal user initiated traffic should still come in and leave on normal way (default gateway/interface) if no other networking rules are matching.

Of course, all need to be setup and tested.

Regards,
Marcel Kutrieba
Technical Support Engineer

If you find this post useful, Please give it a Kudos! Also, Please don't forget to select "Accept as a solution" if this reply resolves your query!
0 Kudos
Reply
yediaelchrist
Level 8
Report Inappropriate Content
Message 3 of 4
‎07-02-2021 03:01 AM

Re: Configure Interface on MWG for Handling Dedicated Traffic

Jump to solution

Hi Marcel,

Thanks a lot for your detailed explanation, I will try to test this on our local lab first and update you accordingly.

For this matter, I will mark your comment as the solution.
Thanks a lot!

Best regards,
Yedi

0 Kudos
Reply
Former Member
Not applicable
Report Inappropriate Content
Message 4 of 4
‎07-25-2021 08:23 PM

Re: Configure Interface on MWG for Handling Dedicated Traffic

Jump to solution

can you help me? How to Block Entire Countries from Accessing Your Website? 

 

@ geometry dash

0 Kudos
Reply
You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use our Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from product experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by employees.
Join the Community
Join the Community

TrellixSkyhigh Security | Support Trellix.com SkyhighSecurity.com

Legal Privacy Copyright © 2023 Musarubra US LLC