Solved

Interscan Gateway Scan Appliance operation mode

Posted on 2010-11-11
14
560 Views
Last Modified: 2013-11-22
Hi experts,
can you help me to take a look of this problem. currently i was
running the IGSA appliance. i was place in between core and firewalls. the
igsa running on transparent proxy mode, but its not suite our current
configuration since the igsa will change the ip address to the igsa
appliance. So, i need to change to fully transparent mode which is the
igsa will not change the ip address but unfortunately its not work if i
changed it.

Kindly need experts help to take a look. i attach the screen capture and
diagram for easy to experts understand my network.
 
ip-address.JPG
operation-mode.JPG
static-route.JPG
diagram.JPG
0
Comment
Question by:mrflizo
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 6
14 Comments
 
LVL 9

Expert Comment

by:Trackhappy
ID: 34117638
Have you by some chance still got the client prioxy set as the IGSA box? I think in transparent mode you would have no proxy set in your browser. Other than that I can't see anything wrong from your diagram.
0
 

Author Comment

by:mrflizo
ID: 34117653
is it cause of routing table? if i change to fully transparent mode, users cannot access the internet seems the igsa does not replying back to the users. on users pc, i dont set anything since the igsa deployment in inline mode.
0
 
LVL 9

Expert Comment

by:Trackhappy
ID: 34117660
If they are as per your screen shots, then they look spot on. Can you ping or manage the IGSA itself from a workstation? If so, then its routing is correct.
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 9

Expert Comment

by:Trackhappy
ID: 34117678
Does dns resolution work ok in transparent mode? from a client, try nslookup http://www.google.com or something. Clutching at straws here, it looks right.

Umm, next question, nats and rules on yor external firewall. If the requests are now coming from the clients as source address is it being nated correctly and allowed out?
0
 

Author Comment

by:mrflizo
ID: 34117764
NAT on firewalls are working correctly. i was test to bypass IGSA and its works. on access rule, i must create 2 access rule for accessing internet which is ip address of igsa and user-vlan.

if i disable access rule of igsa ip address it wont work on tranparent proxy mode because user ip address was change to igsa ip address.

i change the igsa to fully transparent mode, then bypass the igsa and its work nicely.

i can ping/access if change the igsa operation mode on fully transparent and proxy mode.

after i change the igsa in fully transparent, the users pc was not able to access internet but if i do the nslookup its works.
0
 
LVL 9

Expert Comment

by:Trackhappy
ID: 34117778
Farid you have got me then. Silly question, have you tried powering off the IGSA, and clearing the arp cache on both the core switch and firewall?
0
 

Author Comment

by:mrflizo
ID: 34117795
not yet i wiil try it now
0
 

Author Comment

by:mrflizo
ID: 34117869
i already try it...but the result its still same
0
 
LVL 9

Expert Comment

by:Trackhappy
ID: 34117872
When you change modes, is the license still active?
0
 

Author Comment

by:mrflizo
ID: 34117901
i was waiting the new license since the license already expired when the box online..is it all about the license?
0
 
LVL 9

Expert Comment

by:Trackhappy
ID: 34117906
It may well be, my Mate here thinks when you change modes it loses teh license and you have to re-apply it. I thought that was just the updates, but check it anyway in case he is right. I just can't see anything in your config from here that is incorrect.
0
 

Author Comment

by:mrflizo
ID: 34118285
i was change it again to fully transparent but the license is still there. i means the license remains.
0
 
LVL 1

Accepted Solution

by:
p3jalz earned 500 total points
ID: 34142799
your gateway  IP address setting is wrong, change it to:

ip: 192.168.99.7, gw: 192.168.99.5.

then create a static route
ip add: 10.0.0.0
sm: 255.0.0.0
gw: 192.168.99.1

you should be able to access to accessing internet with fully transparent mode.

gud luck
0
 

Author Closing Comment

by:mrflizo
ID: 34142801
tq
0

Featured Post

Optimize your web performance

What's in the eBook?
- Full list of reasons for poor performance
- Ultimate measures to speed things up
- Primary web monitoring types
- KPIs you should be monitoring in order to increase your ROI

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A 2007 NCSA Cyber Security survey revealed that a mere 4% of the population has a full understanding of firewalls. As business owner, you should be part of that 4% that has a full understanding.
Article by: Justin
In light of the WannaCry ransomware attack that affected millions of Windows machines, you might wonder if your Mac needs protecting. Yes, it does and here is how to do it.
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question