Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 563
  • Last Modified:

Interscan Gateway Scan Appliance operation mode

Hi experts,
can you help me to take a look of this problem. currently i was
running the IGSA appliance. i was place in between core and firewalls. the
igsa running on transparent proxy mode, but its not suite our current
configuration since the igsa will change the ip address to the igsa
appliance. So, i need to change to fully transparent mode which is the
igsa will not change the ip address but unfortunately its not work if i
changed it.

Kindly need experts help to take a look. i attach the screen capture and
diagram for easy to experts understand my network.
 
ip-address.JPG
operation-mode.JPG
static-route.JPG
diagram.JPG
0
mrflizo
Asked:
mrflizo
  • 7
  • 6
1 Solution
 
TrackhappyCommented:
Have you by some chance still got the client prioxy set as the IGSA box? I think in transparent mode you would have no proxy set in your browser. Other than that I can't see anything wrong from your diagram.
0
 
mrflizoAuthor Commented:
is it cause of routing table? if i change to fully transparent mode, users cannot access the internet seems the igsa does not replying back to the users. on users pc, i dont set anything since the igsa deployment in inline mode.
0
 
TrackhappyCommented:
If they are as per your screen shots, then they look spot on. Can you ping or manage the IGSA itself from a workstation? If so, then its routing is correct.
0
2017 Webroot Threat Report

MSPs: Get the facts you need to protect your clients.
The 2017 Webroot Threat Report provides a uniquely insightful global view into the analysis and discoveries made by the Webroot® Threat Intelligence Platform to provide insights on key trends and risks as seen by our users.

 
TrackhappyCommented:
Does dns resolution work ok in transparent mode? from a client, try nslookup http://www.google.com or something. Clutching at straws here, it looks right.

Umm, next question, nats and rules on yor external firewall. If the requests are now coming from the clients as source address is it being nated correctly and allowed out?
0
 
mrflizoAuthor Commented:
NAT on firewalls are working correctly. i was test to bypass IGSA and its works. on access rule, i must create 2 access rule for accessing internet which is ip address of igsa and user-vlan.

if i disable access rule of igsa ip address it wont work on tranparent proxy mode because user ip address was change to igsa ip address.

i change the igsa to fully transparent mode, then bypass the igsa and its work nicely.

i can ping/access if change the igsa operation mode on fully transparent and proxy mode.

after i change the igsa in fully transparent, the users pc was not able to access internet but if i do the nslookup its works.
0
 
TrackhappyCommented:
Farid you have got me then. Silly question, have you tried powering off the IGSA, and clearing the arp cache on both the core switch and firewall?
0
 
mrflizoAuthor Commented:
not yet i wiil try it now
0
 
mrflizoAuthor Commented:
i already try it...but the result its still same
0
 
TrackhappyCommented:
When you change modes, is the license still active?
0
 
mrflizoAuthor Commented:
i was waiting the new license since the license already expired when the box online..is it all about the license?
0
 
TrackhappyCommented:
It may well be, my Mate here thinks when you change modes it loses teh license and you have to re-apply it. I thought that was just the updates, but check it anyway in case he is right. I just can't see anything in your config from here that is incorrect.
0
 
mrflizoAuthor Commented:
i was change it again to fully transparent but the license is still there. i means the license remains.
0
 
p3jalzCommented:
your gateway  IP address setting is wrong, change it to:

ip: 192.168.99.7, gw: 192.168.99.5.

then create a static route
ip add: 10.0.0.0
sm: 255.0.0.0
gw: 192.168.99.1

you should be able to access to accessing internet with fully transparent mode.

gud luck
0
 
mrflizoAuthor Commented:
tq
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 7
  • 6
Tackle projects and never again get stuck behind a technical roadblock.
Join Now