Solved

Interscan Gateway Scan Appliance operation mode

Posted on 2010-11-11
14
558 Views
Last Modified: 2013-11-22
Hi experts,
can you help me to take a look of this problem. currently i was
running the IGSA appliance. i was place in between core and firewalls. the
igsa running on transparent proxy mode, but its not suite our current
configuration since the igsa will change the ip address to the igsa
appliance. So, i need to change to fully transparent mode which is the
igsa will not change the ip address but unfortunately its not work if i
changed it.

Kindly need experts help to take a look. i attach the screen capture and
diagram for easy to experts understand my network.
 
ip-address.JPG
operation-mode.JPG
static-route.JPG
diagram.JPG
0
Comment
Question by:mrflizo
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 6
14 Comments
 
LVL 9

Expert Comment

by:Trackhappy
ID: 34117638
Have you by some chance still got the client prioxy set as the IGSA box? I think in transparent mode you would have no proxy set in your browser. Other than that I can't see anything wrong from your diagram.
0
 

Author Comment

by:mrflizo
ID: 34117653
is it cause of routing table? if i change to fully transparent mode, users cannot access the internet seems the igsa does not replying back to the users. on users pc, i dont set anything since the igsa deployment in inline mode.
0
 
LVL 9

Expert Comment

by:Trackhappy
ID: 34117660
If they are as per your screen shots, then they look spot on. Can you ping or manage the IGSA itself from a workstation? If so, then its routing is correct.
0
DevOps Toolchain Recommendations

Read this Gartner Research Note and discover how your IT organization can automate and optimize DevOps processes using a toolchain architecture.

 
LVL 9

Expert Comment

by:Trackhappy
ID: 34117678
Does dns resolution work ok in transparent mode? from a client, try nslookup http://www.google.com or something. Clutching at straws here, it looks right.

Umm, next question, nats and rules on yor external firewall. If the requests are now coming from the clients as source address is it being nated correctly and allowed out?
0
 

Author Comment

by:mrflizo
ID: 34117764
NAT on firewalls are working correctly. i was test to bypass IGSA and its works. on access rule, i must create 2 access rule for accessing internet which is ip address of igsa and user-vlan.

if i disable access rule of igsa ip address it wont work on tranparent proxy mode because user ip address was change to igsa ip address.

i change the igsa to fully transparent mode, then bypass the igsa and its work nicely.

i can ping/access if change the igsa operation mode on fully transparent and proxy mode.

after i change the igsa in fully transparent, the users pc was not able to access internet but if i do the nslookup its works.
0
 
LVL 9

Expert Comment

by:Trackhappy
ID: 34117778
Farid you have got me then. Silly question, have you tried powering off the IGSA, and clearing the arp cache on both the core switch and firewall?
0
 

Author Comment

by:mrflizo
ID: 34117795
not yet i wiil try it now
0
 

Author Comment

by:mrflizo
ID: 34117869
i already try it...but the result its still same
0
 
LVL 9

Expert Comment

by:Trackhappy
ID: 34117872
When you change modes, is the license still active?
0
 

Author Comment

by:mrflizo
ID: 34117901
i was waiting the new license since the license already expired when the box online..is it all about the license?
0
 
LVL 9

Expert Comment

by:Trackhappy
ID: 34117906
It may well be, my Mate here thinks when you change modes it loses teh license and you have to re-apply it. I thought that was just the updates, but check it anyway in case he is right. I just can't see anything in your config from here that is incorrect.
0
 

Author Comment

by:mrflizo
ID: 34118285
i was change it again to fully transparent but the license is still there. i means the license remains.
0
 
LVL 1

Accepted Solution

by:
p3jalz earned 500 total points
ID: 34142799
your gateway  IP address setting is wrong, change it to:

ip: 192.168.99.7, gw: 192.168.99.5.

then create a static route
ip add: 10.0.0.0
sm: 255.0.0.0
gw: 192.168.99.1

you should be able to access to accessing internet with fully transparent mode.

gud luck
0
 

Author Closing Comment

by:mrflizo
ID: 34142801
tq
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this increasingly digital world, security hacks are no longer just a threat, but a reality. As we've witnessed with Target's big identity hack 2013, Heartbleed in 2015, and now Cloudbleed, companies and their leaders need to prepare for the unthi…
Most MSPs worth their salt are already offering cybersecurity to their customers. But cybersecurity as a service is wide encompassing and can mean many things.  So where are MSPs falling in this spectrum?
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question