Network Configuration
Created: 27 Jul 2011 | 11 comments
hi,
i want to test the web gateway, but I hang in the network configuration.
the configration should be inline+proxy on a vmware exsi server with 2 network cards.
nic1: lan, mgmt, monitor
nic2: wan
the internal network adress is 192.168.32.X
the router / firewall ip adress is 192.168.100.254
how should the configuration look like?
Discussion Filed Under:
Comments
Each SWG NIC needs its own
Each SWG NIC needs its own Vitrual Switch with PromiscuousMode set to accept. as per the implenetation guide page 72.
that meens i can not test it,
that means i can not test it, if i do not have four physical network cards?
Network Cards
Well you don't use all the interfaces in all modes, so in your situation you wouldn't actually need an interface for the Monitor interface as it won't be used, but you would need three available(one for management, one for the WAN side of the Inline interface, and one for the LAN side of the Inline interface.
Cheers,
Kevin
ok, thanks. the only thing i
ok, thanks.
the only thing i can test is the proxy. than i need one interface for lan and one for mgmt?
Network Cards
Okay so if you are looking to test the Proxy only mode and not the Inline + Proxy mode, then yes you only need two interfaces. The management interface and the Lan side of the Inline interface. Keep in mind these interfaces need to on two different networks.
Kevin
I apologize for the thread
I apologize for the thread hijack but....
I posted a similar issue problem and I think you may have solved it. I was trying to test proxy mode with ESXi and I have two NICs. I cannot get the LAN interface to show anything but down. I wonder if this is because I was trying to use both NIC's on the same subnet. So it looks like I need to plug-in the LAN interface into a router or switch that's connected to another router using a different subnet. What about using a Windows 2008 R2 box with RRAS for routing?
The reason I ask is because i would like to create an ESXi server to do the following:
10 guest VM's running XP, Windows 7, etc... (Systems cannot install SEP due to the development work going on these boxes)
1 VM Guest (SWG) in proxy mode or (proxy + inline)
I would like to send all of the 10 Guest VM's traffic through the SWG and I would prefer keeping the network stuff self contained to the ESXi box to make physical network changes as simple as possible.
Can this be done? I have port/span working for this setup but I would like a bit more protection from SWG
both network adapter need a
both network adapter need a seperate virtual switch on vmware server. the nics can use the same switch.
mgmt nic: 192.168.254.254
lan nic: 192.168.32.254
proxy mode
This is assuming your using a
This is assuming your using a managed switch?
External switch type
External switch type shouldn't matter too much unless you are in span/tap mode of which you may need to enable mirroring of traffic to the span/tap port on the physical switch.
What am I missing here. In
What am I missing here. In proxy mode everything I read states I only need LAN and Management. As you can see each one has their own virtual switch connected to their own physical adapter yet LAN never shows up in the SWG gui or through command line menu.
I figured it out. I needed to
I figured it out. I needed to enable seperate network and inline networks. The problem is I tried this before from the configuration page and I never got the inline options. Once I ran the wizard again and selected this option I now see my LAN adapter connected.
Would you like to reply?
Login or Register to post your comment.