Virtual Secure Web Gateway

 View Only

  • 1.  Test for successful blocking not successful

    Posted Jul 29, 2011 10:48 AM

    Hi everyone,

    Here is what I have done. 

    1. Deployed the VMware virtual edition of SWG and configured separate vSwitches for each port

    2. During the initial setup, I have chosen Port Span/Tap with Blocking Operating Mode

    3. Then I tested the Blocking (from workstation on the same network as the management port of SWG is located) by visiting the following URL:

    testwebgateway.com/test/bltest.htm

    The page doesn't get blocked. 

    Do I have to do some more configurations, or I have done something wrong?

    Thanks



  • 2.  RE: Test for successful blocking not successful

    Posted Jul 29, 2011 11:01 AM

    On the executive summary page are the counts for raw traffic processed, and URLS inspected going up?

    If not the monitor port is not seeing the traffic. If so you may need to create a policy.



  • 3.  RE: Test for successful blocking not successful

    Posted Jul 29, 2011 11:14 AM

    Thanks Ben, I don't see any URLs inspected, so I guess the monitor port is not seeing the traffic. 

    What do I need to check in this case?

    Thanks

    BTW, sorry for the double post. Can I remove it myself?



  • 4.  RE: Test for successful blocking not successful

    Posted Jul 29, 2011 02:59 PM

    The monitor port should have its own virtual switch attached to an actually nic that attaches to the monitor port. The virtual switch needs to be in promiscuous mode.

    I've removed the duplicate posting.



  • 5.  RE: Test for successful blocking not successful

    Posted Aug 01, 2011 09:59 AM

     

    Hi Ben and thanks for your help, everything is working now.

    Actually, I had the setup done correctly (as per your suggestion). The problem was that I didn't configure SPAN port on the LAN switch used by our VMware ESXi host. In other words the physical NIC of the virtual switch has to be physically plugged to an SPAN port of the LAN switch.