Virtual Secure Web Gateway

 View Only

  • 1.  Unable to ping SWG for intial config

    Posted Nov 20, 2014 06:53 AM

    Dear Symantec Support,

    Kindly i did the following to configure Symantec web gatweay virtual appliance

    1. start ESXi Vshpher Client and connect on the ESXi Server

    2. Deploy OVF File ( choose Thick Disk)

    3. Create 4 Virtual Switch ( Management, WAN, LAN, Monitoring) each switch in Promiscious mode.

    4. assign the 4 Netowrk port of the OVF Machine to separate virtual switch

    5. i disconnect NIC Port ( WAN, LAN) from the machine, before i start it & make Management NIC Port connected to Management Virtual Switch & Monitoring NIC Port connected to Vitual Monitoring Switch.

    6. Start OVF Machine. and connect with the default credential.

    7. i display the IP Address and found it ( 192.168.254.254), then i choose Option 5 "change/test IP Configuration" then Option 3 " Set IP/Disaple DHCP", and change IP Address to be in the range of management IP Ranges.

    8. i created virtual machine and get ip from management IP Ranges.

    the issue that i can't reach Symantec WG IP Address from any machine, i try with Internet exploere & by Ping, nothing work.
    i cant Ping Gateway or any mahine in this subnet or any other subnet

    Can some body help me here



  • 2.  RE: Unable to ping SWG for intial config

    Broadcom Employee
    Posted Nov 20, 2014 10:44 AM

    You need to make sure that the Web Gateway's management port is the only thing on the virtual switch you created for it and that the NIC the vswitch has assigned is not a teamed NIC.



  • 3.  RE: Unable to ping SWG for intial config

    Posted Nov 25, 2014 08:32 AM

    Thanks Davis..

    Have checked the the virtual switch created does only have the management port assigned to it and is not teamed.

    Have created 2 virtual switches, One for management port and other for the LAN port.

    Have changed the management port IP of Symantec web gateway from 192.168.254.254 to the IP address from the management VLAN, Self ping is happening but unable to reach the default gateway.

    Could need your inputs if something is missed in the configuration and need your valuable assistance to configure the SWG further.



  • 4.  RE: Unable to ping SWG for intial config

    Broadcom Employee
    Posted Dec 02, 2014 12:06 PM

    Did you set Promicuous Mode to Allow on all the the vswitches the Web Gateway will use? That is required.

    Follow the steps in this document to get this working correctly:

    www.symantec.com/business/support/index?page=content&id=TECH183599



  • 5.  RE: Unable to ping SWG for intial config

    Posted Dec 10, 2014 01:41 AM

    i have followed the steps in the document still i am unable to communicate to any of the ports of SWG.

    I have changed the IP address of the management port from default IP 192.168.254.254 to the management segment IP, Could this be the problem.

    Have checked from the network point everythings looks fine.

    =====================================================

    i display the IP Address and found it ( 192.168.254.254), then i choose Option 5 "change/test IP Configuration" then Option 3 " Set IP/Disaple DHCP", and change IP Address to be in the range of management IP Ranges.

    ======================================================

     

     



  • 6.  RE: Unable to ping SWG for intial config

    Broadcom Employee
    Posted Dec 18, 2014 12:55 PM

    That is correct. You are not sharing that network interface card with any other virtual machines, are you? The Web Gateway needs to be on its own vSwitches with its own dedicated NICs.