Connection to Threatcenter fails when Symantec Web Gateway (SWG) service is disabled.

book

Article ID: 156807

calendar_today

Updated On:

Products

Web Gateway

Issue/Introduction

You experience an issue where an SWG that is configured with separate WAN/LAN and Management ports is unable to connect to Symantec Threatcenter when the SWG service is disabled.  When the service is enabled the connection to Threatcenter is successful.

Cause

When the SWG service is disabled the SWG WAN/LAN interface is disabled.  If the SWG DNS server(s) reside on the WAN/LAN network the SWG is not be able to communicate with them properly when the WAN/LAN interface is disabled.

Resolution

To resolve this issue please add a static route to at least one DNS server and set the gateway as the Management port default gateway.

 

For example, for an SWG with the following configuration:

Management Port Default Gateway - 192.168.1.1

DNS Server IP - 10.0.0.2

You would create a static route with the following properties:

Destination - 10.0.0.2

Netmask - 255.255.255.255

Gateway - 192.168.1.1

This static route enables the SWG to communicate properly with the DNS servers when the SWG service is disabled.

 

An alternative solution would be to configure a secondary DNS  IP which resides on the Management network.


Applies To

SWG has separate WAN/LAN and Management ports connected.  SWG DNS server(s) reside on the same subnet as the WAN/LAN.