How to troubleshoot McAfee Firewall Enterprise on Crossbeam

book

Article ID: 167970

calendar_today

Updated On:

Products

XOS

Issue/Introduction

This article describes how to troubleshoot McAfee Firewall Enterprise on the Crossbeam X-series PlatformN/A

Cause

Goal

McAfee Enterprise Gateway is installed as a virtual environment on the VAP.
McAfee tools and network troubleshooting tools (ping, TCPdump etc.) need to be executed from the virtual environment level. 
 

Resolution

In order to log into the virtual environment, run the following command from the VAP level:
 
virsh console crbm_vm
(Default password is admin\admin)
 
Change your user permissions with the command:
srole
 
From this level, you can run the network troubleshooting tools (ping, TCPdump etc.).
* Note that traceroute is not supported on McAfee Enterprise Gateway.
 
Other useful McAfee commands:
 
cf cluster status  - Displays current policy for primary and peers 
cf cluster q - Displays configured cluster object 
cf zone q - Shows zone configuration
cf license features - Displays list of all licensed features 
cf ipsec q - shows all configured vpn's 
cf ipsec policydump  - Prints the currently active IPsec Security Policy Database (SPD) in the kernel


In case the interaction between XOS and the guest McAfee Virtual Machine needs to be investigated, here is a path to the log files (on APM):
/mnt/aplocaldisk/vm/logs/

Workaround

N/A