Loading...

Knowledge Center


McAfee Agent on a computer with multiple Network Interface Cards cannot be bound to a specific IP address
Technical Articles ID:   KB53169
Last Modified:  6/11/2019
Rated:


Environment

McAfee Agent (MA) 5.x.x
McAfee Application and Change Control (MACC) 8.x.x, 7.x.x, 6.x.x
McAfee ePolicy Orchestrator (ePO) 5.10.x, 5.9.x, 5.3.x
McAfee Rogue System Detection (RSD) 5.x.x

Problem

McAfee Agent cannot be bound to a specific IP address if the computer on which the agent is installed has multiple IP addresses. The agent binds to the first available IP address provided by the operating system.

NOTE: Any IP addresses other than the one assigned to the primary Network Interface Card (NIC) on a computer is detected as separate Rogue Computers by RSD sensors.
 
On some operating systems, you can force the computer to report the NIC with the external IP address first (Lan1) and the other as the second (Lan2). This action resolves the problem because the agent automatically binds to whichever the operating system reports as the first interface. For more information about which operating systems this action can be applied to, see the Microsoft article at: https://docs.microsoft.com/en-us/windows-server/networking/technologies/network-subsystem/net-sub-interface-metric

When a client system restarts, if a different IP address is bound first and used by the agent, you see the following sequence of events on the ePO server:
  1. The server first tries to connect to the client using the last known IP address.
  2. The server tries to communicate using Domain Name Services (DNS).
  3. A NetBIOS broadcast is sent to locate the client and resume communications.
Problems incurred when a new IP address is bound by McAfee Agent:
  • ePO reports might contain erroneous data and show the McAfee Agent using an incorrect IP address.
  • For a new computer, the computer might be assigned to the wrong part of the ePO directory.

Solution

Customers are requested to work with Microsoft to force the computer to report the NIC with the external IP address first.

If you require a change to product functionality, submit a new product idea at:

https://community.mcafee.com/t5/Enterprise-Product-Ideas/idb-p/business-ideas

The Ideas forum is accessible only to McAfee business and enterprise customers. Click Sign In and enter your McAfee ServicePortal (https://support.mcafee.com) User ID and password. If you do not yet have a McAfee ServicePortal or McAfee Community account, click Register to register for a new account on either website.

For more information about product ideas, see KB60021.

NOTE: The Ideas forum replaces the previous Product Enhancement Request system.

Rate this document

Languages:

This article is available in the following languages:

English United States
Spanish Spain
Japanese

Glossary of Technical Terms


 Highlight Glossary Terms

Please take a moment to browse our Glossary of Technical Terms.