Configuration changes are not applied to the McAfee Agents through a Cisco firewall
Technical Articles ID:
KB72227
Last Modified: 2/16/2021
Last Modified: 2/16/2021
Configuration changes are not applied to the McAfee Agents through a Cisco firewall
Technical Articles ID:
KB72227
Last Modified: 2/16/2021 EnvironmentMcAfee Agent (MA) 5.x
McAfee ePolicy Orchestrator (ePO) 5.x Cisco firewall or Cisco firewall module Problem
Communication between ePO and the McAfee Agents is disrupted when a Cisco firewall exists between the ePO server and the McAfee Agents. Though it seems like the agents are communicating, configuration changes are not applied and tasks are not propagated to the agents. If this issue occurs, communication disruption happens only with traffic that flows through the Cisco firewall. Communication that does not flow through the Cisco firewall is not affected. The CauseCisco firewall is inspecting traffic between the ePO server and the agents:
The Cisco firewall detects the
SolutionEnable SSL for the ASCI.
SolutionChange the default ASCI port from 80 to a dedicated port that is not used by any well-known protocol.
WorkaroundDisable HTTP packet inspection on the Cisco firewall.
Affected ProductsLanguages:Glossary of Technical Terms |
|