Additional network for backup and antivirus for all 800xA machines to avoid network traffic in CSA/CSB
Having Dedicated network for all 800xA machines additional network for backup and anti-virus .
Since the 800XA domain need to listen to only 172,16.x/172.17.x series , facing issue with Mcafee and Acronis server reaching node.
Mcafee and acronis traffic is dedicated to new separate network 192.168.x , same network is added on top of the Client/Server network.
Macfee is not able to communicate to all nodes even if its is able to ping the nodes , as soon as CSA/CSB network is removed mcAfee client starts updating to epo server ?
Epo server and Backup server is also connected to CSA and CSB
Since the 800XA domain need to listen to only 172,16.x/172.17.x series , facing issue with Mcafee and Acronis server reaching node.
Mcafee and acronis traffic is dedicated to new separate network 192.168.x , same network is added on top of the Client/Server network.
Macfee is not able to communicate to all nodes even if its is able to ping the nodes , as soon as CSA/CSB network is removed mcAfee client starts updating to epo server ?
Epo server and Backup server is also connected to CSA and CSB
Answers
IMHO: multihomed computers (computers having more than one network adapter) has always been a risk when running Microsoft Windows. Especially if you configure more than one default gateway in the same computer.
Check if asymmetric routing triggers the McAfee client computer's firewall to discard the ePO responses, i.e. the McAfee client transmit on one LAN while the ePO server respond on a different. Such asymmetric traffic may become blocked by a stateful firewall (only responses on the same LAN as the request will be accepted). Studying the output of "C:\> route print" in both ends should be enough to spot the asymmetry, but you can always temporarily disable the firewall as a check or use an Ethernet analyzer (e.g. Wireshark, etc) to monitor the traffic. By default, traffic is sent on the "fastest" LAN if multiple choices are found.
Solution: modify the routing table (use -p parameter to make the change persist across reboot)
Check if asymmetric routing triggers the McAfee client computer's firewall to discard the ePO responses, i.e. the McAfee client transmit on one LAN while the ePO server respond on a different. Such asymmetric traffic may become blocked by a stateful firewall (only responses on the same LAN as the request will be accepted). Studying the output of "C:\> route print" in both ends should be enough to spot the asymmetry, but you can always temporarily disable the firewall as a check or use an Ethernet analyzer (e.g. Wireshark, etc) to monitor the traffic. By default, traffic is sent on the "fastest" LAN if multiple choices are found.
Solution: modify the routing table (use -p parameter to make the change persist across reboot)
Add new comment