Documentation | Support

Go to the table of contents Go to the previous page Go to the next page View or print as PDF
Content Gateway: Frequently Asked Questions : How do I ensure that Content Gateway is properly identified in the network?
How do I ensure that Content Gateway is properly identified in the network?
Content Gateway FAQs | Forcepoint Web Security | v8.4.x | 31-July-2017
To ensure that every Content Gateway node is found and correctly identified on the network, configure the /etc/hosts file on every Content Gateway node in a cluster.
 
* 
Note 
If Content Gateway is located on an appliance, there is nothing to do. Configuration of the /etc/hosts is handled automatically as part of initial configuration.
If this is not done, Content Gateway may fail to connect to the Forcepoint Web Security Policy Server or other network services. Sometimes the problem doesn't surface immediately, or surfaces after a second Content Gateway node is added.
 
* 
Important 
In a Content Gateway cluster, the cluster name, which is shared by all nodes, cannot be the same as any hostname.
 
Configuring the /etc/hosts file
On each Content Gateway node, edit the /etc/hosts file to include—ON THE FIRST LINE—the IP address, fully qualified domain name, and hostname of the node.
1.
Log on to the Content Gateway host system as root.
2.
Edit /etc/hosts. A typical default /etc/hosts file looks like:
127.0.0.1 localhost.localdomain localhost
3.
Open a new first line and specify the IP address, domain name, and hostname of the system. The format is:
xxx.xxx.xxx.xxx [FQDN] [hostname]
[FQDN] is the fully-qualified domain name of the machine, e.g. hostname.subdomain.top-level-domain.
[hostname] is the system hostname.
For example:
10.10.10.10 wcg1.example.com wcg1
127.0.0.1 localhost.localdomain localhost
The IP address must be static and not served by DHCP. The proxy uses this IP address in features such as transparent authentication and hierarchical caching.
 
* 
Note 
Do not delete the second line (former first line) that begins with 127.0.0.1. It specifies the loopback address and is also required.
4.
Save and close /etc/hosts.
Repeat the above on every Content Gateway node.
Confirming the settings:
To display the configured system hostname, on the Linux command line enter:
# hostname
To confirm the IP address that is bound to the hostname, on the Linux command line enter:
# ping hostname
For example:
# ping wcg1.example.com
This should return the IP address in line 1 of /etc/hosts. It should not return 127.0.0.1.
To test the local loopback address, on the Linux command line enter:
# ping localhost
This should return 127.0.0.1
To test if the hostname is resolved by DNS (if it is configured), on the Linux command line enter:
# nslookup hostname
For example:
# nslookup wcg1.example.com
This should return the same IP address as ping.
Note that in some cases it is optional to have the proxy in DNS.

Go to the table of contents Go to the previous page Go to the next page View or print as PDF
Content Gateway: Frequently Asked Questions : How do I ensure that Content Gateway is properly identified in the network?
Copyright 2017 Forcepoint. All rights reserved.