Troubleshooting for systems that connect over a VPN

Systems in the System Tree are typically identified with their unique MAC address. But, when systems connect over a VPN they can become associated with the MAC address of the VPN server instead. This can create problems when multiple systems are all connecting through the same VPN. To resolve this, McAfee recommends using the Client GUID to uniquely identify systems that use a VPN.

How systems are associated with a MAC address

The following diagram shows how two systems can be associated with the same MAC address in McAfee ePO.

  1. Client A connects to McAfee ePO over the VPN connection.
  2. McAfee ePO associates the MAC address of the VPN server, 00:12:3F:11:11:11, to Client A rather than the client's actual MAC address.
  3. Client B connects to McAfee ePO over the VPN connection.
  4. McAfee ePO associates the MAC address of the VPN server, also 00:12:3F:11:11:11, to Client B. Now two clients have the same VPN server MAC address.

As a result, Client A is deleted from the System Tree because both clients are associated with the same MAC address.



Preventing MAC address conflicts by using the client GUID instead

To resolve this issue, McAfee recommends using client GUIDs instead of MAC addresses to uniquely identify systems.

First, find the Organizationally Unique Identifier (OUI) of the VPN server. The OUI is the first six digits of the MAC address.

Add the VPN server OUI to the virtual MAC vendor values. This change allows McAfee ePO to identify the VPN server and begin using the client GUID as the unique identifier for systems that connect through it.