Is it necessary to be any more specific then to have an entry of:
when setting up the Walled Garden in Hotspot to allow McAfee to update?
The full URL is:
http://download.mcafee.com/molbin/iss-loc/amcore/amindex/en-us/amindex.cab
I am thinking that using the full URL wouldn’t be a good idea as McAfee might change some small thing and access would be disallowed whereas as long as download.mcafee.com is allowed the update will get through.
Why don’t you just allow access to all mcafee.com? Would that be out of the question?
/ip hotspot walled-garden
add dst-host=*.mcafee.com action=allow
Well, kinda. This is a hotspot running on an extremely bandwidth-restricted connection (satellite) and the full site has hideous things like video tutorials and the “Virtual Technician”. I just want to allow folks to be able to update their virus defs. Right now, McAfee tries to do that as soon as they turn on their PC and are assigned an IP, but before they log into the Hotspot. This fails and they get all kinds of ugly messages about “Computer at Risk!!”. If they do a manual update after logging in, it works OK.
Would
/ip hotspot walled-garden
add dst-host=download.mcafee.com/* action=allow
work as a wildcard for just the download domain?
You don’t need a wildcard for the pages, just the server/domain. This should do the same thing.
/ip hotspot walled-garden
add dst-host=download.mcafee.com action=allow
Tim:
That is what I thought. Thanks for confirming this - as usual, it isn’t clear in the wiki.