Cisco Cisco Email Security Appliance C170 Guía Del Usuario
3-4
Cisco IronPort AsyncOS 7.6 for Email Configuration Guide
OL-25136-01
Chapter 3 Setup and Installation
See “Using Virtual Gateway™ Technology” in the Cisco IronPort AsyncOS for Email Advanced
Configuration Guide and
Configuration Guide and
for more information
about assigning multiple IP addresses to the available interfaces.
Note
The Cisco IronPort X1000/1050/1060/1070, C60/600/650/660/670, and C30/300/350/360/370 Email
Security appliances have three available Ethernet interfaces by default. The Cisco IronPort
C10/100/150/160 Email Security appliances have two available Ethernet interfaces.
Security appliances have three available Ethernet interfaces by default. The Cisco IronPort
C10/100/150/160 Email Security appliances have two available Ethernet interfaces.
Advanced Configurations
In addition to this configurations shown in
and
, you can also configure:
•
Multiple Cisco IronPort appliances using the Centralized Management feature
•
Redundancy at the network interface card level by “teaming” two of the Ethernet interfaces on Cisco
IronPort appliances using the NIC Pairing feature.
IronPort appliances using the NIC Pairing feature.
Both of these features are discussed in the Cisco IronPort AsyncOS for Email Advanced Configuration
Guide.
Guide.
Firewall Settings (NAT, Ports)
Depending on your network configuration, your firewall may need to be configured to allow access on
the following ports.
the following ports.
SMTP and DNS services must have access to the Internet. For other system functions, the following
services may be required:
services may be required:
contains all information about the possible ports that may need to
be opened for proper operation of the Cisco IronPort appliance. For example, ports in the firewall may
need to be opened for connections:
need to be opened for connections:
•
from the external clients (MTAs) to the Cisco IronPort appliance
•
to and from groupware servers
•
to the Internet root DNS servers or internal DNS servers
•
to the Cisco IronPort downloads servers for McAfee and Sophos Anti-Virus updates, Outbreak
Filters rules, and updates to AsyncOS
Filters rules, and updates to AsyncOS
•
to the NTP servers
•
to LDAP servers
Table 3-1
Firewall Ports
•
SMTP: port 25
•
DNS: port 53
•
HTTP: port 80
•
HTTPS: port 443
•
SSH: port 22
•
Telnet: port 23
•
LDAP: port 389 or 3268
•
NTP: port 123
•
LDAP over SSL: port 636
•
LDAP with SSL for Global Catalog queries: port 3269
•
FTP: port 21, data port TCP 1024 and higher
•
Cisco IronPort Spam Quarantine: port 6025