Cisco Cisco Web Security Appliance S670 User Guide
3-20
AsyncOS 9.2 for Cisco Web Security Appliances User Guide
Chapter 3 Connect, Install, and Configure
Network Interfaces
Step 3
Configure the Interface options .
Step 4
Submit and commit your changes.
What to Do Next
•
If you added an IPv6 address, add an IPv6 routing table.
Related Topics
•
.
•
•
Option
Description
Interfaces
Modify or add new IPv4 or IPv6 Address, Netmask, and Hostname details for
the M1, P1, or P2 interfaces as required.
the M1, P1, or P2 interfaces as required.
•
M1 – AsyncOS requires an IPv4 address for the M1 (Management) port. In
addition to the IPv4 address, you can specify an IPv6 address. By default,
the Management interface is used to administer the appliance and Web
Proxy (data) monitoring. However, you can configure the M1 port for
management use only.
addition to the IPv4 address, you can specify an IPv6 address. By default,
the Management interface is used to administer the appliance and Web
Proxy (data) monitoring. However, you can configure the M1 port for
management use only.
•
P1 and P2 – Use an IPv4 address, IPv6 address, or both for the Data ports.
The Data interfaces are used for Web Proxy monitoring and Layer-4 Traffic
Monitor blocking (optional). You can also configure these interfaces to
support outbound services such as DNS, software upgrades, NTP, and
traceroute data traffic.
The Data interfaces are used for Web Proxy monitoring and Layer-4 Traffic
Monitor blocking (optional). You can also configure these interfaces to
support outbound services such as DNS, software upgrades, NTP, and
traceroute data traffic.
Note
If the Management and Data interfaces are all configured, each must be
assigned IP addresses on different subnets.
assigned IP addresses on different subnets.
Separate Routing for
Management
Services
Management
Services
Check Restrict M1 port to appliance management services only to limit M1
to management traffic only, requiring use of a separate port for data traffic.
to management traffic only, requiring use of a separate port for data traffic.
Note
When you use M1 for management traffic only, configure at least one
data interface, on another subnet, for proxy traffic. Define different
routes for management and data traffic.
data interface, on another subnet, for proxy traffic. Define different
routes for management and data traffic.
Appliance
Management
Services
Management
Services
Enable/disable use of, and specify a default port number for, the following
network protocols:
network protocols:
•
FTP – Disabled by default.
•
SSH
•
HTTP
•
HTTPS
Also, you can enable/disable redirection of HTTP traffic to HTTPS.