Cisco Cisco Email Security Appliance X1050 Referencia técnica
3-69
CLI Reference Guide for AsyncOS 10.0 for Cisco Email Security Appliances
Chapter 3 The Commands: Reference Examples
General Management/Administration/Troubleshooting
List of allowed IP addresses/Subnets/Ranges:
1. 192.168.1.2-100
2. 192.168.255.12
Choose the operation you want to perform:
- NEW - Add a new IP address/subnet/range.
- EDIT - Modify an existing entry.
- DELETE - Remove an existing entry.
- CLEAR - Remove all the entries.
[]>
Warning: The host you are currently using [72.163.202.175] is not included in the User
Access list. Excluding it will prevent your
host from connecting to the administrative interface. Are you sure you want to continue?
[N]> Y
Current mode: Restrict.
Please select the mode:
- ALL - All IP addresses will be allowed to access the administrative interface.
- RESTRICT - Specify IP addresses/Subnets/Ranges to be allowed access.
- PROXYONLY - Specify IP addresses/Subnets/Ranges to be allowed access through proxy.
- PROXY - Specify IP addresses/Subnets/Ranges to be allowed access through proxy or
directly.
[]>
Example - Configuring Login Banner
You can configure the Email Security appliance to display a message called a “login banner” when a user
attempts to log into the appliance through SSH, Telnet, FTP, or Web UI. The login banner is
customizable text that appears above the login prompt in the CLI and to the right of the login prompt in
the GUI. You can use the login banner to display internal security information or best practice
instructions for the appliance. For example, you can create a simple note that saying that unauthorized
use of the appliance is prohibited or a detailed warning concerning the organization’s right to review
changes made by the user to the appliance.
attempts to log into the appliance through SSH, Telnet, FTP, or Web UI. The login banner is
customizable text that appears above the login prompt in the CLI and to the right of the login prompt in
the GUI. You can use the login banner to display internal security information or best practice
instructions for the appliance. For example, you can create a simple note that saying that unauthorized
use of the appliance is prohibited or a detailed warning concerning the organization’s right to review
changes made by the user to the appliance.
The maximum length of the login banner is 2000 characters to fit 80x25 consoles. A login banner can
be imported from a file in the
be imported from a file in the
/data/pub/configuration
directory on the appliance. After creating the
banner, commit your changes.
In the following example, the login banner “Use of this system in an unauthorized manner is prohibited”
is added to the appliance:
is added to the appliance:
mail.example.com> adminaccessconfig
Choose the operation you want to perform:
- BANNER - Configure login message (banner) for appliance administrator login.
- WELCOME - Configure welcome message (post login message) for appliance administrator
login.
- IPACCESS - Configure IP-based access for appliance administrative interface.
- CSRF - Configure web UI Cross-Site Request Forgeries protection.
- HOSTHEADER - Configure option to use host header in HTTP requests.
- TIMEOUT - Configure GUI and CLI session inactivity timeout.
[]> banner
A banner has not been defined.
Choose the operation you want to perform:
- NEW - Create a banner to display at login.