Cisco Cisco Email Security Appliance C650 Guía Del Usuario
33-9
Cisco AsyncOS 8.0.2 for Email User Guide
Chapter 33 Advanced Network Configuration
Virtual Local Area Networks (VLANs)
Virtual Local Area Networks (VLANs)
VLANs are virtual local area networks bound to physical data ports. You can configure VLANs to
increase the number of networks the Cisco appliance can connect to beyond the number of physical
interfaces included. For example, a Cisco C6x appliance has three interfaces: Data 1, Data 2, and
Management. VLANs allow more networks to be defined on separate “ports” on existing listeners. (See
increase the number of networks the Cisco appliance can connect to beyond the number of physical
interfaces included. For example, a Cisco C6x appliance has three interfaces: Data 1, Data 2, and
Management. VLANs allow more networks to be defined on separate “ports” on existing listeners. (See
for more information.) You can configure multiple VLANs on
any physical network port.
provides an example of configuring several VLANs on the Data
2 interface.
Figure 33-1
Using VLANs to increase the number of networks available on the appliance
VLANs can be used to segment networks for security purposes, to ease administration, or increase
bandwidth. VLANs appear as dynamic “Data Ports” labeled in the format of: “VLAN DDDD” where the
“DDDD” is the ID and is an integer up to 4 digits long (VLAN 2, or VLAN 4094 for example). AsyncOS
supports up to 30 VLANs. Duplicate VLAN IDs are not allowed on an Cisco appliance.
bandwidth. VLANs appear as dynamic “Data Ports” labeled in the format of: “VLAN DDDD” where the
“DDDD” is the ID and is an integer up to 4 digits long (VLAN 2, or VLAN 4094 for example). AsyncOS
supports up to 30 VLANs. Duplicate VLAN IDs are not allowed on an Cisco appliance.
VLANs and Physical Ports
A physical port does not need an IP address configured in order to be in a VLAN. The physical port on
which a VLAN is created can have an IP that will receive non-VLAN traffic, so you can have both VLAN
and non-VLAN traffic on the same interface.
which a VLAN is created can have an IP that will receive non-VLAN traffic, so you can have both VLAN
and non-VLAN traffic on the same interface.
IronPort appliance configured for VLAN1, VLAN2, VLAN3
NOC
DMZ
VLAN
“Router”
VLAN1
VLAN3
VLAN2