Cisco Cisco Email Security Appliance C160 Guía Del Usuario
3-5
Cisco AsyncOS 8.0.2 for Email User Guide
Chapter 3 Setup and Installation
Physically Connecting the Cisco Appliance to the Network
–
you can assign an IPv4 and an IPv6 address to each listener
•
1 listener on 1 logical IPv4 address configured on one physical interface
–
combines both incoming and outgoing traffic
–
you can assign both an IPv4 and an IPv6 address to the listener
Configuration worksheets for both one and two listener configurations are included below (see
). Most configuration scenarios are represented by one of the
following three figures.
Figure 3-1
Behind the Firewall Scenario / 2 Listeners Configuration
Notes:
•
2 Listeners
•
2 IPv4 addresses
•
2 IPv6 addresses
•
1 or 2 Ethernet interfaces (only 1 interface
shown)
shown)
•
SMTP routes configured
Inbound Listener: “InboundMail” (public)
•
IPv4 address: 1.2.3.4
•
IPv6 address:
2001:0db8:85a3::8a2e:0370:7334
2001:0db8:85a3::8a2e:0370:7334
•
Listener on the Data2 interface listens on
port 25
port 25
•
HAT (accept ALL)
•
RAT (accept mail for local domains; reject
ALL)
ALL)
Outbound Listener: “OutboundMail” (private)
•
IP address: 1.2.3.5
•
IPv6 address:
2001:0db8:85a3::8a2e:0370:7335
2001:0db8:85a3::8a2e:0370:7335
•
Listener on the Data2 interface listens on
port 25
port 25
•
HAT (relay for local domains; reject ALL)
DNS can be configured to use Internet Root servers or
internal DNS servers
internal DNS servers
SMTP routes direct mail to proper groupware server
Firewall ports opened for appropriate services to and
from the Cisco appliance
from the Cisco appliance
Groupware server
(Exchange™, Domino™,
Groupwise™)
Ethernet interface: Data 2
Public Listener:
“InboundMail”
Private Listener:
“OutboundMail”
Ethernet interface: Data 2
IP interface: PublicNet (e.g. 1.2.3.5)
SMTP
Firewall
Groupware Client
Internet
IPv4 interface: PublicNet (e.g. 1.2.3.4)
IPv6:
IPv6:
2001:0db8:85a3::8a2e:0370:733