Cisco Cisco Email Security Appliance C650 Guía Del Usuario
B-2
AsyncOS 9.1.2 for Cisco Email Security Appliances User Guide
Appendix B Assigning Network and IP Addresses
Selecting IP Addresses and Netmasks
Sample Interface Configurations
This section shows sample interface configurations based on some typical networks. The example will
use two interfaces called Int1 and Int2. In the case of the Cisco appliance, these interface names can
represent any two interfaces out of the three Cisco interfaces (Management, Data1, Data2).
use two interfaces called Int1 and Int2. In the case of the Cisco appliance, these interface names can
represent any two interfaces out of the three Cisco interfaces (Management, Data1, Data2).
Network 1:
Separate interfaces must appear to be on separate networks.
Data addressed to
192.168.1.X
(where X is any number 1-255, except for your own address, 10 in this
case) will go out on Int1. Anything addressed to
192.168.0.X
will go out on Int2. Any packet headed
for some other address not in these formats, most likely out on a WAN or the Internet, will be sent to the
default gateway which must itself be on one of these networks. The default gateway will then forward
the packet on.
default gateway which must itself be on one of these networks. The default gateway will then forward
the packet on.
Network 2:
The network addresses (network parts of the IP addresses) of two different interfaces cannot be the same.
This situation presents a conflict in that two different Ethernet interfaces have the same network address.
If a packet from the Cisco appliance is sent to
If a packet from the Cisco appliance is sent to
192.168.1.11
, there is no way to decide which Ethernet
interface should be used to deliver the packet. If the two Ethernet interfaces are connected to two
separate physical networks, the packet may be delivered to the incorrect network and never find its
destination. The Cisco appliance will not allow you to configure your network with conflicts.
separate physical networks, the packet may be delivered to the incorrect network and never find its
destination. The Cisco appliance will not allow you to configure your network with conflicts.
You can connect two Ethernet interfaces to the same physical network, but you must construct IP
addresses and netmasks to allow the Cisco appliance to select a unique delivery interface.
addresses and netmasks to allow the Cisco appliance to select a unique delivery interface.
IP Addresses, Interfaces, and Routing
When selecting an interface on which to perform a command or function in the GUI or CLI that allows
you to select an interface (for example, upgrading AsyncOS, or configuring DNS, etc.), routing (your
default gateway) will take precedence over your selection.
you to select an interface (for example, upgrading AsyncOS, or configuring DNS, etc.), routing (your
default gateway) will take precedence over your selection.
For example, suppose you have an Cisco appliance with the 3 network interfaces configured, each on a
different network segment (assume all /24):
different network segment (assume all /24):
Interface
IP address
netmask
net address
Int1
192.168.1.10
255.255.255.0
192.168.1.0/24
Int2
192.168.0.10
255.255.255.0
192.168.0.0/24
Ethernet Interface
IP address
netmask
net address
Int1
192.168.1.10
255.255.0.0
192.168.0.0/16
Int2
192.168.0.10
255.255.0.0
192.168.0.0/16
Ethernet
IP
Management
192.19.0.100