Cisco Cisco Web Security Appliance S170 사용자 가이드
2-19
AsyncOS 8.5 for Cisco Web Security Appliances User Guide
Chapter 2 Connect, Install, and Configure
Using the P2 Data Interface for Web Proxy Data
Choose a parameter group:
- AUTHENTICATION - Authentication related parameters
- CACHING - Proxy Caching related parameters
- DNS - DNS related parameters
- EUN - EUN related parameters
- NATIVEFTP - Native FTP related parameters
- FTPOVERHTTP - FTP Over HTTP related parameters
- HTTPS - HTTPS related parameters
- SCANNING - Scanning related parameters
- PROXYCONN - Proxy connection header related parameters
- CUSTOMHEADERS - Manage custom request headers for specific domains
- MISCELLANEOUS - Miscellaneous proxy related parameters
- SOCKS - SOCKS Proxy parameters
Step 3
[]> miscellaneous
Step 4
Press Enter past each question until the question:
Do you want proxy to listen on P2?
Enter ‘y’ for this question.
Step 5
Press Enter past the remaining questions.
Step 6
Commit your changes.
If you enable P2 to listen for client requests using the
advancedproxyconfig > miscellaneous
CLI
command, you can choose whether to use P1 or P2 for outgoing traffic. To use P1 for outgoing traffic,
change the Default Route for data traffic to specify the next IP address that the P1 interface is connected
to.
change the Default Route for data traffic to specify the next IP address that the P1 interface is connected
to.
Related Topics
•
•
Configuring TCP/IP Traffic Routes
Routes are used for determining where to send (or route) network traffic. The Web Security appliance
needs to route the following kinds of traffic:
needs to route the following kinds of traffic:
•
Data traffic. Traffic the Web Proxy processes from end users browsing the web.
•
Management traffic. Traffic created by managing the appliance through the web interface and
traffic the appliance creates for management services, such as AsyncOS upgrades, component
updates, DNS, authentication, and more.
traffic the appliance creates for management services, such as AsyncOS upgrades, component
updates, DNS, authentication, and more.
By default, both kinds of traffic use the routes defined for all configured network interfaces. However,
you can choose to split the routes (“split routing”) so that the M1 interface is only used for management
traffic. When you enable split routing, data traffic only uses the routes configured for the data interfaces
(P1 and P2, if configured), and management traffic uses the routes configured for all configured network
interfaces.
you can choose to split the routes (“split routing”) so that the M1 interface is only used for management
traffic. When you enable split routing, data traffic only uses the routes configured for the data interfaces
(P1 and P2, if configured), and management traffic uses the routes configured for all configured network
interfaces.
The number of sections on the Network > Routes page is determined by whether or not split routing is
enabled:
enabled:
•
Separate route configuration sections for Management and Data traffic (split routing enabled).
When you use the Management interface for management traffic only (“Restrict M1 port” is
enabled), then this page includes two sections to enter routes, one for management traffic and one
for data traffic.
When you use the Management interface for management traffic only (“Restrict M1 port” is
enabled), then this page includes two sections to enter routes, one for management traffic and one
for data traffic.