Cisco Cisco Web Security Appliance S690 사용자 가이드
25-7
Cisco IronPort AsyncOS 7.7 for Web User Guide
Chapter 25 Configuring Network Settings
Virtual Local Area Networks (VLANs)
Figure 25-2
Using VLANs to Increase the Number of Networks Available on the Appliance
VLANs can be used to segment networks for security purposes, to ease administration, or increase
bandwidth. For example, create multiple VLANs on the P1 interface and then apply different policies to
each. VLANs appear as dynamic “Data Ports” labeled in the format of: “VLAN DDDD” where the
“DDDD” is the ID and is an integer up to 4 digits long (VLAN 2, or VLAN 4094 for example). AsyncOS
supports up to 30 VLANs. Duplicate VLAN IDs are not allowed on an IronPort appliance.
bandwidth. For example, create multiple VLANs on the P1 interface and then apply different policies to
each. VLANs appear as dynamic “Data Ports” labeled in the format of: “VLAN DDDD” where the
“DDDD” is the ID and is an integer up to 4 digits long (VLAN 2, or VLAN 4094 for example). AsyncOS
supports up to 30 VLANs. Duplicate VLAN IDs are not allowed on an IronPort appliance.
VLANs and Physical Ports
A physical port does not need an IP address configured in order to be in a VLAN. The physical port on
which a VLAN is created can have an IP that will receive non-VLAN traffic, so you can have both VLAN
and non-VLAN traffic on the same interface.
which a VLAN is created can have an IP that will receive non-VLAN traffic, so you can have both VLAN
and non-VLAN traffic on the same interface.
VLANs can only be created on the Management and P1 data ports.
Managing VLANs
You can create, edit and delete VLANs via the
etherconfig
command. Once created, a VLAN can be
configured via the
interfaceconfig
command in the CLI. Remember to commit all changes.
Creating a New VLAN via the etherconfig Command
In this example, two VLANs are created (named VLAN 31 and VLAN 34) on the P1 port:
NOC
DMZ
VLAN
“Router”
VLAN1
VLAN3
VLAN2
Cisco IronPort appliance configured for
VLAN1, VLAN2, and VLAN3
VLAN1, VLAN2, and VLAN3