Cisco Cisco Email Security Appliance C160 Guia Do Utilizador
Chapter 15 System Administration
15-70
Cisco IronPort AsyncOS 7.5 for Email Configuration Guide
OL-25136-01
Please be aware that you may lose access to the appliance after submitting and
committing your changes if one of the following conditions is true:
committing your changes if one of the following conditions is true:
•
If you select Only Allow Specific Connections and do not include the IP
address of your current machine in the list.
address of your current machine in the list.
•
If you select Only Allow Specific Connections Through Proxy and the IP
address of the proxy currently connected to the appliance is not in the proxy
list and the value of the Origin IP header is not in the list of allowed IP
addresses.
address of the proxy currently connected to the appliance is not in the proxy
list and the value of the Origin IP header is not in the list of allowed IP
addresses.
•
If you select Only Allow Specific Connections Directly or Through Proxy
and
and
–
the value of the Origin IP header is not in the list of allowed IP addresses
OR
–
the value of the Origin IP header is not in the list of allowed IP Addresses
and the IP address of the proxy connected to the appliance is not in the
list of allowed proxies.
and the IP address of the proxy connected to the appliance is not in the
list of allowed proxies.
To create an access list for the Email Security appliance:
Step 1
Use the System Administration > Network Access page.
Step 2
Click Edit Settings.
Step 3
Select the mode of control for the access list.
Step 4
Enter the IP addresses from which users will be allowed to connect to the
appliance.
appliance.
You can enter an IP address, IP address range or CIDR range. Use commas to
separate multiple entries.
separate multiple entries.
Step 5
If connecting through a proxy is allowed, enter the following information:
•
The IP addresses of the proxies allowed to connect to the appliance. Use
commas to separate multiple entries.
commas to separate multiple entries.
•
The name of the origin IP header that the proxy sends to the appliance, which
contains the IP addresses of the remote user’s machine and the proxy servers
that forwarded the request. By default, the name of the header is
contains the IP addresses of the remote user’s machine and the proxy servers
that forwarded the request. By default, the name of the header is
x-forwarded-for
.
Step 6
Submit and commit your changes.