Cisco Cisco Content Security Management Appliance M160 Guia Do Utilizador

B-3

Cisco IronPort AsyncOS 7.2.0 for Security Management User Guide

OL-21768-01

Appendix B Assigning Network and IP Addresses

Sample Interface Configurations

This section shows sample interface configurations based on some typical
networks. The example uses two interfaces called Int1 and Int2. In the case of the
Cisco IronPort appliance, these interface names can represent any two interfaces
out of the three Cisco IronPort interfaces (Management, Data1, Data2).

Network 1:

Separate interfaces must appear to be on separate networks.

Data addressed to

192.168.1.X

(where X is any number from 1 through 255,

except for your own address, 10 in this case) go out on Int1. Anything addressed
to

192.168.0.X

goes out on Int2. Any packet headed for some other address not

in these formats, most likely out on a WAN or the Internet, is sent to the default
gateway, which must be on one of these networks. The default gateway then
forwards the packet on.

Network 2:

The network addresses (network parts of the IP addresses) of two different
interfaces cannot be the same.

This situation presents a conflict in that two different Ethernet interfaces have the
same network address. If a packet from the Cisco IronPort appliance is sent to

192.168.1.11

, there is no way to decide which Ethernet interface should be used

to deliver the packet. If the two Ethernet interfaces are connected to two separate
physical networks, the packet may be delivered to the incorrect network and never
find its destination. The Cisco IronPort appliance does not allow you to configure
your network with conflicts.

Interface

IP Address

Netmask

Net Address

Int1

192.168.1.10

255.255.255.0

192.168.1.0/24

Int2

192.168.0.10