Руководство Пользователя для Cisco Cisco Email Security Appliance C170
3-7
Cisco IronPort AsyncOS 7.6 for Email Configuration Guide
OL-25136-01
Chapter 3 Setup and Installation
Figure 3-2
Behind the Firewall Scenario / 2 Listeners Configuration
Notes:
•
2 Listeners
•
2 IPv4 addresses
•
2 IPv6 addresses
•
1 or 2 Ethernet interfaces (only 1 interface
shown)
shown)
•
SMTP routes configured
Inbound Listener: “InboundMail” (public)
•
IPv4 address: 1.2.3.4
•
IPv6 address:
2001:0db8:85a3::8a2e:0370:7334
2001:0db8:85a3::8a2e:0370:7334
•
Listener on the Data2 interface listens on
port 25
port 25
•
HAT (accept ALL)
•
RAT (accept mail for local domains; reject
ALL)
ALL)
Outbound Listener: “OutboundMail” (private)
•
IP address: 1.2.3.5
•
IPv6 address:
2001:0db8:85a3::8a2e:0370:7335
2001:0db8:85a3::8a2e:0370:7335
•
Listener on the Data2 interface listens on
port 25
port 25
•
HAT (relay for local domains; reject ALL)
DNS can be configured to use Internet Root servers or
internal DNS servers
internal DNS servers
SMTP routes direct mail to proper groupware server
Firewall ports opened for appropriate services to and
from the Cisco IronPort appliance
from the Cisco IronPort appliance
Groupware server
(Exchange™, Domino™,
Groupwise™)
Ethernet interface: Data 2
Public Listener:
“InboundMail”
Private Listener:
“OutboundMail”
Ethernet interface: Data 2
IP interface: PublicNet (e.g. 1.2.3.5)
SMTP
Firewall
Groupware Client
Internet
IPv4 interface: PublicNet (e.g. 1.2.3.4)
IPv6:
IPv6:
2001:0db8:85a3::8a2e:0370:733