Технические ссылки для Cisco Cisco Email Security Appliance C170
62
Cisco AsyncOS 9.1 for Email CLI Reference Guide
Chapter 3 The Commands: Reference Examples
General Management/Administration/Troubleshooting
Example - Configuring Network Access List
You can control from which IP addresses users access the Email Security appliance. Users can access
the appliance from any machine with an IP address from the access list you define. When creating the
network access list, you can specify IP addresses, subnets, or CIDR addresses.
the appliance from any machine with an IP address from the access list you define. When creating the
network access list, you can specify IP addresses, subnets, or CIDR addresses.
AsyncOS displays a warning if you do not include the IP address of your current machine in the network
access list. If your current machine’s IP address is not in the list, it will not be able to access the appliance
after you commit your changes.
access list. If your current machine’s IP address is not in the list, it will not be able to access the appliance
after you commit your changes.
In the following example, network access to the appliance is restricted to two sets of IP addresses:
mail.example.com> adminaccessconfig
Choose the operation you want to perform:
- BANNER - Configure login message (banner) for appliance administrator login.
- WELCOME - Configure welcome message (post login message) for appliance administrator
login.
- IPACCESS - Configure IP-based access for appliance administrative interface.
- CSRF - Configure web UI Cross-Site Request Forgeries protection.
- HOSTHEADER - Configure option to use host header in HTTP requests.
- TIMEOUT - Configure GUI and CLI session inactivity timeout.
[]> ipaccess
Current mode: Allow All.
Please select the mode:
- ALL - All IP addresses will be allowed to access the administrative interface.
- RESTRICT - Specify IP addresses/Subnets/Ranges to be allowed access.
- PROXYONLY - Specify IP addresses/Subnets/Ranges to be allowed access through proxy.
- PROXY - Specify IP addresses/Subnets/Ranges to be allowed access through proxy or
directly.
[]> restrict
List of allowed IP addresses/Subnets/Ranges:
Choose the operation you want to perform:
- NEW - Add a new IP address/subnet/range.
[]> new
Please enter IP address, subnet or range.
[]> 192.168.1.2-100
List of allowed IP addresses/Subnets/Ranges:
1. 192.168.1.2-100
Choose the operation you want to perform:
- NEW - Add a new IP address/subnet/range.
- EDIT - Modify an existing entry.
- DELETE - Remove an existing entry.
- CLEAR - Remove all the entries.
[]> new
Please enter IP address, subnet or range.
[]> 192.168.255.12
List of allowed IP addresses/Subnets/Ranges:
1. 192.168.1.2-100