09-30-2013 03:12 PM
Hai,
I am doing a POC for one of my customer in cisco Email Security using VMWARE UCS server. I installed Cisco c300v os on the vmware and is working fine.
my issue is, i was not getting seperate routing table for data and management interface same as applaince.
In vmware, i had created 2 ethernet port . 1 for management and another for data. managemnt interface connected on the management ethernet and same for data.
So, how can i achieve seperate routing table for data and management?????
this is a big issue, otherwise i have to open all the ports in data interface where my smtp communciation is happening. kidnly advise, if any body face this issue???
09-30-2013 08:35 PM
Dear Team,
Kindly let me know, if you have any solution for the above. Without this 1 am not able to download the ironport updates.
Regards,
fayz
10-01-2013 10:33 AM
Fayz -
When you say "ironport updates", do you mean updates for IPAS (Ironport AntiSpam) and AV (Sophos or McAfee)? What is the updater log reporting when you are trying to get updates? Is your virtual ESA licensed correctly?
What is the version of the virtual ESA you have loaded? (Should be 8.0.0.671; run 'version')
What is the updateconfig set for on your virtual appliance? Please run the 'updateconfig' command, and at the first response, please enter 'dynamichost'.
#########################
myesa_2.local> updateconfig
Service (images): Update URL:
------------------------------------------------------------------------------
Feature Key updates http://downloads.ironport.com/asyncos
McAfee Anti-Virus definitions Cisco IronPort Servers
RSA DLP Engine Updates Cisco IronPort Servers
PXE Engine Updates Cisco IronPort Servers
Sophos Anti-Virus definitions Cisco IronPort Servers
IronPort Anti-Spam rules Cisco IronPort Servers
Intelligent Multi-Scan rules Cisco IronPort Servers
Outbreak Filters rules Cisco IronPort Servers
Timezone rules Cisco IronPort Servers
Cisco IronPort AsyncOS upgrades Cisco IronPort Servers
IMS Secondary Service rules Cisco IronPort Servers
Service (list): Update URL:
------------------------------------------------------------------------------
McAfee Anti-Virus definitions Cisco IronPort Servers
RSA DLP Engine Updates Cisco IronPort Servers
PXE Engine Updates Cisco IronPort Servers
Sophos Anti-Virus definitions Cisco IronPort Servers
IronPort Anti-Spam rules Cisco IronPort Servers
Intelligent Multi-Scan rules Cisco IronPort Servers
Outbreak Filters rules Cisco IronPort Servers
Timezone rules Cisco IronPort Servers
Service (list): Update URL:
------------------------------------------------------------------------------
Cisco IronPort AsyncOS upgrades Cisco IronPort Servers
Update interval: 5m
Proxy server: not enabled
HTTPS Proxy server: not enabled
Choose the operation you want to perform:
- SETUP - Edit update configuration.
[]> dynamichost
Enter new manifest hostname:port
[stage-stg-updates.ironport.com:443]>
#########################
Verify Port 80 or 443 access to update servers.
From the CLI, please verify you can access the following servers on port 80 or 443 outbound:
myesa_2.local> telnet updates.ironport.com 80
Trying 208.90.58.25...
Connected to origin-updates.ironport.com.
Escape character is '^]'.
^]
telnet> quit
Connection closed.
myesa_2.local> telnet downloads.ironport.com 80
Trying 173.223.232.105...
Connected to a173-223-232-105.deploy.static.akamaitechnologies.com.
Escape character is '^]'.
^]
telnet> quit
Connection closed.
#########################
-Robert
10-01-2013 10:41 AM
Dear Robert,
Thank you very much for your reply.
My issue is in vmware enviorement, i cannot see any sepearte routing table for management and data. Both are clubbed in VM. I am using Data interface (p1) for mail communication on port 25. I cannot allow all the destination using that Interface. So for update and all i need to use management interface.
So the issue is , i cannot set only 1 default route from ESA in vmware since we are having only 1 routing table.
in normal Email security appliance, we can see options to set m1 interface to appliance management only check box.
Kindly advise.
Regards,
Fayz
10-06-2013 01:23 AM
Hai Dears,
Any Update for Cisco Ironport ESA on vmware?? Y i am not able to create a seperate interface for management only ???
as of now, i cannot create seperate routing table for data and management.!!!!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide