Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2157
Views
5
Helpful
10
Replies

configure Cisco ESA C300V

JeddGo80482
Level 1
Level 1

‎02-27-2021 12:58 PM

Hello Community

 

I'm following the doc 

https://www.cisco.com/c/dam/en/us/td/docs/security/content_security/virtual_appliances/Cisco_Content_Security_Virtual_Appliance_Install_Guide.pdf

 

we have 3 interfaces for the virtual appliance. During configuration, we have import, we configured 3 interfaces - MGMT, DATA1 and DATA2

When we configure the interface config for each interface. We lose UI connectivity as we commit.

In reading the guide, do we have to set gateways for each interface, then set routes for traffic?? The guide is unclear on how to proceed with that

Is there a guide that someone can share for end-to-end configuration of ESA's? 

Thanks everyone

Labels:
10 Replies 10

balaji.bandi
Hall of Fame
Hall of Fame

‎02-27-2021 01:07 PM

Make sure you configure the mgmt interface first and start managing using mgmt interface IP. - mgmt route set to mgmt network gateway.

 

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

JeddGo80482
Level 1
Level 1
In response to balaji.bandi

‎02-27-2021 01:17 PM

Hi Balaji

 

Thanks for the quick reply. 

When you say mgmt route ?? - does this mean using the route? or the setgateway ???

Thanks

0 Helpful

balaji.bandi
Hall of Fame
Hall of Fame
In response to JeddGo80482

‎02-27-2021 01:20 PM

Take example :

1. configure mgmt interface 10.10.10.1 gateway 10.10.10.254

2. your Device you using GUI to configure able to reach the 10.10.10.X network before you do any other changes.

 

is this make sense?

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

JeddGo80482
Level 1
Level 1
In response to balaji.bandi

‎02-27-2021 01:43 PM

Hi Balaji

 

does gateway have to be set for all the 3 interfaces?? MGMT, DATA1 and DATA2

They are all on different subnets

Thanks again Balaji

0 Helpful

balaji.bandi
Hall of Fame
Hall of Fame
In response to JeddGo80482

‎02-27-2021 01:46 PM

yes, they need to have a respected gateway each one to communicated to pass the traffic.

 

i assume since you losing the GUI, due to gateway overrides with mgmt or routing.

 

 

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

JeddGo80482
Level 1
Level 1
In response to balaji.bandi

‎02-27-2021 01:48 PM

Thank you very much @balaji.bandi

0 Helpful

JeddGo80482
Level 1
Level 1
In response to balaji.bandi

‎02-27-2021 03:06 PM

Hi @balaji.bandi 

I think thats the main issue. When I use cli - setgateway. It only accepts one gateway. 

I can't find any other way to set gateway on other interfaces - is there any documentation on how to do this??

Thanks

0 Helpful

balaji.bandi
Hall of Fame
Hall of Fame
In response to JeddGo80482

‎02-27-2021 03:11 PM

It only accepts 1 Gateway, you need to add static routes for the respected interface example

 

Data1 :

 

IP address 10.20.20.2 255.255.255.0  gateway is 10.20.20.254 ( it should route towards 10.20.20..254)

then add static route 10.20.20.0/24 network towards 10.20.20.254.

 

Make sense?

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

JeddGo80482
Level 1
Level 1
In response to balaji.bandi

‎02-27-2021 03:14 PM

HI 

ok. that's what I was afraid of. 

have to configure around 15 routes then  

 

Thanks Balaji

0 Helpful

balaji.bandi
Hall of Fame
Hall of Fame
In response to JeddGo80482

‎02-27-2021 03:17 PM

Not sure why 15 routes, if you have that much route requirement, you need to do it to work as expected.

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful
Customers Also Viewed These Support Documents