Solved: ironport s170 interfaces config

Abd Mhd · ‎09-13-2013

hi all

when i config p2 via cli with this

advancedproxyconfig >

miscellaneous

is that mean i should connect p2 to external

Vance Kwan · ‎09-14-2013

Hi Mohammed,

If I am understanding your question correctly, no, the P2 does not have to be external. You can configure it any way you'd like and controlling it using Static Routes. However, as a best practice, I would recommend P2 to speak to internal clients and have P1 speak to the external. I work for TAC and when you enable the remote access for cases, it will use the P1. So if the P1 does not have any internet access, it will be difficult to enable it.

I do not see any correlation with advancedproxyconfig > miscellaneous in regards to the interfaces. Can you clarify?

-Vance

View solution in original post

Vance Kwan · ‎09-14-2013

Hi Mohammed,

If I am understanding your question correctly, no, the P2 does not have to be external. You can configure it any way you'd like and controlling it using Static Routes. However, as a best practice, I would recommend P2 to speak to internal clients and have P1 speak to the external. I work for TAC and when you enable the remote access for cases, it will use the P1. So if the P1 does not have any internet access, it will be difficult to enable it.

I do not see any correlation with advancedproxyconfig > miscellaneous in regards to the interfaces. Can you clarify?

-Vance

Abd Mhd · ‎09-15-2013

thank u very much vance for your replay

i will try p1 speak to internet and p2 speak to internal

Abd Mhd · ‎09-15-2013

firewalll

| 192.168.2.1

|

|P1 192.168.2.2

ironport

|P2 192.168.1.2

|

switch

hi all

can i config my network like above the ironport in explicit mod i configure nat to forward web traffic to p1

and the default route on p2 to 192.168.2.1 and also configure client proxy setting to192.168.1.2

and can i replace the firewall with internet modem directly