Cisco CSS-11154-AC Configuration Guide - Page 95
Supporting Other Secure Protocols, Example: Configuring a Secure Mail Server, Supporting FIPS
View all Cisco CSS-11154-AC manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 95 highlights
Chapter 4 Using the Configuration Manager Supporting Other Secure Protocols Supporting Other Secure Protocols Along with SSL, Cisco Secure Content Accelerator devices can support other secure protocols using TLS v1.0, SSL v2.0, and SSL v3.0. IMAPS, POP3S, NNTPS, and LDAPS are some examples. The steps below show how to configure the SSL appliance for setting up a secure server to process only POP3S (S-POP) mail. Example: Configuring a Secure Mail Server Note The steps in this example are abbreviated to show only relevant changes from the standard SSL server setup. 1. Initiate a management session as described above. Enter Privileged and Configuration modes. Enter a default router. Enter SSL Configuration mode. 2. Enter Server Configuration mode and create a server named mySecureMail. Assign an IP address and netmask. Assign port 995 for monitoring for POP3S (S-POP) connections and port 110 for sending clear text. Assign the appropriate key, certificate, and security policy. Return to Privileged mode. (config-ssl[myDevice])# server mySecureMail create (config-ssl-server[myServer])# sslport 995 (config-ssl-server[myServer])# remoteport 110 (config-ssl-server[myServer])# finished SCA# 3. Save the configuration to flash memory. If not saved, the configuration is lost during a power cycle or when the reload command is used. SCA# write flash SCA# Supporting FIPS Refer to Chapter 6, FIPS Operation, for instructions to use the Secure Content Accelerator in FIPS-compliant operation mode. 78-13124-06 Cisco 11000 Series Secure Content Accelerator Configuration Guide 4-27