How to configure Virtual Gateways?

Question

How to configure Virtual Gateways?

Environment

Cisco Email Security Appliance (ESA)

The Virtual Gateway technology enables users to separate the Cisco Email Security Appliance into multiple Virtual Gateway addresses, from which to send and receive emails. Each Virtual Gateway address is given a distinct IP address, hostname and domain, and email queue.

Before setting up the Cisco Email Security Appliance Virtual Gateway addresses, you must allocate a set of IP addresses that will be used to send emails from. You should also ensure proper configuration of your DNS servers so that the IP addresses resolve to valid hostnames.

Step 1:

• Create new IP interfaces with the IP/hostname pairs from the Network > IP Interfaces page in the WebUI or the interfaceconfig command in the CLI.
• Go to the CLI and group the IP interfaces within the interfaceconfig command:

example.lab> interfaceconfig

Currently configured interfaces:
1. data1 (10.66.71.12/24 on Data 1: example.lab)
2. Domain1 (192.168.1.1/24 on Data 1: domain1.lab)
3. Domain2 (192.168.2.1/24, 2001:db8::/32 on Data 1: domain2.lab)

Choose the operation you want to perform:
- NEW - Create a new interface.
- EDIT - Modify an interface.
- GROUPS - Define interface groups.
- DELETE - Remove an interface.
[]> GROUPS

Choose the operation you want to perform:
- NEW - Create a new group.
[]> NEW

Enter the name for this group.
[]> GroupInt

Enter the name or number of the interfaces to be included in this group.
Separate your choices with commas or specify a range with a dash.
1. data1 (10.66.71.12/24: c150b.lab)
2. Domain1 (192.168.1.1/24 on Data 1: domain1.lab)
3. Domain2 (192.168.2.1/24, 2001:db8::/32 on Data 1: domain2.lab)
[1]> 2,3

Group GroupInt created.

Currently configured IP groups:
1. GroupInt (Domain1, Domain2)

Choose the operation you want to perform:
- NEW - Create a new group.
- EDIT - Modify a group.
- DELETE - Remove a group.
[]>

Step 2:

• Assign MAIL FROM to the Group using the command: altsrchost > New

example.lab> altsrchost

Choose the operation you want to perform:
- NEW - Create a new mapping.
- IMPORT - Load new mappings from a file.
[]> new

Enter the Envelope From address or client IP address for which you want to set up a Virtual Gateway(tm) mapping. Partial addresses
such as "@example.com", "@.com", "user@", or "user@.com" are allowed.
[]> @test.com

Which interface do you want to send messages for @test.com from?
1. data1 (10.66.71.12/24: c150b.lab)
2. Domain1 (192.168.1.1/24 on Data 1: domain1.lab)
3. Domain2 (192.168.2.1/24, 2001:db8::/32 on Data 1: domain2.lab)
IP Groups:
4. GroupInt (Domain1, Domain2)
[1]> 4

Mapping for @test.com on interface GroupInt created.

Choose the operation you want to perform:
- NEW - Create a new mapping.
- EDIT - Modify a mapping.
- DELETE - Remove a mapping.
- IMPORT - Load new mappings from a file.
- EXPORT - Export all mappings to a file.
- PRINT - Display all mappings.
- CLEAR - Remove all mappings.
[]>

• Submit and Commit the changes.

• Apply Destination Control for the recipient domain using the 'destconfig' command.