Add to Favorites | Login | Register
Network Security Internet Technology Development Database Servers Mobile Phone Android Software Apple Software Computer Software News IT Information

In addition to Weibo, there is also WeChat

Please pay attention

WeChat public account

Shulou

About us Contact us

Basic configuration of Huawei Firewall USG

2025-01-18 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Network Security >

Share

Shulou(Shulou.com)06/01 Report--

Topology Diagram:

Switch configuration (LAV1):

Vlan batch 10 20 100 / / establish VLAN

Interface GigabitEthernet0/0/1 / / configure the port to be ACCESS and VLAN

Port link-type access

Port default vlan 10

Interface GigabitEthernet0/0/2

Port link-type access

Port default vlan 20

Interface GigabitEthernet0/0/3

Port link-type access

Port default vlan 100

Interface GigabitEthernet0/0/23 / / configure trunk and allow VLAN. Huawei default trunk does not allow any VLAN to pass.

Port link-type trunk

Port trunk allow-pass vlan 10 20

Interface GigabitEthernet0/0/24

Port link-type access

Port default vlan 100

AR1 configuration:

Interface GigabitEthernet0/0/0

Ip address 202.1.1.1 255.255.255.0

Ip route-static 0.0.0.0 0.0.0.0 202.1.1.254

AR2 configuration:

Interface GigabitEthernet0/0/0

Ip address 192.168.1.1 255.255.255.0

Ip route-static 0.0.0.0 0.0.0.0 192.168.1.254

AR3 configuration:

Interface GigabitEthernet0/0/0

Ip address 10.1.1.1 255.255.255.0

Ip route-static 0.0.0.0 0.0.0.0 10.1.1.254

Firewall configuration:

Interface GigabitEthernet0/0/1.10

Vlan-type dot1q 10

Alias GigabitEthernet0/0/1.10

Ip address 202.1.1.254 255.255.255.0

Interface GigabitEthernet0/0/1.20

Vlan-type dot1q 20

Alias GigabitEthernet0/0/1.20

Ip address 192.168.1.254 255.255.255.0

Interface GigabitEthernet0/0/2

Ip address 10.1.1.254 255.255.255.0

# configure the ports included in trust ZONE

Firewall zone trust

Set priority 85

Add interface GigabitEthernet0/0/0

Add interface GigabitEthernet0/0/2

# configure the ports included in untrust ZONE

Firewall zone untrust

Set priority 5

Add interface GigabitEthernet0/0/1.10

# configure the ports included in DMZ ZONE

Firewall zone dmz

Set priority 50

Add interface GigabitEthernet0/0/1.20

# configure Policy

Policy interzone trust untrust outbound

Policy 0

Action permit

Policy source 10.1.1.0 mask 255.255.255.0

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

Views: 0

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.

Tag Search: Configuration Port Firewall Huawei Fire Protection switch ownership Topology Topology Diagram Policy basic configuration vpn macOS Linux MariaDB MySQL Docker Shulou Information Shulou Technology Shulou Tech Info OPPO Reno Redmi Xiaomi NVidia Microsoft Huawei Apple Linux Shulou Information Apple Redmi Docker Xiaomi Shulou Technology MariaDB macOS Huawei Microsoft OPPO Reno NVidia vpn MySQL Shulou Tech Info Linux Shulou Information Apple Redmi Docker Xiaomi Shulou Technology MariaDB macOS Huawei Microsoft OPPO Reno NVidia vpn MySQL Shulou Tech Info

Share To

Related

Network Security

More Network Security >

Latest Network Security More Network Security >

Latest Internet Technology More Internet Technology >

Latest Development More Development >

Latest Database More Database >

Latest Servers More Servers >

Latest Mobile Phone More Mobile Phone >

Latest Android Software More Android Software >

Latest Apple Software More Apple Software >

Latest Computer Software News More Computer Software News >

Latest IT Information More IT Information >

Wechat

About us Contact us Product review car news thenatureplanet

© 2024 shulou.com SLNews company. All rights reserved.

12
Report