Shulou(Shulou.com)06/01 Report--

Recently, due to work, I need to configure an H3C F100AG2 firewall. Because of the large number of ports in the firewall, I want to save a switch, directly open the remaining ports of the firewall in layer 2 mode, and then assign them to the same VLAN and use them as switching ports. The following are the main points of brief configuration:

1. Enable the port layer 2 mode, and then the port is delimited into the default VLAN1 by default

2. Join the VLAN virtual interface and layer 2 physical interface to the security domain at the same time. Remember, otherwise cross-domain access will not occur.

3. If you need to access the public network, you need to do NAT.

4. The most important point is that you need to enable the policy in the domain, otherwise, even with all the above configurations, the same VLAN, the same security domain and the same IP address range will not work. The command is as follows: security-zone intra-zone default permit

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.