Scribd Logo
Importer

Bienvenue sur Scribd !

  • Single Arm Routing Configuration For Huawei USG2130 Firewall

    Transféré par

    Elizabeth Rich
    143 vues4 pages
    Leading Huawei networking products distributor-huanetwork.com Single Arm Routing Configuration for Huawei USG2130 Firewall

    Titre original

    Single Arm Routing Configuration for Huawei USG2130 Firewall

    Copyright

    © © All Rights Reserved

    Formats disponibles

    DOC, PDF, TXT ou lisez en ligne sur Scribd

    Avez-vous trouvé ce document utile ?

    Ce contenu est-il inapproprié ?

    Signaler ce document
    Leading Huawei networking products distributor-huanetwork.com Single Arm Routing Configuration for Huawei USG2130 Firewall

    Droits d'auteur :

    © All Rights Reserved
    Téléchargez comme DOC, PDF, TXT ou lisez en ligne sur Scribd
    Signaler comme contenu inapproprié
    143 vues4 pages

    Single Arm Routing Configuration For Huawei USG2130 Firewall

    Transféré par

    Elizabeth Rich
    Leading Huawei networking products distributor-huanetwork.com Single Arm Routing Configuration for Huawei USG2130 Firewall

    Droits d'auteur :

    © All Rights Reserved
    Téléchargez comme DOC, PDF, TXT ou lisez en ligne sur Scribd
    Signaler comme contenu inapproprié
    sur 4

    Single arm routing configuration for Huawei USG2130 firewall

    Have you wondered with this: Partition VLAN on switch, and setting the single arm routing on the Huawei USG2130, while VLAN30 can access VLAN10, VLAN20 !ut VLAN10 and VLAN20 are una!le to access the VLAN30"

    Cause analysis: !ecause the USG2130 onl# has a three la#er inter$ace %AN &ort, su&&orts the su! inter$ace &ortand %AN &ort '(0)0)0*, !ased on the current demand, we would !e the &ort as the networ+ inter$ace" ,hrough the creation o$ VLAN, one VLAN inter$ace as the -nternet inter$ace" -$ theVLAN in the same region, to reali.e the VLAN access control is more com&le/" -$ the VLAN inter$ace is di0ided into di$$erent areas, through the reali.ation o$ inter domain &ac+et $iltermethod, which is sim&le and relia!le"

    How to con$igure single arm routing $or Huawei USG2130 $irewall Process: 1 nter su! interface" configure the #P address" and $ac%age the &02'1' 1USG21302int e0)0)0"1 1USG21303(thernet0)0)0"12descri&tion VLAN10 1USG21303(thernet0)0)0"12i& address 142"156"1"1 27 1USG21303(thernet0)0)0"120lan3t#&e dot18 10

    1USG213021USG21302int e0)0)0"2 1USG21303(thernet0)0)0"22descri&tion VLAN20 1USG21303(thernet0)0)0"22i& add 142"156"2"1 27 1USG21303(thernet0)0)0"220lan3t#&e dot18 20

    1USG21302int e0)0)0"3 1USG21303(thernet0)0)0"32descri&tion VLAN30 1USG21303(thernet0)0)0"32i& add 142"156"3"1 27 1USG21303(thernet0)0)0"320lan3t#&e dot18 30

    2 Creating a ()*+ #nternet connection" and configuring the #P' 1USG213020lan 3 1USG213030lan32descri&tion %AN 1USG21302int e1)0)0
    1

    1USG21303(thernet1)0)02&ort access VLAN 3 1USG21302int VLAN 3 1USG21303Vlani$32descri&tion ,93-N,(:N(, 1USG21303Vlani$32i& add 100"100"100"1 30

    3 Custom three regions" and devide the ()*+ interface in the regions" ma%e the (lan 3 into the untrust region' 1USG21302$irewall .one name lan1 ;oined the regional 1USG21303.one3lan12set &riorit# 50 1USG21303.one3lan12add inter$ace e0)0)0"1

    1USG21302$irewall .one name lan2 1USG21303.one3lan22set &riorit# 5< 1USG21303.one3lan22add inter$ace e0)0)0"2

    1USG21302$irewall .one name lan3 1USG21303.one3lan32set &riorit# =0 1USG21303.one3lan32add inter$ace e0)0)0"3

    1USG21302$irewall .one untrust 1USG21303.one3untrust2add inter$ace 0lan3

    , Creating for ()*+ access control !etween the *C)" and a$$lied to ()*+ region' 1USG21302acl 3001 1USG21303acl3ad0330012rule &ermit -P source 142"156"3"0 0"0"0"2<< 1USG21302acl 3002 1USG21303acl3ad0330022rule den# -P source 142"156"1"0 0"0"0"2<< destination 142"156"3 "00"0"0"2<< 1USG21303acl3ad0330022rule den# -P source 142"156"2"0 0"0"0"2<< destination 142"156"3 "00"0"0"2<< 1USG21303acl3ad0330022rule &ermit -P

    1USG21302$irewall inter.one lan1 lan3 1USG21303inter.one3lan33lan12&ac+et3$ilter 3001 out!ound 1USG21303inter.one3lan33lan12&ac+et3$ilter 3001 in!ound
    2

    1USG21302$irewall inter.one lan2 lan3 1USG21303inter.one3lan33lan22&ac+et3$ilter 3001 out!ound 1USG21303inter.one3lan33lan22&ac+et3$ilter 3002 in!ound

    - ./$tional0" change the interface region of thernet01010 1USG21303Vlani$32$ire .one untrust 1USG21303.one3untrust2undo add inter$ace e0)0)0 1USG21303.one3untrust2$irewall >one ,rust 1USG21303.one3trust2add inter$ace e0)0)0

    2 Com$leted the +*3 configuration 1USG21303.one3trust2acl 2000 1USG21303acl3!asic320002rule &ermit source 142"156"0"0 0"0"0"3 1USG21302$irewall inter.one trust untrust 1USG21303inter.one3trust3untrust2nat out!ound 2000 inter$ace VLAN 3

    Summary: due to a networ+ de0ice is limited, in order to meet the s&ecial need to !rea+ the normal &rocedure setting and &lanning, and use
    o$ custom domain USG2130 the t#&e o$ $irewall !etween the &ac+et $iltering and VLAN $unction"

    More related: ,hree switch st#les o$ switches ,he latest 0ersion o$ Huawei switch con$iguration commands? start the @,P ser0ice Aata Benter Switches3Huawei (nd3,o3(nd Aate Benter Networ+ Solution

    4ore Huawei $roducts and 5eviews you can visit: http://www.huanetwork.com/blog

    Huanetwork.com is a world leading Huawei networking products distributor, we wholesale original new Huawei networking equipments, including Huawei switches, Huawei routers, Huaweisymantec security products, Huawei IA , Huawei !"# and other Huawei networking products. $ur customers include telecom operators, Huawei resellers, I!# and system integrators.
    %

    &ight now most o' our sales are contributed by regular customers $ur website: http://www.huanetwork.com (elephone: )*+2,%-+-1./0mail: sales1huanetwork.com Address: 2%/" 2ucky #la3a, %1+,%21 2ockhart &oad, 4anchai, Hongkong

    Vous aimerez peut-être aussi