F3726, F3211, F3174, R5135, R3816-HP Firewalls and UTM Devices Access Control Configuration Guide-6PW100
100
Ste
p
Command
Remarks
2. Enter VD system view. switchto vd vd-name Required for a VD.
3. Enter interzone instance
view.
interzone source souce-zone-name
destination destination-zone-name
N/A
4. Move an ACL in the
interzone policy.
move rule acl [ ipv6 ] acl-number
before insert-acl-number
Optional.
165BDisplaying and maintaining interzone policies
Task Command
Remarks
Display interzone
policy configuration.
display interzone-policy [ ipv6 ] [ vd vd-name ]
[ source sour-zone-name destination
dest-zone-name ] [ | { begin | exclude | include }
regular-expression ]
Available in any view.
Display interzone
policy acceleration
status.
display interzone-policy accelerate [ vd vd-name ]
[ source sour-zone-name destination
dest-zone-name ] [ | { begin | exclude | include }
regular-expression ]
Available in any view.
Support for the display
interzone-policy accelerate
command varies by device
model. For more information,
see Access Control Command
Reference.
Clear the interzone
policy statistics.
reset interzone-policy counter [ vd vd-name ] { all |
source sour-zone-name destination
dest-zone-name }
Available in any view.
166BInterzone policy rule configuration example
331BNetwork requirements
A company interconnects its department through Firewall.
Configure interzone policy rules to permit the president office to access the Web service of the financial
database server through HTTP at any time, permit the financial department to access the Web service of
the financial database server through HTTP only during working hours (from 8:00 to 18:00) on working
days, and deny any other department to access the Web service of the financial database server through
HTTP at any time.