F3726, F3211, F3174, R5135, R3816-HP Firewalls and UTM Devices Network Management Configuration Guide-6PW100
263
• Create two subinterfaces for the firewall module's Ten-GigabitEthernet port. Associate them with the
VLANs created on the switch and set the encapsulation type as dot1q.
• Assign IP addresses for the two subinterfaces.
• Add these two subinterfaces to security zones.
NOTE:
To achieve Layer 3 forwardin
g
between VLANs, you can create these VLANs on the swtich and confi
g
ure
the same number of subinterfaces for the Ten-GigabitEthernet interface on the firewall module. Then add
the subinterfaces to security zones.
1300BConfigure the ports of the switch
Ste
p
Command
Remarks
477. Enter system view.
system-view N/A
478. Create a VLAN and enter
VLAN view.
vlan vlan-id N/A
479. Assign access ports to the
VLAN.
port interface-list By default, all ports belong to VLAN 1.
480. Create another VLAN and
enter VLAN view.
vlan vlan-id N/A
481. Assign access ports to the
VLAN.
port interface-list By default, all ports belong to VLAN 1.
482. Enter the view of the
Ten-GigabitEthernet interface
that connects to the firewall
module.
interface
ten-gigabitethernet
interface-number
N/A
483. Configure the link type of the
interface as trunk.
port link-type trunk N/A
484. Assign the trunk port to the
two VLANs.
port trunk permit vlan
{ vlan-id-list | all }
N/A
485. Configure the default VLAN
for the trunk port.
port trunk pvid vlan vlan-id
Optional.
The default VLAN cannot be one of the
previously configured two VLANs.
1301BConfigure the firewall module
Ste
p
Command
Remarks
486. Enter system view.
system-view N/A
487. Enter the view of the
Ten-GigabitEthernet interface
that connects to the switch.
interface ten-gigabitethernet
interface-number
N/A
488. Configure the operating
mode of the interface as Layer
3.
port link-mode route
Optional.
The default operating mode is
Layer 3.