R3166-R3206-HP High-End Firewalls Network Management Configuration Guide-6PW101
98
To do… Use the command…
Remarks
Configure the operating mode of
the interface as Layer 2
port link-mode bridge
Required
The default operating mode is
Layer 3.
Configure the link type of the
ten-GigabitEthernet interface as
trunk
port link-type trunk Required
Assign the trunk port to the
specified VLANs
port trunk permit vlan { vlan-id-list
| all }
Required
The VLAN of the firewall and the
VLANs of the subinterfaces of the
ten-GigabitEthernet interface must
be included.
Create a subinterface of the
ten-GigabitEthernet interface and
enter subinterface view
interface ten-gigabitethernet
interface-number.subnumber
Required
The subnumber must be one of the
VLAN IDs created on the switch.
Configure the operating mode of
the subinterface as Layer 2
port link-mode bridge
Required
The operating mode must be
consistent with that of the
ten-GigabitEthernet interface.
Configure the link type of the
subinterface as access
port link-type access
Optional
By default, the link type of a
subinterface is access.
Assign the subinterface to the
VLAN of the firewall card
port access vlan vlan-id Required
Add the subinterface to a security
zone
Enter the Web page and select
System > Zone. On the modify
zone page, add the subinterface to
a zone.
Required
This security zone is for incoming
packets.
Create another subinterface and
enter subinterface view
interface ten-gigabitethernet
interface-number.subnumber
Required
The subnumber must be the ID of
the other VLAN created on the
switch.
Configure the operating mode of
the subinterface as Layer 2
port link-mode bridge
Required
The operating mode must be
consistent with that of the
ten-GigabitEthernet interface.
Configure the link type of the
subinterface as access
port link-type access
Optional
By default, the link type of a
subinterface is access.
Assign the subinterface to the
VLAN of the firewall card
port access vlan vlan-id Required
Add the subinterface to a security
zone
Enter the Web page and select
System > Zone. On the modify
zone page, add the subinterface to
a zone.
Required
This security zone is for outgoing
packets.