R3166-R3206-HP High-End Firewalls Network Management Configuration Guide-6PW101
100
Configuration Procedure
1. Configure the ports on the switch.
# Create VLAN 102 and VLAN 103. Assign GigabitEthernet 3/0/1 to VLAN 102 and GigabitEthernet
3/0/2 to VLAN 103.
<Sysname> system-view
[Sysname] vlan 102
[Sysname-vlan102] port GigabitEthernet 3/0/1
[Sysname-vlan102] vlan 103
[Sysname-vlan103] port GigabitEthernet 3/0/2
[Sysname-vlan103] quit
# Configure the link type of Ten-GigabitEthernet 2/0/1 as trunk and assign the trunk port to VLAN 102,
and VLAN 103.
[Sysname] interface Ten-GigabitEthernet 2/0/1
[Sysname-Ten-GigabitEthernet2/0/1] port link-type trunk
[Sysname-Ten-GigabitEthernet2/0/1] port trunk permit vlan 102 103
2. Configure the firewall card
# Create VLAN 102, VLAN 103 and VLAN 1000.
<Sysname> system-view
[Sysname] vlan 102 to 103
[Sysname] vlan 1000
[Sysname-vlan1000] quit
# Configure the link type of Ten-GigabitEthernet 0/0 as trunk and operating mode as Layer 2. Assign the
trunk port to VLAN 102, VLAN 103, and VLAN 1000.
[Sysname] interface Ten-GigabitEthernet 0/0
[Sysname-Ten-GigabitEthernet0/0] port link-mode bridge
[Sysname-Ten-GigabitEthernet0/0] port link-type trunk
[Sysname-Ten-GigabitEthernet0/0] port trunk permit vlan 102 103 1000
# Configure two subinterfaces Ten-GigabitEthernet 0/0.102 and Ten-GigabitEthernet 0/0.103.
Configure them as access ports and set the operating mode to Layer 2. Assign the two interfaces to VLAN
1000.
[Sysname-Ten-GigabitEthernet0/0] interface Ten-GigabitEthernet0/0.102
[Sysname-Ten-GigabitEthernet0/0.102] port link-mode bridge
[Sysname-Ten-GigabitEthernet0/0.102] port link-type access
[Sysname-Ten-GigabitEthernet0/0.102] port access vlan 1000
[Sysname-Ten-GigabitEthernet0/0.102] interface Ten-GigabitEthernet0/0.103
[Sysname-Ten-GigabitEthernet0/0.103] port link-mode bridge
[Sysname-Ten-GigabitEthernet0/0.103] port link-type access
[Sysname-Ten-GigabitEthernet0/0.103] port access vlan 1000
# Add ten-GigabitEthernet 0/0.102 to security zone Trust.