R3166-R3206-HP High-End Firewalls Network Management Configuration Guide-6PW101
391
2. Configuration procedure
NOTE:
In this example, RIP is configured to ensure the reachability among devices.
a. Configure Firewall
# Configure RIP.
<Firewall> system-view
[Firewall] rip
[Firewall-rip-1] network 192.1.1.0
[Firewall-rip-1] network 150.1.0.0
[Firewall-rip-1] network 151.1.0.0
[Firewall-rip-1] quit
# Define Node 10 of policy lab1, so that packets with a length of 64 to 100 bytes are forwarded to the
next hop 150.1.1.2, and packets with a length of 101 to 1000 bytes are forwarded to the next hop
151.1.1. 2.
[Firewall] policy-based-route lab1 permit node 10
[Firewall-pbr-lab1-10] if-match packet-length 64 100
[Firewall-pbr-lab1-10] apply ip-address next-hop 150.1.1.2
[Firewall-pbr-lab1-10] quit
[Firewall] policy-based-route lab1 permit node 20
[Firewall-pbr-lab1-20] if-match packet-length 101 1000
[Firewall-pbr-lab1-20] apply ip-address next-hop 151.1.1.2
[Firewall-pbr-lab1-20] quit
# Apply policy lab1 to GigabitEthernet 0/3.
[Firewall] interface GigabitEthernet 0/3
[Firewall-GigabitEthernet0/3] ip address 192.1.1.1 255.255.255.0
[Firewall-GigabitEthernet0/3] ip policy-based-route lab1
[Firewall-GigabitEthernet0/3] quit
# Configure the IP addresses of the serial ports.
[Firewall] interface GigabitEthernet 0/1
[Firewall- GigabitEthernet0/1] ip address 150.1.1.1 255.255.255.0
[Firewall- GigabitEthernet0/1] quit
[Firewall] interface GigabitEthernet 0/2
[Firewall-GigabitEthernet0/2] ip address 151.1.1.1 255.255.255.0
[Firewall-GigabitEthernet0/2] quit
b. Configure Router
# Configure RIP.
<Router> system-view
[Router] rip
[Router-rip-1] network 10.0.0.0
[Router-rip-1] network 150.1.0.0
[Router-rip-1] network 151.1.0.0
# Configure the IP addresses of the serial ports.
[Router] interface GigabitEthernet 0/1
[Router-GigabitEthernet0/1] ip address 150.1.1.2 255.255.255.0