Configuring an interzone policy, Configuration task list, Configuring an interzone policy rule – H3C Technologies H3C SecPath F1000-E User Manual
Page 74: Creating an interzone policy rule
64
Configuring an interzone policy
Configuration task list
NOTE:
Before configuring an Interzone policy, be sure to configure the zones. For information about zone
configuration, see "Zone configuration."
Table 20 Interzone policy configuration task list
Task Remarks
Configuring an interzone policy
rule
Required
Use either method.
By default, no interzone policy rules or interzone policy groups are present
in the system.
IMPORTANT:
•
Before configuring an interzone policy group, configure advanced ACLs
by selecting Firewall > ACL.
•
For a pair of source zone and destination zone, follow the same method
to configure an interzone policy.
•
Up to one interzone policy group can be configured for one pair of
source zone and destination zone.
Configuring an interzone policy
group
Displaying packet statistics of an
interzone policy
Optional
Display the packet statistics of an interzone policy for a pair of source and
destination zones.
Querying policies by IP address
Optional
Query interzone policies by source or destination IP address.
NOTE:
Interzone policy groups do not support query by IP address.
Configuring an interzone policy rule
Creating an interzone policy rule
Select Firewall > Security Policy > Interzone Policy from the navigation tree to enter the interzone policy
rule list page, as shown in
. Then click Add to enter the interzone policy rule (that is the ACL rule)
configuration page, as shown in
- H3C SecPath F5000-A5 Firewall H3C SecPath F1000-A-EI H3C SecPath F1000-E-SI H3C SecPath F1000-S-AI H3C SecPath F5000-S Firewall H3C SecPath F5000-C Firewall H3C SecPath F100-C-SI H3C SecPath F1000-C-SI H3C SecPath F100-A-SI H3C SecBlade FW Cards H3C SecBlade FW Enhanced Cards H3C SecPath U200-A U200-M U200-S H3C SecPath U200-CA U200-CM U200-CS