Configuration procedure, Network requirements – H3C Technologies H3C SecPath F1000-E User Manual
Page 284
259
Figure 165 Network diagram
Configuration procedure
# Specify the IP address of interface GigabitEthernet 0/2.
[SecPath] interface GigabitEthernet 0/2
[SecPath-GigabitEthernet0/2] ip address 192.168.10.99 255.255.255.0
# Enable proxy ARP on interface GigabitEthernet 0/2.
[SecPath-GigabitEthernet0/2] proxy-arp enable
[SecPath-GigabitEthernet0/2] quit
# Specify the IP address of interface GigabitEthernet 0/1.
[SecPath] interface GigabitEthernet 0/1
[SecPath-GigabitEthernet0/1] ip address 192.168.20.99 255.255.255.0
# Enable proxy ARP on interface GigabitEthernet 0/1.
[SecPath-GigabitEthernet0/1] proxy-arp enable
[SecPath-GigabitEthernet0/1] quit
After completing preceding configurations, use the ping command to verify the connectivity between
Host A and Host D.
Local proxy ARP configuration example in case of port isolation
Network requirements
As shown in
, Host A and Host B belong to the same VLAN, and connect to the switch via
Ethernet 1/3 and Ethernet 1/1 respectively. The switch connects to the SecPath via Ethernet 1/2.
Configure port isolation on Ethernet 1/3 and Ethernet 1/1 of the switch to isolate Host A from Host B at
Layer 2. Enable local proxy ARP on the SecPath to allow communication between Host A and Host B at
Layer 3.
- H3C SecPath F5000-A5 Firewall H3C SecPath F1000-A-EI H3C SecPath F1000-E-SI H3C SecPath F1000-S-AI H3C SecPath F5000-S Firewall H3C SecPath F5000-C Firewall H3C SecPath F100-C-SI H3C SecPath F1000-C-SI H3C SecPath F100-A-SI H3C SecBlade FW Cards H3C SecBlade FW Enhanced Cards H3C SecPath U200-A U200-M U200-S H3C SecPath U200-CA U200-CM U200-CS H3C SecBlade LB Cards H3C SecPath L1000-A Load Balancer