Network requirements – H3C Technologies H3C SecPath F1000-E User Manual
Page 297
272
Inter-VLAN Layer 3 forwarding configuration
example
Network requirements
As shown in the
, traffic between GigabitEthernet 3/0/1 and GigabitEthernet 3/0/2 is
filtered by a firewall card, and inter-VLAN Layer 3 forwarding needs to be configured.
•
Configure the operating mode of GigabitEthernet 3/0/1 and GigabitEthernet 3/0/2 of the switch
as access. Assign them to VLAN 102 and VLAN 103 respectively.
•
Ten-GigabitEthernet 2/0/1 of the switch connects to ten-GigabitEthernet 0/0 of the firewall card.
Configure the link type of the two interfaces as trunk.
•
Configure the operating mode of ten-GigabitEthernet 0/0 as Layer 2. Create two VLAN interfaces
VLAN-interface 102 and VLAN-interface 103.
•
Assign IP address 102.0.0.3/24 to VLAN-interface 102 and 103.0.0.3/24 to VLAN-interface 103.
•
Add the firewall card's ten-GigabitEthernet interface and the VLAN interfaces to security zones
Trust and Untrust.
- H3C SecPath F5000-A5 Firewall H3C SecPath F1000-A-EI H3C SecPath F1000-E-SI H3C SecPath F1000-S-AI H3C SecPath F5000-S Firewall H3C SecPath F5000-C Firewall H3C SecPath F100-C-SI H3C SecPath F1000-C-SI H3C SecPath F100-A-SI H3C SecBlade FW Cards H3C SecBlade FW Enhanced Cards H3C SecPath U200-A U200-M U200-S H3C SecPath U200-CA U200-CM U200-CS H3C SecBlade LB Cards H3C SecPath L1000-A Load Balancer