Verifying the configuration, Port-based vlan configuration example, Network requirements – H3C Technologies H3C SecPath F1000-E User Manual

44

[SecPath] interface vlan-interface 10

[SecPath-Vlan-interface10] ip address 192.168.1.20 24

[SecPath-Vlan-interface10] return

2.

Configure the default gateway of PC A as 192.168.0.10.

3.

Configure the default gateway of PC B as 192.168.1.20.

Verifying the configuration

•

The PCs can ping each other.

•

Display brief information about Layer 3 interfaces on SecPath to verify the configuration.

display ip interface brief

*down: administratively down

(s): spoofing

Interface Physical Protocol IP Address Description

Vlan-interface5 up up 192.168.0.10 Vlan-inte...

Vlan-interface10 up up 192.168.1.20 Vlan-inte...

Port-based VLAN configuration example

In this configuration example, either Device A or Device B is the SecPath firewall.

Network requirements

As shown in

Figure 30

, Host A and Host C belong to Department A, and access the enterprise network

through different devices. Host B and Host D belong to Department B. They also access the enterprise

network through different devices.
To ensure communication security and avoid broadcast storms, VLANs are configured in the enterprise

network to isolate Layer 2 traffic of different departments. VLAN 100 is assigned to Department A, and

VLAN 200 is assigned to Department B.
Make sure that hosts within the same VLAN can communicate with each other. Host A can communicate

with Host C, and Host B can communicate with Host D.

Figure 30 Network diagram

Configuration procedure

1.

Configure Device A:
# Create VLAN 100, and assign port GigabitEthernet 0/1 to VLAN 100.

system-view

[DeviceA] vlan 100

[DeviceA-vlan100] port gigabitethernet 0/1

[DeviceA-vlan100] quit