beautypg.com

Configure the ports of the switch, Configure the firewall card – H3C Technologies H3C SecBlade FW Cards User Manual

Page 6

background image

5

NOTE:

To achieve Layer 3 forwarding between VLANs, you can create these VLANs on the switch and configure
the same number of VLAN interfaces for the ten-GigabitEthernet interface on the firewall card. Then add

the firewall card's ten-GigabitEthernet interface and the VLAN interfaces to security zones..

Configure the ports of the switch

Follow these steps to configure the ports of the switch:

To do…

Use the command

Remarks

Enter system view

system-view

Create a VLAN and enter VLAN
view

vlan vlan-id Required

Assign the access port(s) to the
VLAN

port interface-list

Required
By default, all ports belong to VLAN 1.

Create another VLAN and enter
VLAN view

vlan vlan-id

Required

Assign the access port(s) to the
VLAN

port interface-list

Required
By default, all ports belong to VLAN 1.

Enter the view of the
ten-GigabitEthernet interface that

connects to the firewall card

interface ten-gigabitethernet
interface-number

Required

Configure the link type of the
interface as trunk

port link-type trunk

Required

Assign the trunk port to the two
VLANs

port trunk permit vlan
{ vlan-id-list | all }

Required

Configure the default VLAN for the
trunk port

port trunk pvid vlan vlan-id

Optional
The default VLAN cannot be one of the

previously configured two VLANs.

Configure the firewall card

Follow these steps to configure the firewall card:

To do…

Use the command…

Remarks

Enter system view

system-view

Create two VLANs and
enter VLAN view.

vlan vlan-id

Required

Exit to system view

quit

Enter the view of the
ten-GigabitEthernet

interface that connects to

the switch

interface ten-gigabitethernet
interface-number

Required

Configure the operating
mode of the interface as
Layer 2

port link-mode bridge

Required
The default operating mode is Layer 3.

See also other documents in the category H3C Technologies Safety: