For the requirements for long links on the live network, the long links on our firewalls are realized through the ACL and are applied to the interzone. However, the long links of the peer vendor T company are applied directly to the ACL.
1. # Set the aging time of the long link.
[USG5300] firewall long-link aging-time 120
2. # Create advanced ACL 3002 and configure a rule for the packets with destination IP address 10.1.1.4.
[USG5300] acl 3001
[USG5300-acl-adv-3002] rule permit ip destination 10.10.10.0 0.0.255.255
3. # Enter the Trust-Untrust interzone view.
[USG5300] firewall interzone trust untrust
4. # Configure the long link.
[USG5300-interzone-trust-untrust] firewall long-link 3001 outbound