No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Packet filtering is disabled after USG2100(V100R005) changing the 3 layer interface to 2 layer

Publication Date:  2012-09-13 Views:  243 Downloads:  0
Issue Description
USG2100(V100R005) changed the 3 layer interface to 2 layer, accede to untrust area, accede internal network 2 layer interface to trust area, accede the two interfaces to the same VLAN, all the packet filtering is forbidden.
PC1----trust   firewall   untrust----PC2
PC1 can communicate with PC2 too.
Alarm Information
NULL
Handling Process
Forbid all the packet filtering, don’t accede interface to the area. PC1 can communicate with PC2, data is not processed by CPU. Shutdown the overall fast forwarding, PC1 cannot ping PC2, the command is: undo l2fwdfast enable.
Root Cause
Open the fast forwarding function overall, packets do not pass over packet filtering by soft packet. (switch board card is not controlled by packet filtering )
Suggestions
The feature of new version relates to the packets processing flow.

END