Guide for Configuring Firewall Long Links

Publication Date:  2012-07-24 Views:  339 Downloads:  0
Issue Description
For the requirements for long links on the live network, the long links on our firewalls are realized through the ACL and are applied to the interzone. However, the long links of the peer vendor T company are applied directly to the ACL.
Alarm Information
Handling Process
1. # Set the aging time of the long link.
[USG5300] firewall long-link aging-time 120
2. # Create advanced ACL 3002 and configure a rule for the packets with destination IP address
[USG5300] acl 3001
[USG5300-acl-adv-3002] rule permit ip destination
[USG5300-acl-adv-3002] quit
3. # Enter the Trust-Untrust interzone view.
[USG5300] firewall interzone trust untrust
4. # Configure the long link.
[USG5300-interzone-trust-untrust] firewall long-link 3001 outbound
Root Cause