No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Web-based Configuration Guide

AR650, AR1600, and AR6100 V300R003

This document describes how to configure and maintain your routers using the web platform.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Zone Policy

Zone Policy

Context

Before configuring a firewall, you need to create related zones. You can deploy security services according to the security priorities of the zones. The device considers that data transmission within a zone is reliable; therefore, it does not enforce any security policy on intra-zone data transmission. The device verifies the data and enforces the security policies only when data flows from one zone to another.

You must configure a priority for a zone before making other configurations. The priority cannot be changed. The priorities of zones cannot be the same. A larger value indicates a higher priority.

The device automatically creates a zone named Local. The Local zone has the highest priority and cannot be deleted. In addition, the priority of this zone cannot be changed, and no interface can be added to this zone. To apply the firewall function to the control packets that need to be processed by the device, use the Local zone.

The firewall takes effect only after interfaces are added to the zone.

Procedure

  • Creating a zone policy
    1. Access the Zone Policy tab page.

      Log in to the web platform and choose Security > Firewall > Zone Policy, as shown in Figure 14-15.
      Figure 14-15  Configuring zone policy

    2. Click Create and set parameters in the Create Zone dialog box that is displayed, as shown in Figure 14-16. Table 14-5 describes the parameters.

      Figure 14-16  Creating a zone

    3. Click OK. A zone policy is added to the zone policy list.

      Table 14-5  Zone policy parameters

      Parameter

      Description

      Zone name

      Name of a zone.

      A domain named local exists on the device by default. The priority of this domain varies according to device model.

      Priority

      Priority of the zone.

      The priority of this domain varies according to device model.

      Select Interface

      Interfaces added to the zone. Interfaces in the Available Interface area can be added to the zone, and interface in Selected Interface area have been added to the zone. You can click or to move interfaces to one area to another.

  • Modifying a zone policy
    1. Access the Zone Policy tab page.

      Log in to the web platform and choose Security > Firewall > Zone Policy.

    2. Click of a zone policy.
    3. In the Modify Zone dialog box that is displayed, modify parameters listed in Table 14-5.The parameters are the same as those in Figure 14-16.
    4. Click OK.
  • Deleting a zone policy
    1. Access the Zone Policy tab page.

      Log in to the web platform and choose Security > Firewall > Zone Policy.

    2. Select a zone policy and click Delete. In the Information dialog box that is displayed, click OK.
  • Search a zone policy
    1. Access the Zone Policy tab page.

      Log in to the web platform and choose Security > Firewall > Zone Policy.

    2. Select Zone name or Interface name from the Search item drop-down list box, enter a keyword, click Search. You can view, modify, or delete a searched zone policy.
Download
Updated: 2019-04-12

Document ID: EDOC1100041803

Views: 35707

Downloads: 92

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next