No relevant resource is found in the selected language.
Enterprise
Worldwide
Search
Support Documentation
Huawei Firewall Security Policy Essentials
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
How to Configure Security Policies to Allow SSH (STelnet, SFTP, and SCP)

How to Configure Security Policies to Allow SSH (STelnet, SFTP, and SCP)

Secure Shell (SSH) is a cryptographic network protocol for operating network services (such as remote login and file transfer) securely over an unsecured network. STelnet is the name of the SSH remote login function provided by Huawei to highlight its security compared with Telnet. Secure Copy (SCP) and Secure FTP (SFTP) are SSH-based file transfer protocols.

By default, SSH uses TCP port 22 to establish a connection. You can also customize a port.

Table 7-3 Security policy example — SSH

No.

Name

Source Security Zone

Destination Security Zone

Source Address/Region

Destination Address/Region

Service

Action

101

Allow inbound traffic

Trust

Local

10.1.1.10/24

10.1.1.1/24

ssh (TCP: 22)

permit

102

Allow outbound traffic

Local

Untrust

10.1.2.1/24

10.1.2.10/24

ssh (TCP: 22)

permit

103

Allow transmit traffic

Trust

Untrust

10.1.1.10/24

10.1.2.10/24

ssh (TCP: 22)

permit
Translation
简体中文
Download
Updated: 2023-04-06

Document ID: EDOC1100172313

Views: 122974

Downloads: 552

Average rating:
This Document Applies to these Products

Related Version

Related Documents

Digital Signature File

Digital Signature Authentication Mode
Share
Previous Next

Copyright © 2023 Huawei Technologies Co., Ltd. All rights reserved.

You are going to visit :