No relevant resource is found in the selected language.
Enterprise
Worldwide
Search
Support Documentation
Huawei Firewall Security Policy Essentials
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
How to Configure Security Policies to Allow Telnet

How to Configure Security Policies to Allow Telnet

Common management protocols, such as Telnet, SSH and FTP, have similar service models. The following uses Telnet as an example. As shown in Figure 7-1, there are three types of traffic on a network:

  • Inbound traffic: Telnet traffic from a management terminal to the IP address of an interface on a firewall
  • Outbound traffic: Telnet traffic from a firewall to the IP address of a server
  • Traffic traversing a firewall: Telnet traffic from a management terminal to the IP address of a server through a firewall
Figure 7-1 Three types of traffic (Telnet traffic used as an example)
The security policies for the three types of traffic are as follows. The source and destination security zones and source and destination IP addresses are different in the security policies.
security-policy
 rule name "Allow inbound traffic"    
 //Set the security policy name. Include the name that contains spaces in quotation marks. 
  source-zone trust    
  destination-zone local  
  source-address 10.1.1.10 24
  destination-address 10.1.1.1 24
  service telnet                       //Specify the service for which the security policy is configured.
  action permit
 rule name "Allow outbound traffic"     
  source-zone local    
  destination-zone untrust  
  source-address 10.1.2.1 24
  destination-address 10.1.2.10 24
  service telnet                      
  action permit
 rule name "Allow transmit traffic"
  source-zone trust    
  destination-zone untrust  
  source-address 10.1.1.10 24
  destination-address 10.1.2.10 24
  service telnet        
  action permit

Table 7-1 describes the preceding security policies.

Table 7-1 Security policy example — Telnet

No.

Name

Source Security Zone

Destination Security Zone

Source Address/Region

Destination Address/Region

Service

Action

101

Allow inbound traffic

Trust

Local

10.1.1.10/24

10.1.1.1/24

telnet (TCP: 23)

permit

102

Allow outbound traffic

Local

Untrust

10.1.2.1/24

10.1.2.10/24

telnet (TCP: 23)

permit

103

Allow transmit traffic

Trust

Untrust

10.1.1.10/24

10.1.2.10/24

telnet (TCP: 23)

permit
Translation
简体中文
Download
Updated: 2023-04-06

Document ID: EDOC1100172313

Views: 124500

Downloads: 563

Average rating:
This Document Applies to these Products

Related Version

Related Documents

Digital Signature File

Digital Signature Authentication Mode
Share
Previous Next

Copyright © 2023 Huawei Technologies Co., Ltd. All rights reserved.

You are going to visit :