No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search


To have a better experience, please upgrade your IE browser.

Knowledge Base

Guide for Configuring Firewall Long Links

Publication Date:  2012-07-21  |   Views:  601  |   Downloads:  0  |   Author:  anliku  |   Document ID:  EKB1000010380


Issue Description

For the requirements for long links on the live network, the long links on our firewalls are realized through the ACL and are applied to the interzone. However, the long links of the peer vendor T company are applied directly to the ACL.

Alarm Information


Handling Process

1. # Set the aging time of the long link.
[USG5300] firewall long-link aging-time 120
2. # Create advanced ACL 3002 and configure a rule for the packets with destination IP address
[USG5300] acl 3001
[USG5300-acl-adv-3002] rule permit ip destination
[USG5300-acl-adv-3002] quit
3. # Enter the Trust-Untrust interzone view.
[USG5300] firewall interzone trust untrust
4. # Configure the long link.
[USG5300-interzone-trust-untrust] firewall long-link 3001 outbound

Root Cause