網絡 拓撲圖:
system-view
進入系統視圖,鍵入Ctrl+Z退回到使用者視圖。
配置GigabitEthernet 0/0/1工作在交換模式。
[USG6300]interface GigabitEthernet 0/0/1
[USG6300-GigabitEthernet0/0/1]portswitch
[USG6300-GigabitEthernet0/0/1]quit
把GigabitEthernet 0/0/1加入Trust區域。
[USG6300]firewall zone trust
[USG6300-zone-trust]add interface GigabitEthernet 0/0/1
[USG6300-zone-trust]quit
配置GigabitEthernet 0/0/2工作在交換模式。
[USG6300]interface GigabitEthernet 0/0/2
[USG6300-GigabitEthernet0/0/2]portswitch
[USG6300-GigabitEthernet0/0/2]quit
把GigabitEthernet 0/0/2加入Untrust區域。
[USG6300]firewall zone untrust
[USG6300-zone-untrust]add interface GigabitEthernet 0/0/2
[USG6300-zone-untrust]quit
修改預設安全政策為允許
[USG6300]security-policy
[USG6300-policy-security]default action permit
Warning:Setting the default packet filtering to permit poses security risks. You are advised to configure the security policy based on the actual data flows. Are you sure you want to continue?[Y/N]y
[USG6300-policy-security]
修改安全政策為禁止(預設為禁止,是以修改完看不到)
[USG6300]security-policy
[USG6300-policy-security]default action deny
啟用web管理
預設使用者:admin
預設密碼:[email protected]
預設管理口:GigabitEthernet 0/0/0
預設IP:192.168.0.1
位址:https://192.168.0.1:8443