EasyManua.ls Logo

Huawei AR1200-S - Checking the Configuration; Configuring ASPF; Establishing the Configuration Task

Huawei AR1200-S
308 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
The entries in the whitelist take effect directly and you do not need to enable the whitelist
function.
A blacklist supports up to 32 entries, and a whitelist supports up to 32 entries.
----End
Follow-up Procedure
Run the firewall black-white-list save command to save the blacklist and whitelist to the
specified configuration file to load next time.
3.6.4 Checking the Configuration
After the whitelist is configured, you can view information about the whitelist.
Procedure
l Run the display firewall whitelist { all | ip-address [ vpn-instance vpn-instance-name ] |
vpn-instance vpn-instance-name } command to view information about the whitelist.
----End
Example
Run thedisplay firewall whitelist { all | ip-address [ vpn-instance vpn-instance-name ] | vpn-
instance vpn-instance-name } command to view information about the whitelist.
<Huawei> display firewall whitelist all
Firewall whitelist items :
------------------------------------------------------------------------
IP-Address Expire-Time(m) Vpn-Instance
------------------------------------------------------------------------
1.1.1.1 3 vpn1
1.1.1.2 Permanent vpn2
1.1.1.3 6
------------------------------------------------------------------------
Total number is : 3
3.7 Configuring ASPF
The ASPF function can detect sessions that attempt to traverse the application layer and deny
the undesired packets. In addition, ASPF enables application protocols that cannot traverse
firewalls to function properly.
3.7.1 Establishing the Configuration Task
Before configuring ASPF, familiarize yourself with the applicable environment, complete the
pre-configuration tasks, and obtain the data required for the configuration. This will help you
complete the configuration task quickly and accurately.
Applicable Environment
When data is transmitted between two zones, ASPF checks the packets at the application layer
and discards the unmatched packets.
Huawei AR1200-S Series Enterprise Routers
Configuration Guide - Security 3 Firewall Configuration
Issue 02 (2012-03-30) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
61

Table of Contents

Related product manuals