Method used to configure the mutual access between VLANs by configuring the VLANIF interface on USG firewalls

The method used to configure the mutual access between VLANs by configuring the VLANIF interface on USG firewalls is as follows:

Create VLAN100 and VLAN200.
Set interface GigabitEthernet 0/0/1 to an L2 Trunk interface that allows the packets from VLAN100 and VLAN200.
Configure the IP address for the VLANIF interface.
Add the VLANIF interface to the security zone and configure the security policy.
Set the gateway address of the host to the IP address of the VLANIF interface.
[USG] interface Vlanif100
[USG-Vlanif100] ip address 120.1.1.1 255.255.255.0 //Configure the IP address for the VLANIF interface.
[USG-Vlanif100] quit
[USG] interface Vlanif200 //Configure the VLANIF interface.
[USG-Vlanif200] ip address 130.1.1.1 255.255.255.0
[USG-Vlanif100] quit
[USG] interface GigabitEthernet 0/0/1
[USG-GigabitEthernet0/0/1] portswitch //Configure the system to convert an interface to an L2 interface.
[USG-GigabitEthernet0/0/1] port link-type trunk //Set the interface type to Trunk.
[USG-GigabitEthernet0/0/1] port trunk permit vlan 100 200 //Set the interface to transparently transmit packets from VLAN100 and VLAN200.
[USG-GigabitEthernet0/0/1] quit
[USG] firewall zone trust //Add the interface to the zone.
[USG-trust] add interface Vlanif100
[USG-trust] add interface Vlanif200

Scroll to top