Configure the basic firewall functions on an AR router

20

The basic firewall functions of an AR router include: creating a security zone and adding interfaces into the security zone, creating an interzone and enabling the firewall functions in the interzone, configuring session table aging time, and checking the configuration result.
For details about the configuration, see the following content:
[Creating a security zone and adding interfaces into the security zone on an AR router] Create a security zone and add interfaces into the security zone on an AR router.
[Enabling the firewall functions on an AR router] Enable the firewall functions on an AR router.
[Configuring session table aging time of the firewall on an AR router] Configure session table aging time of the firewall on an AR router.
For details about configuration of basic firewall functions on AR series routers, see the URL: AR router configuration firewall basic functions.

Other related questions:
Does an AR router support the firewall function
All AR series routers support the firewall function.

Does the firewall function of an AR router need a license
The firewall function of an AR router does not need a license.

Enable the firewall functions on an AR router
All configured firewall functions take effect after the firewall functions are enabled in interzones. If an interzone contains the Local zone, to enable the firewall functions to take effect in this interzone, run the ip soft-forward enhance enable command in the system view to enable the IP address enhanced forwarding function of the router. Run the system-view command to access the system view. Run the firewall interzone zone-name1 zone-name2 command to access the interzone view. The zone-name1 and zone-name2 have been created by running the firewall zone command. Run the firewall enable command to enable the firewall functions. By default, the firewall functions of the interzone are not enabled. Run the undo firewall enable command to disable the firewall functions of the interzone. Run the display firewall interzone [ zone-name1 zone-name2 ] command to query information about the interzone.

How to configure an ACL through the web NMS on an AR router
Log in to the web NMS, and choose Security > ACL. Click a tab page to configure basic ACL, advanced ACL, or Layer 2 ACL. Configure a basic ACL so that the AR router can categorize IPv4 or IPv6 packets based on the source and destination IP addresses as well as time period carried in the packets. Configure an advanced ACL so that the AR router can categorize IPv4 or IPv6 packets based on the source and destination IP addresses, source and destination interface numbers, protocol type, priorities, as well as time period carried in the packets. Configure a Layer 2 ACL so that the AR router can categorize packets based on link layer information such as the source and destination MAC addresses and Layer 2 protocol type. Select a tab page, and click new on the configuration list. In the displayed dialog box, enter an ACL name. For the basic ACL and advanced ACL, an ACL type must be set. In the new configuration entry, click add and configure parameters. For details, see the URL: The AR router configures the VLANIF interface to implement inter-VLAN communication.

If you have more questions, you can seek help from following ways:
To iKnow To Live Chat
Scroll to top