Enable the firewall functions on an AR router

62

All configured firewall functions take effect after the firewall functions are enabled in interzones.
If an interzone contains the Local zone, to enable the firewall functions to take effect in this interzone, run the ip soft-forward enhance enable command in the system view to enable the IP address enhanced forwarding function of the router.
Run the system-view command to access the system view.
Run the firewall interzone zone-name1 zone-name2 command to access the interzone view.
The zone-name1 and zone-name2 have been created by running the firewall zone command.
Run the firewall enable command to enable the firewall functions.
By default, the firewall functions of the interzone are not enabled.
Run the undo firewall enable command to disable the firewall functions of the interzone.
Run the display firewall interzone [ zone-name1 zone-name2 ] command to query information about the interzone.

Other related questions:
Does an AR router support the firewall function
All AR series routers support the firewall function.

Configure the basic firewall functions on an AR router
The basic firewall functions of an AR router include: creating a security zone and adding interfaces into the security zone, creating an interzone and enabling the firewall functions in the interzone, configuring session table aging time, and checking the configuration result. For details about the configuration, see the following content: [Creating a security zone and adding interfaces into the security zone on an AR router] Create a security zone and add interfaces into the security zone on an AR router. [Enabling the firewall functions on an AR router] Enable the firewall functions on an AR router. [Configuring session table aging time of the firewall on an AR router] Configure session table aging time of the firewall on an AR router. For details about configuration of basic firewall functions on AR series routers, see the URL: AR router configuration firewall basic functions.

Does the firewall function of an AR router need a license
The firewall function of an AR router does not need a license.

Configure VRRP on an AR router and connect the router to a firewall for external network access
The roadmap of configuring VRRP on an AR router and connecting the router to a firewall for external network access is as follows: 1. Configure VRRP on an AR router to implement two-node backup, and configure a virtual IP address. 2. Add the Layer 2 interface of a firewall on the intranet side to the same VLAN, and configure a VLANIF address. 3. Add the physical interface and VLANIF interface of the firewall to a security zone, and configure an inter-zone policy. 4. Configure the next hop for the route from the firewall to the intranet as a VRRP virtual IP address so that a normal link can be switched over to if an active link is interrupted. For details about the configuration, see the URL: Example for Connecting the AR to the Firewall Through VRRP.

How to enable the web function on an AR router
The methods of enabling the web function on an AR router are as follows: Method 1: Default web login 1. Connect a PC to the router over the management interface through a network cable. 2. Configure an IP address for the PC. Configurable network segment: 192.168.1.2~192.168.1.254. 3. Open a browser, enter the URL "https://192.168.1.1" in the address bar, and click Enter to enter the user login page. 4. Enter login information. 5. Configure the router through the web NMS page. Note: If you cannot enter the web NMS page, the software version you use does not support the default web login method. Please try the following method: Method 2: Non-default web login 1. Connect a PC to the router over the CON/AUX interface through a console configuration cable. 2. Enable the terminal emulation software on the PC, create a connection, and set an interface for the connection and other communication parameters. 3. Press Enter until the following information is displayed to remind users of configuring a verification code. 4. Connect a PC to the router over the management interface through a network cable. 5. Configure an IP address for the router for management. 6. Enable the web service. 7. Configure an HTTPS user and a user level. 8. Configure an IP address for the PC. 9. Open a browser, enter the URL "https://192.168.1.1" in the address bar, and click Enter to enter the user login page. 10. Configure the router through the web NMS page.

If you have more questions, you can seek help from following ways:
To iKnow To Live Chat
Scroll to top