Configure a whitelist of an AR router


A device is added to a whitelist to avoid being added into a blacklist if the legal service packets sent by this device boast the features of IP scan attack and port scan attack.
To configure whitelist entries one by one, do as follows:
Run the system-view command to access the system view.
[Huawei] firewall whitelist ip-address [ vpn-instance vpn-instance-name ] [ expire-time minutes ] //Add whitelist entries one by one.
To configure whitelist entries in batches, do as follows:
By loading the configuration file of the whitelist, whitelist entries can be configured in batches. This configuration file must be configured in advance, and it supports only the text format. The configured whitelist does not need to be enabled, and the whitelist entries automatically take effect.
system-view //Access the system view.
[Huawei] firewall black-white-list load configuration-file configuration-file-name //Load the configuration file of the whitelist.
For details about how to configure the whitelist function of AR series routers using command lines and through the web NMS, see the URL: AR router configuration whitelist .

Other related questions:
Configure security features of a virtual firewall on an AR router
The procedure of configuring security features for a virtual firewall is the same as that of configuring for a common firewall. Each firewall must be separately deployed to meet different firewall service requirements. Security features that can be configured include: packet filtering firewall, ASPF, port mapping, session table aging time, and attack defense. Before configuring the following features, specify a VPN instance: manually adding a blacklist/whitelist and configuring ICMP/SYN/UDP flooding defense. The configured features take effect to the firewall only according to the specified VPN instance. For details about the command for configuring security features of a virtual firewall, see the URL: The AR router configures the security features of the virtual firewall .

WLAN security of AR routers
WLAN security is as follows: User access security: Link authentication, access authentication, and data encryption are used to ensure validity and security of user access on wireless networks. Service security: This feature protects service data of authorized user from being intercepted by unauthorized users during transmission. For details, see WLAN Security Configuration.

Function of TE series endpoint whitelist
The endpoint whitelist is empty by default. That is, all IP addresses are allowed to connect to the endpoint. If an endpoint is deployed in a public network, it is recommended that you add commonly used IP addresses and IP address segments to the whitelist to decrease network attack risks. You must add the IP addresses of the following devices to the whitelist: PC that is used to access the endpoint web interface Videoconferencing MCU SMC2.0 Recording server To configure the whitelist, perform the following steps: 1. Choose System Settings > Whitelist. 2. Select Enable. If Enable is deselected, the whitelist is invalid. That is, all IP addresses are allowed to connect to the endpoint. You can modify the whitelist only after selecting Enable here. 3. Click Add and set IP address and Mask length. 4. Click OK. The settings take effect immediately. To delete a record from the whitelist, select the record and click Delete.

If you have more questions, you can seek help from following ways:
To iKnow To Live Chat
Scroll to top