Configuring persistent connections on the USG9000 series

16

The USG9000 series supports configuring persistent connections through the CLI. The specific configuration method is as follows:
1. In the user view, run the system-view command to enter the system view.
2. Run the firewall long-link aging-time interval command to set the aging time of an IPv4 persistent connection.
Or run the firewall ipv6 long-link aging-time interval command to set the aging time of an IPv6 persistent connection.
The default aging time of a persistent connection is 168 hours.
3. Configure a persistent connection.
-Configure an interzone persistent connection.
a. Run the firewall interzone [ vpn-instance vpn-instance-name ] zone-name1 zone-name2 command to access the interzone view.
b. Run the firewall long-link acl4-number { inbound | outbound } command to enable the interzone IPv4 persistent connection function.
Or run the firewall ipv6 long-link acl6-number { inbound | outbound } command to enable the interzone IPv6 persistent connection function.
-Configure an intrazone persistent connection.
a. Run the firewall zone [ vpn-instance vpn-instance-name ] [ name ] zone-name command to access the security zone view.
b. Run the firewall long-link acl4-number command to enable the intrazone IPv4 persistent connection function.
Or run the firewall ipv6 long-link acl6-number command to enable the intrazone IPv6 persistent connection function.

Other related questions:
NAT on the USG9000 series
NAT is a type of address translation technology that converts the address in an IPv4 packet header into another address. Generally, the NAT technology is used to convert private addresses in IPv4 packet headers into public addresses so that users on the private network can access the Internet concurrently by using a few public addresses. The NAT technology is usually used to address the issue of public IPv4 address shortage caused by the constant increase in the Internet scale.

Preparations before configuring SSL VPN on the USG9000 series
Preparations before SSL VPN configurations: Preparations before configuring local certificate authentication remove security alarms prompted during SSL VPN user login. Preparations before configuring user authentication confirm user authentication mode.

Prerequisites for configuring a physical server group on the USG9000 series
The prerequisites for configuring a physical server group are as follows: You have obtained IP addresses and ports of physical servers. You have obtained service types or protocol types provided by physical servers. You have obtained the performance and status of each physical server.

If you have more questions, you can seek help from following ways:
To iKnow To Live Chat
Scroll to top