Method used to configure a new WAN interface on USG firewalls

1

Configure the IP address, enable the NAT for the interface, and configure the default route.

Other related questions:
Method used to configure the Trunk interface on USG firewalls
The method used to configure the Trunk interface on the USG2000, USG5000, and USG6000 is as follows: Generally, interfaces of firewalls are L3 interfaces. These L3 interfaces shall be converted to L2 interfaces. sys [USG]vlan batch 2 3 //Create a VLAN. [USG]interface gigabitethernet 0/0/3 [USG-GigabitEthernet0/0/3]Portswitch //Convert an L3 interface to an L2 interface. If the interface is an L2 interface, this command is not required. [USG-GigabitEthernet0/0/3]port link-type trunk //Set the interface type to Trunk (the default value is Hybrid). [USG-GigabitEthernet0/0/3]port trunk allow-pass vlan all //Set the system to permit packets of all VLANs (by default, only packets in VLAN 1 are permitted). [USG-GigabitEthernet0/0/3]port trunk pvid vlan 2 //(Optional) Set the default VLAN to VLAN 2 (the default VLAN is VLAN 1 previously).

Method used to configure the Access interface on USG firewalls
The method used to configure the Access interface on USG firewalls is as follows: Generally, the Access interface is used to connect to a user host. sys [USG]vlan batch 2 //Create a VLAN. [USG]interface gigabitethernet0/0/1 [USG-GigabitEthernet0/0/1]port link-type access //Set the interface type to Access. [USG-GigabitEthernet0/0/1]port default vlan 2 //Add the port to VLAN 2. [USG-GigabitEthernet0/0/1]quit

Method used to configure the Hybrid interface on USG firewalls?
The method used to configure the Hybrid interface on the USG2000, USG5000, and USG6000 is as follows: The Hybrid interface can be used to connect to both the user host and the other switches. sys [USG]vlan batch 2 3 //Create a VLAN. [USG] interface gigabitethernet 0/0/2 [USG-GigabitEthernet0/0/2]Portswitch //Convert an L3 interface to an L2 interface. If the interface is an L2 interface, this command is not required. [USG-GigabitEthernet0/0/2]port link-type hybrid //Set the interface type to Hybrid. [USG-GigabitEthernet0/0/2]port hybrid untagged vlan 2 //Set the packets of VLAN 2 to be sent without carrying tags. [USG-GigabitEthernet0/0/2]port hybrid pvid vlan 2 //(Optional) Set the default VLAN to VLAN 2 (the default VLAN is VLAN 1 previously). [USG-GigabitEthernet0/0/2]port hybrid tagged vlan 3 //Set the packets of VLAN 3 to be sent with tags.

Whether the L2 interface of USG firewalls can function as a WAN interface?
The L2 interface of USG firewalls can function as a WAN interface. The WAN interface mentioned here refers to an interface connected to an external network, generally an optical fiber of a carrier. IP addresses cannot be directly configured for L2 interfaces. Therefore, you can use the VLANIF interface as the WAN interface (L3 interface). The configuration is as follows: 1. Choose Network > Interface. Create a VLAN interface, and set parameters such as the IP address, mask, and gateway.2. Choose Network > Interface. Change the mode of the corresponding L2 interface to Access, and add the configured VLAN interface.

Method used to change the license on USG firewalls
1. If functions controlled by a license need to be expanded or added, you need to acquire a license file again. Perform the steps for applying for a license file. The license center automatically combines the original license file and the license file for a new feature and generates a new license file. 2. If the previous license file is used on device A and it will be used on device B, seek help from the license management center, by sending the device ESN, LAC, contract No. and change information to license@huawei.com.

If you have more questions, you can seek help from following ways:
To iKnow To Live Chat
Scroll to top