Method used to configure the Access interface on USG firewalls

2

The method used to configure the Access interface on USG firewalls is as follows:

Generally, the Access interface is used to connect to a user host.
sys
[USG]vlan batch 2 //Create a VLAN.
[USG]interface gigabitethernet0/0/1
[USG-GigabitEthernet0/0/1]port link-type access //Set the interface type to Access.
[USG-GigabitEthernet0/0/1]port default vlan 2 //Add the port to VLAN 2.
[USG-GigabitEthernet0/0/1]quit

Other related questions:
Method used to configure the Access interface on USG firewalls
The method used to configure the Access interface on USG firewalls is as follows: Generally, the Access interface is used to connect to a user host. sys [USG]vlan batch 2 //Create a VLAN. [USG]interface gigabitethernet0/0/1 [USG-GigabitEthernet0/0/1]port link-type access //Set the interface type to Access. [USG-GigabitEthernet0/0/1]port default vlan 2 //Add the port to VLAN 2. [USG-GigabitEthernet0/0/1]quit

Method used to configure the Trunk interface on USG firewalls
The method used to configure the Trunk interface on the USG2000, USG5000, and USG6000 is as follows: Generally, interfaces of firewalls are L3 interfaces. These L3 interfaces shall be converted to L2 interfaces. sys [USG]vlan batch 2 3 //Create a VLAN. [USG]interface gigabitethernet 0/0/3 [USG-GigabitEthernet0/0/3]Portswitch //Convert an L3 interface to an L2 interface. If the interface is an L2 interface, this command is not required. [USG-GigabitEthernet0/0/3]port link-type trunk //Set the interface type to Trunk (the default value is Hybrid). [USG-GigabitEthernet0/0/3]port trunk allow-pass vlan all //Set the system to permit packets of all VLANs (by default, only packets in VLAN 1 are permitted). [USG-GigabitEthernet0/0/3]port trunk pvid vlan 2 //(Optional) Set the default VLAN to VLAN 2 (the default VLAN is VLAN 1 previously).

Method used to configure the Hybrid interface on USG firewalls?
The method used to configure the Hybrid interface on the USG2000, USG5000, and USG6000 is as follows: The Hybrid interface can be used to connect to both the user host and the other switches. sys [USG]vlan batch 2 3 //Create a VLAN. [USG] interface gigabitethernet 0/0/2 [USG-GigabitEthernet0/0/2]Portswitch //Convert an L3 interface to an L2 interface. If the interface is an L2 interface, this command is not required. [USG-GigabitEthernet0/0/2]port link-type hybrid //Set the interface type to Hybrid. [USG-GigabitEthernet0/0/2]port hybrid untagged vlan 2 //Set the packets of VLAN 2 to be sent without carrying tags. [USG-GigabitEthernet0/0/2]port hybrid pvid vlan 2 //(Optional) Set the default VLAN to VLAN 2 (the default VLAN is VLAN 1 previously). [USG-GigabitEthernet0/0/2]port hybrid tagged vlan 3 //Set the packets of VLAN 3 to be sent with tags.

Method used to configure a new WAN interface on USG firewalls
Configure the IP address, enable the NAT for the interface, and configure the default route.

Method used to configure the router-on-a-stick on USG firewalls

The router-on-a-stick can address the limited physical interface resources issue. By configuring multiple subinterfaces, corresponding to different VLANs, for a physical interface, a physical interface can enable different VLANs to communicate with each other. For example, you can configure the router-on-a-stick on the USG2000, USG5000, and USG6000 as follows: [USG] interface GigabitEthernet1/0/3.1//Configure subinterface 1. [USG-GigabitEthernet1/0/3.1] vlan-type dot1q 10//Terminate VLAN 10. [USG-GigabitEthernet1/0/3.1] ip address 10.3.1.1 255.255.255.0//Configure the IP address for the subinterface. [USG-GigabitEthernet1/0/3.1] quit [USG] interface GigabitEthernet1/0/3.2//Configure subinterface 2. [USG-GigabitEthernet1/0/3.2] vlan-type dot1q 20//Terminate VLAN 20. [USG-GigabitEthernet1/0/3.2] ip address 10.3.1.1 255.255.255.0//Configure the IP address for the subinterface.


If you have more questions, you can seek help from following ways:
To iKnow To Live Chat
Scroll to top