Method used to configure the Trunk interface on USG firewalls

2

The method used to configure the Trunk interface on the USG2000, USG5000, and USG6000 is as follows:
Generally, interfaces of firewalls are L3 interfaces. These L3 interfaces shall be converted to L2 interfaces.
sys
[USG]vlan batch 2 3 //Create a VLAN.
[USG]interface gigabitethernet 0/0/3
[USG-GigabitEthernet0/0/3]Portswitch //Convert an L3 interface to an L2 interface. If the interface is an L2 interface, this command is not required.
[USG-GigabitEthernet0/0/3]port link-type trunk //Set the interface type to Trunk (the default value is Hybrid).
[USG-GigabitEthernet0/0/3]port trunk allow-pass vlan all //Set the system to permit packets of all VLANs (by default, only packets in VLAN 1 are permitted).
[USG-GigabitEthernet0/0/3]port trunk pvid vlan 2 //(Optional) Set the default VLAN to VLAN 2 (the default VLAN is VLAN 1 previously).

Other related questions:
Method used to configure the Access interface on USG firewalls
The method used to configure the Access interface on USG firewalls is as follows: Generally, the Access interface is used to connect to a user host. sys [USG]vlan batch 2 //Create a VLAN. [USG]interface gigabitethernet0/0/1 [USG-GigabitEthernet0/0/1]port link-type access //Set the interface type to Access. [USG-GigabitEthernet0/0/1]port default vlan 2 //Add the port to VLAN 2. [USG-GigabitEthernet0/0/1]quit

Method used to configure the Hybrid interface on USG firewalls?
The method used to configure the Hybrid interface on the USG2000, USG5000, and USG6000 is as follows: The Hybrid interface can be used to connect to both the user host and the other switches. sys [USG]vlan batch 2 3 //Create a VLAN. [USG] interface gigabitethernet 0/0/2 [USG-GigabitEthernet0/0/2]Portswitch //Convert an L3 interface to an L2 interface. If the interface is an L2 interface, this command is not required. [USG-GigabitEthernet0/0/2]port link-type hybrid //Set the interface type to Hybrid. [USG-GigabitEthernet0/0/2]port hybrid untagged vlan 2 //Set the packets of VLAN 2 to be sent without carrying tags. [USG-GigabitEthernet0/0/2]port hybrid pvid vlan 2 //(Optional) Set the default VLAN to VLAN 2 (the default VLAN is VLAN 1 previously). [USG-GigabitEthernet0/0/2]port hybrid tagged vlan 3 //Set the packets of VLAN 3 to be sent with tags.

Method used to configure a new WAN interface on USG firewalls
Configure the IP address, enable the NAT for the interface, and configure the default route.

Method used to configure the router-on-a-stick on USG firewalls

The router-on-a-stick can address the limited physical interface resources issue. By configuring multiple subinterfaces, corresponding to different VLANs, for a physical interface, a physical interface can enable different VLANs to communicate with each other. For example, you can configure the router-on-a-stick on the USG2000, USG5000, and USG6000 as follows: [USG] interface GigabitEthernet1/0/3.1//Configure subinterface 1. [USG-GigabitEthernet1/0/3.1] vlan-type dot1q 10//Terminate VLAN 10. [USG-GigabitEthernet1/0/3.1] ip address 10.3.1.1 255.255.255.0//Configure the IP address for the subinterface. [USG-GigabitEthernet1/0/3.1] quit [USG] interface GigabitEthernet1/0/3.2//Configure subinterface 2. [USG-GigabitEthernet1/0/3.2] vlan-type dot1q 20//Terminate VLAN 20. [USG-GigabitEthernet1/0/3.2] ip address 10.3.1.1 255.255.255.0//Configure the IP address for the subinterface.


Method used to modify the interface address on USG firewalls
The method used to modify the interface address on the USG2000, USG5000, and USG6000 is as follows: Access an interface (a management interface or a VLANIF virtual interface). Enter the desired IP address again. Then, the IP address is modified. This command can overwrite the original IP address with the new IP address. The configuration commands are as follows: [USG]interface g0/0/1 [USG-GigabitEthernet0/0/1]ip address 192.168.1.1 24

If you have more questions, you can seek help from following ways:
To iKnow To Live Chat
Scroll to top