Method used to configure the Hybrid interface on USG firewalls?

2

The method used to configure the Hybrid interface on the USG2000, USG5000, and USG6000 is as follows:

The Hybrid interface can be used to connect to both the user host and the other switches.

sys
[USG]vlan batch 2 3 //Create a VLAN.
[USG] interface gigabitethernet 0/0/2
[USG-GigabitEthernet0/0/2]Portswitch //Convert an L3 interface to an L2 interface. If the interface is an L2 interface, this command is not required.
[USG-GigabitEthernet0/0/2]port link-type hybrid //Set the interface type to Hybrid.
[USG-GigabitEthernet0/0/2]port hybrid untagged vlan 2 //Set the packets of VLAN 2 to be sent without carrying tags.
[USG-GigabitEthernet0/0/2]port hybrid pvid vlan 2 //(Optional) Set the default VLAN to VLAN 2 (the default VLAN is VLAN 1 previously).
[USG-GigabitEthernet0/0/2]port hybrid tagged vlan 3 //Set the packets of VLAN 3 to be sent with tags.

Other related questions:
Method used to configure the Trunk interface on USG firewalls
The method used to configure the Trunk interface on the USG2000, USG5000, and USG6000 is as follows: Generally, interfaces of firewalls are L3 interfaces. These L3 interfaces shall be converted to L2 interfaces. sys [USG]vlan batch 2 3 //Create a VLAN. [USG]interface gigabitethernet 0/0/3 [USG-GigabitEthernet0/0/3]Portswitch //Convert an L3 interface to an L2 interface. If the interface is an L2 interface, this command is not required. [USG-GigabitEthernet0/0/3]port link-type trunk //Set the interface type to Trunk (the default value is Hybrid). [USG-GigabitEthernet0/0/3]port trunk allow-pass vlan all //Set the system to permit packets of all VLANs (by default, only packets in VLAN 1 are permitted). [USG-GigabitEthernet0/0/3]port trunk pvid vlan 2 //(Optional) Set the default VLAN to VLAN 2 (the default VLAN is VLAN 1 previously).

Method used to configure the Access interface on USG firewalls
The method used to configure the Access interface on USG firewalls is as follows: Generally, the Access interface is used to connect to a user host. sys [USG]vlan batch 2 //Create a VLAN. [USG]interface gigabitethernet0/0/1 [USG-GigabitEthernet0/0/1]port link-type access //Set the interface type to Access. [USG-GigabitEthernet0/0/1]port default vlan 2 //Add the port to VLAN 2. [USG-GigabitEthernet0/0/1]quit

Configuring interface rate limiting for the USG2000 or USG5000
Configure interface rate limiting for the SRG, USG2000, and USG5000. Configuration method: Run qos lr to configure rate limiting for interfaces. Configuration example: Limit the rate to 1000 kbit/s for packets forwarded by GE interface 0/0/1 of the USG to the Internet. Procedure: 1. For the USG series, add interfaces to security zones and configure inter-zone packet filtering to ensure normal network communication. The configuration procedure is not described here. For the USG BSR and HSR series, you do not need to add interfaces to security zones or configure packet filtering. 2. Configure IP addresses for interfaces of the USG. Configure routes to ensure normal network communication. The configuration procedure is not described here. 3. Configure LR on GE interface 0/0/1 of the USG to limit the traffic forwarded by this interface to the Internet. system-view [USG] interface GigabitEthernet 0/0/1 //Access the interface. [USG-GigabitEthernet0/0/1] qos lr cir 1000 cbs 3000 //Limit the interface rate to 1 Mbit/s. Verification: In any view of the USG, run display qos lr interface [ interface-type interface-number ] and view interface rate limiting configuration. [USG] display qos lr interface GigabitEthernet 0/0/1

Method used to configure a new WAN interface on USG firewalls
Configure the IP address, enable the NAT for the interface, and configure the default route.

If you have more questions, you can seek help from following ways:
To iKnow To Live Chat
Scroll to top