Whether the USG9500 supports fuzzy match when checking blacklist entries


The USG9500 does not support fuzzy match when checking blacklist entries. You need to enter the complete matching conditions.

Other related questions:
Whether the USG2000&5000 series supports adding a network segment to a blacklist entry
You can add only one IP address at a time in the configuration of the blacklist entry on the USG2000&5000 series. To add multiple IP addresses, add them in multiple times.

Whether the USG6000 series supports manually deleting a dynamic blacklist
Blacklist entries can be dynamically or manually deleted.

How to check whether the IP Address of the user is passively added to the Blacklist of the Firewall?
In CLI mode, run the display firewall blacklist item command to view the blacklist of the firewall, and check whether the IP address of the user is on the blacklist. If the IP address of the user is on the blacklist, the firewall directly discards all packets of this user. If the corresponding blacklist entry exists, run the undo firewall blacklist item command to delete the blacklist entry.

Query of policy matching logs on the USG6000 series
By checking policy matching logs, you can learn traffic matching policies and determine whether security policies are correctly configured or achieve expected effects, to facilitate fault locating. Context Only the USG6000 supports policy matching logs, and such logs can be displayed only when a hard disk is installed. For the USG6650/6660/6670/6680, the policy matching log page is displayed no matter whether hard disks are installed. The firewall is deployed between the Internet and the network to be protected. If traffic matches a security policy, a policy matching log is generated. Before querying policy matching logs, run the log type policy enable command on the firewall to enable the policy matching log function. Choose Monitor > Log > Policy Matching Log to view information about policy matching logs. Choose Customize and select/deselect conditions for the display of policy matching logs. Click Export to export policy matching logs in CSV format to the management PC.

Whether the USG9500 virtual system supports configuring subinterfaces
The USG9500 virtual system supports configuring subinterfaces.

If you have more questions, you can seek help from following ways:
To iKnow To Live Chat
Scroll to top