Method for using external IP addresses to manage the USG2000&5000 series

13

If you want to log in to and manage the firewall through external IP addresses, try to configure address/port mapping on the management PC and map the login address of the firewall to an external IP address.

Other related questions:
Method for using external IP addresses to manage the USG6000 series
If you want to log in to and manage the firewall through external IP addresses, try to configure address/port mapping on the management PC and map the login address of the firewall to an external IP address.

Configuring an address set for the USG2000&5000 series
The USG2000&5000 series supports configuring an address set using the web UI or CLI. An address set can contain IP addresses, network segments, IP address ranges, and MAC addresses and be contained in another address set. Configuring an address set using the web UI: Choose Firewall > Address > Address Set and then click Create in Address Set List. Enter or select the address set name and description, reference the address or address set, configure the IP address, and click Apply. Configuring an address set using the CLI: 1. Run the ip address-set address-set-name [ type { object | group } | vpn-instance vpn-instance-name ] * command in the system view to create an address set and access its view. 2. Run the address [ id ] { ip-address { 0 | wildcard | mask { mask-address | mask-len } } | range start-ip-address end-ip-address | address-set address-set-name | mac-address } [ description description ] command to add a member to this address set. You can run this command repeatedly to add multiple members to this address set. 3. Run the description text command to configure the address set description.

Configuration of using a non-management interface to manage the USG2000&5000 series
To use a non-management interface to manage the USG2000&5000 series, you can configure as follows: 1. Choose Network > Interface > Interface on the web page. 2. On the interface editing page, select Enable Access Management and the corresponding protocol. This configuration has a higher priority than security policies. After enabling access management on the interface, even if the security policy between the local zone and the interface locating security zone is disabled, as an administrator, you can still log in to the device through the interface.

If you have more questions, you can seek help from following ways:
To iKnow To Live Chat
Scroll to top