in my company's numerous projects will be asked to configure the firewall, this article will give you a simple description of how to configure the hardware firewall through a graphical interface, followed by additional information about the firewall. such as high availability, how to configure with commands, and so on.
To do anything is to pay attention to the idea, then the idea of configuring the firewall what? I will give you a simple comb.
Basic Ideas: interface address, Address Book, service book, NAT, Gateway, policy
Detailed Ideas: Intranet interface address, extranet interface address, Address Book, service, service group, source NAT, Gateway (route), policy, destination NAT
1. Configure the interface address
(1), external network interface address (port can be arbitrary)
650) this.width=650; "src=" Https://s4.51cto.com/wyfs02/M01/8C/7C/wKioL1huDb2wAt24AAJ9hl77u4I306.jpg "title=" 1.1. JPG "alt=" wkiol1hudb2wat24aaj9hl77u4i306.jpg "/>
(2), intranet interface address (port can be arbitrary)
650) this.width=650; "src=" https://s2.51cto.com/wyfs02/M02/8C/7F/wKiom1huDb7jjao0AAJNX1sdpMs893.jpg "title=" 1.2. JPG "alt=" wkiom1hudb7jjao0aajnx1sdpms893.jpg "/>
2. Create Address Book
650) this.width=650; "src=" Https://s5.51cto.com/wyfs02/M02/8C/7C/wKioL1huDb_SkXxiAACjgxbZWTc389.jpg "title=" 2.1. JPG "alt=" wkiol1hudb_skxxiaacjgxbzwtc389.jpg "/>
Figure 2.1
650) this.width=650; "src=" Https://s1.51cto.com/wyfs02/M00/8C/7C/wKioL1huDcCQunzqAACuoJrODkw151.jpg "title=" 2.2. JPG "alt=" wkiol1hudccqunzqaacuojrodkw151.jpg "/>
Figure 2.2
3. Set up service and service group
650) this.width=650; "src=" Https://s1.51cto.com/wyfs02/M01/8C/80/wKiom1huDcCzbbHjAAClR-IdI_s421.jpg "title=" 3.1. JPG "alt=" wkiom1hudcczbbhjaaclr-idi_s421.jpg "/>
Figure 3.1
Note: The service can only be added one at a time, cannot add more than one, you must add a
650) this.width=650; "src=" Https://s1.51cto.com/wyfs02/M01/8C/7C/wKioL1huDcCh3m-EAAAoireFsr0898.png "title=" 3.2. PNG "alt=" Wkiol1hudcch3m-eaaaoirefsr0898.png "/>
Figure 3.2
650) this.width=650; "src=" Https://s1.51cto.com/wyfs02/M00/8C/80/wKiom1huDcGxF1--AAA3DVs0Szc790.png "title=" 3.3. PNG "alt=" Wkiom1hudcgxf1--aaa3dvs0szc790.png "/>
Figure 3.3
4. Configure the source NAT proxy to surf the internet
650) this.width=650; "src=" https://s1.51cto.com/wyfs02/M00/8C/7C/wKioL1huDcHiVco3AAHQK-c-va8530.jpg "title=" 4.jpg "alt=" Wkiol1hudchivco3aahqk-c-va8530.jpg "/>
5. Configure Gateway (routing) address
650) this.width=650; "src=" https://s4.51cto.com/wyfs02/M02/8C/80/wKiom1huDcKhXN_TAAGvrUQhJdA966.jpg "title=" 5.jpg "alt=" Wkiom1hudckhxn_taagvruqhjda966.jpg "/>
6, internal network to the outside network access for policy release
650) this.width=650; "src=" https://s4.51cto.com/wyfs02/M01/8C/80/wKiom1huDcKzWxsIAAE-tBGNUMk453.jpg "title=" 6.jpg "alt=" Wkiom1hudckzwxsiaae-tbgnumk453.jpg "/>
7. Destination Address Translation
(1), to provide internal services for the address of the external network
650) this.width=650; "src=" https://s4.51cto.com/wyfs02/M01/8C/7C/wKioL1huDcPj-UM2AAFip18Fajk069.jpg "title=" 7.1. JPG "alt=" wkiol1hudcpj-um2aafip18fajk069.jpg "/>
(2), policy release
650) this.width=650; "src=" https://s4.51cto.com/wyfs02/M02/8C/80/wKiom1huDcagm6KYAAEmY6A9wcw655.jpg "title=" 7.2. JPG "alt=" wkiom1hudcagm6kyaaemy6a9wcw655.jpg "/>
This article is from the "top of the Purple Forbidden" blog, please make sure to keep this source http://zjzd86.blog.51cto.com/6124664/1889407
Rock Network section Firewall graphics configuration