Huawei router configuration example

One Huawei router (R2621) and one switch (S3026e) each form a VLAN to realize the connection between the virtual network and the physical network. To implement firewall policy and access control (ACL), we used four computers here.

plan description:

The IP addresses and masks of the four PCs are listed as follows:
P1 Gateway IP is
P2 Gateway IP is
P3 Gateway IP is
P4 Gateway IP is
The IP of Ethernet0 on the router is
The IP of Ethernet1 is
firewall is set to deny by default

List of implementation commands:
Set on the switch to divide the VLAN:
// Switch to system view
[Quidway] vlan enable
[Quidway] vlan 2
[Quidway-vlan2] port e0 / 1 to e0 / 8
[Quidway-vlan2] quit
// By default all ports belong to VLAN1, and the eight ports e0 / 1 to e0 / 8 of the specified switch belong to VLAN2
[Quidway] vlan 3
[Quidway-vlan3] port e0 / 9 to e0 / 16
[Quidway-vlan3] quit
// The eight ports e0 / 9 to e0 / 16 of the specified switch belong to VLAN3
[Quidway] dis vlan all
[Quidway] dis cu

Set up on the router to achieve access control:
[Router] interface ethernet 0
[Router-Ethernet0] ip address
[Router-Ethernet0] quit
// Specify the ip of ethernet 0
[Router] interface ethernet 1
[Router-Ethernet1] ip address
[Router-Ethernet1] quit
// Turn on the firewall and set the default to deny
[Router] fire enable
[Router] fire default deny
// Allow to access
// firewall strategy can be added as needed
[Router] acl 101
[Router-acl-101] rule permit ip source desTInaTIon
[Router-acl-101] quit
// Enable rule 101
[Router-Ethernet0] fire pa 101
[Router-Ethernet0] quit
[Router-Ethernet1] fire pa 101
[Router-Ethernet1] quit

