6、 在防火墙命令行配置
7、登录web界面
8、防火墙配置
<H3C>system-view //进入系统视图[H3C]sysname fw-1 //修改设备名[fw-1]ip http enable //启动http协议登录[fw-1]interface g1/0/0 //接口ip,根据所连接的网卡进行改动[fw-1-GigabitEthernet1/0/0]ip address 1.1.1.254. 24 //添加网管IP和掩码[fw-1-GigabitEthernet1/0/0]qu //退出[fw-1]ip https enable //启动http协议登录[fw-1]security-zone name trust //安全域[fw-1-security-zone-Trust]import interface g1/0/0 //把接口加入安全域[fw-1-security-zone-Trust]qu //退出[fw-1]object-policy ip manage //ip策略管理[fw-1-object-policy-ip-manage]rule pass //规则动作[fw-1-object-policy-ip-manage]zone-pair security source trust destination local //域间应用[fw-1-zone-pair-security-Trust-Local]object-policy apply ip manage //创建对象策
[fw-1]local-user admin class manage //创建登入web的用户名[fw-1-luser-manage-admin]password simple admin //创建登入web的密码[fw-1-luser-manage-admin]service-type http https //启用http和https的功能[fw-1-luser-manage-admin]authorization-attribute user-role network-admin
