< Home

add interface (Security zone view)

Function

The add interface command adds interfaces to security zones.

The undo add interface command cancels the above configuration.

Format

add interface interface-type { interface-number | interface-number.subinterface-number }

undo add interface interface-type { interface-number | interface-number.subinterface-number }

Parameters

Parameter Description Value

interface-type interface-number

Specifies the type and the number of an interface.

The interface can be a GigabitEthernet interface or its subinterface, Eth-Trunk interface or its subinterface, tunnel, Virtual-Template, VLANIF, Virtual-if, or Dialer interface.

subinterface-number

Specifies the subinterface number.

It is an integer ranging from 1 to 4096. The subinterface number can be specified only when interface-type is set to Eth-Trunk or GigabitEthernet.

Views

Security zone view

Default Level

2: Configuration level

Usage Guidelines

Except the Local zone, all the other security zones should be bound with specific interfaces for use, that is, you need to add either physical interfaces or logic interfaces to those zones.

This command can be used repeatedly to add interfaces to security zones. A security zone can contain up to 1024 interfaces.

Loopback, and Null interfaces do not need to be added to security zones.

Example

# Enter the trust zone view and add the interface GigabitEthernet 0/0/1 to the Trust zone.

<sysname> system-view
[sysname] firewall zone trust
[sysname-zone-trust] add interface GigabitEthernet 0/0/1
Parent Topic: Zone Configuration Commands
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
Next topic >