USG12004安全域OSPF配置
切换到虚拟墙配置安全域信息
[CFW]switch vsys server <CFW-server>dis current-configuration 2024-07-21 02:03:45.702 # switch vsys server # interface Vlanif4000 ip binding vpn-instance server ip address 10.200.48.2 255.255.255.252 service-manage ping permit # interface Vlanif4001 ip binding vpn-instance server ip address 10.200.48.6 255.255.255.252 service-manage ping permit # firewall zone local set priority 100 # firewall zone trust set priority 85 add interface Vlanif4001 # firewall zone untrust set priority 5 add interface Vlanif4000 # firewall zone dmz set priority 50 # security-policy default action permit
切换到PUBLIC配置SERVER虚拟墙的OSPF路由
ospf 1 router-id 10.200.48.6 vpn-instance server default-route-advertise bfd all-interfaces min-tx-interval 1000 min-rx-interval 1000 spf-schedule-interval millisecond 5000 opaque-capability enable area 0.0.0.0 network 0.0.0.0 255.255.255.255