Configuration example 2, Network requirements, Configuration procedures – H3C Technologies H3C SecCenter UTM Manager User Manual

235

Configuration example 2

Network requirements

The UTM device connects the internal network 4.1.1.0/24 through GigabitEthernet 0/4 and connects the

external network through GigabitEthernet 0/1. Configure IPS, AV, bandwidth control policies on the UTM

device, and configure the UTM device to send logs to the syslog server at 192.168.96.15, which is in the

external network.

Figure 232 Network diagram for configuring UTM and SecCenter

Configuration procedures

Configuring the UTM device

1.

Configure interfaces

Select Device Management > Interface, assign the IP address 192.168.250.214/24 to GigabitEthernet

0/1, and add the interface to zone Untrust. Assign the IP address 4.1.1.1/24 to GigabitEthernet 0/4, and

add the interface to zone Trust.

Figure 233 Configure interfaces

2.

Configure NAT

a.

Configure dynamic NAT on GigabitEthernet 0/1, referencing ACL 3000 and configuring
Easy IP as the address translation mode.