add interface

Function

The add interface command adds interfaces to security zones.

The undo add interface command cancels the above configuration.

Format

add interface interface-type { interface-number | interface-number.subinterface-number }

undo add interface interface-type { interface-number | interface-number.subinterface-number }

Parameters

Parameter Description Value
interface-type interface-number Specifies the type and the number of an interface. The interface can be a GigabitEthernet interface or its subinterface, Eth-Trunk interface or its subinterface, IP-Trunk, POS, or VLANIF interface. Loopback and Null interfaces do not need to be added to security zones.
subinterface-number Specifies the subinterface number. It is an integer ranging from 1 to 4096.The subinterface number can be specified only when interface-type is set to Eth-Trunk or GigabitEthernet.

Views

Security zone view

Default Level

2: Configuration level

Usage Guidelines

Except the Local zone, all the other security zones should be bound with specific interfaces for use, that is, you need to add either physical interfaces or logic interfaces to those zones.

This command can be used repeatedly to add interfaces to security zones. A security zone can contain up to 1024 interfaces.

Example

# Enter the trust zone view and add the interface GigabitEthernet 1/0/0 to the Trust zone.

<sysname> system-view
[sysname] firewall zone trust
[sysname-zone-trust] add interface GigabitEthernet 1/0/0
Related Topics
firewall zone
display zone
Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.