Configuring the DDNS for Huawei Firewall

USG2100/2200/5100 BSR/HSR & USG2000/5000 Configuration Guide: Configuring the DNS for Huawei Symantec

When the device serves as the DDNS client, the DNS server can dynamically update the mapping between domain names and IP addresses after notified by the DDNS service provider, ensuring correct IP addresses being resolved from domain names.

Enabling the DDNS

Enabling the DDNS enables other related DDNS functions. Although you can perform related DDNS configurations in the case of DDNS disabled, the configurations do not take effect.

Step 1 Choose Network > DNS > DDNS.

Step 2 Select the Enable check box corresponding to DDNS in Configure DDNS.

Step 3 Click Apply.

If the Operation succeeded dialog box is displayed, the function is successfully enabled.

----End

Creating a DDNS Policy

A DDNS policy is a collection of such information as the DDNS server address, login user name, password, DDNS client domain name, and bound interface. The same DDNS policy can be bound to different interfaces, which simplifies the DDNS configuration.

Step 1 Choose Network > DNS > DDNS.

Step 2 Click Add in DDNS Policy List.

Step 3 Enter or select the parameters

Step 4 Click Confirm.

If the operation succeeds, the new configuration is displayed in DDNS Policy List.

Repeat the previous operations to create multiple DDNS policies.

Modifying a DDNS Policy

Step 1 Choose Network > DNS > DDNS.

Step 2 Click of the line where the entry to be modified resides.

Step 3 Enter or select parameters. Policy Name cannot be modified.

Step 4 Click Confirm.

If the operation succeeds, DDNS Policy List is displayed on the page and data in the list has changed with the configurations.

However, the configuration in Password is invisible in DDNS Policy List.

----End

Viewing the Status of the DDNS Policy

In the case of the DDNS function enabled, if the DDNS policy is bound to an interface, the

interface automatically initiates the update request to the DDNS service provider. When the IP address of the interface changes, or the status of the interface changes, the interface initiates the update request to the DDNS service provider again.

With the DDNS policy status, you can learn about the dynamic update of the mapping between IP addresses and domain names on the DNS server.

Step 1 Choose Network > DNS > DDNS.

Step 2 View Status of the corresponding DDNS policy.

Deleting a DDNS Policy

Step 1 Choose Network > DNS > DDNS.

Step 2 Select the check boxes of multiple entries or the check box in the table header for selecting all.

Step 3 Click Delete.

If the operation succeeds, the entries that are just selected are not displayed in DDNS Policy List.

----End

More related:

Huawei Next Generaion Firewall Comprehensively Resolve Enterprise

Configuration for Huawei Symantec Firewall

How to Enable DST for USG2000/5000

Huawei Firewall USG5300: Configuring System Parameters

Configuring DNS for Huawei Firewall

This chapter will tell how to configure DNS for Huawei Symantec.

The Domain Name System (DNS) establishes the mapping between domain names and IP addresses for easy memorization.

A Domain Name System (DNS) is a host naming mechanism in character string format of TCP/ IP to establish the mapping between domain names and IP addresses. It is a mechanism of mapping easy-to-remember and meaningful domain names to IP addresses recognizable for network devices.

DNS delivers the following functions:

1 Device Serving can be as a DNS Client

2 Device Serving can be as a DNS Proxy

3 Device Serving can be as a DDNS Client

USG2100/2200/5100 BSR/HSR & USG2000/5000 (such as USG2220, USG5310)Configuration Guide: Configuring the DNS for Huawei Symantec

Adding a DNS Server

The DNS server accepts the domain name resolution requests initiated by the DNS client. You can statically set an IP address for the DNS server connected to the device through this task. The IP address of the DNS server is generally provided by the ISP. In addition, it can also be automatically obtained, which requires the connection type of at least one interface to be configured as DHCP or PPPoE.

The priority of the DNS server whose IP address is statically configured is higher than the one whose IP address is dynamically obtained. For the DNS servers whose IP addresses are configured in the same way, the one that has an IP address (either obtaining automatically or configured statically) earlier enjoys a higher priority. When resolving domain names, the device sends query packets (according to the priorities) to DNS servers until the query succeeds.

Step 1 Choose Network > DNS > DNS.

Step 2 Enter the IP address of the DNS server in the DNS Server List text box.

Step 3 Click Add.

If the operation succeeds, the new configuration whose Obtaining Mode is Static is displayed in DNS Server List.

Repeat the previous operations to add the IP addresses of multiple DNS servers.

NOTE

l If the obtaining mode of an entry in DNS Server List is DHCP, the IP address of the DNS server is obtained dynamically through DHCP.

l If the obtaining mode of an entry in DNS Server List is PPPoE, the IP address of the DNS server is obtained dynamically through PPPoE.

----End

Deleting a DNS Server

You can deete only the DNS server IP addresses that are obtained statically, but not those obtained through DHCP/PPPoE. If the interface that is connected through DHCP or PPPoE is physically Down, or the interface fails to be connected through DHCP or PPPoE, the corresponding DNS server IP address is deleted automatically from the DNS server list.

Step 1 Choose Network > DNS > DNS.

Step 2 Select the check boxes of multiple entries or the check box in the table header for selecting all.

Step 3 Click Delete.

If the operation succeeds, the entries that are just selected are not displayed in DNS Server List.

----End

More information about the huawei firewall, please visit:

http://huaweifirewall.blogspot.com/

Configuring the IP link for Huawei symantec

Configuring the IP link for Huawei symantec: 

The IP link function automatically detects the status of the links that are not directly connected to the device. When one link is faulty, route switchover or active/standby switchover is triggered, preventing network interruption.

Enabling IP Link

IP link configurations take effect only after IP Link is enabled.

Step 1 Choose System > High Availability > IP Link.

Step 2 Click Enable corresponding to IP Link Function.

Step 3 Click Apply.

----End

Creating an IP Link

Step 1 Choose System > High Availability > IP Link.

Step 2 Click Add in IP Link List.

Step 3 Enter or select parameters.

Step 4 Click Apply.

----End

Modifying an IP Link

Step 1 Choose System > High Availability > IP Link.

Step 2 Click

 in IP Link List.

Step 3 Enter or select parameters. IP Link ID, Destination Address

Configuration, IP Address, and Domain cannot be modified.

Step 4 Click Apply.

----End

Deleting an IP Link

Step 1 Choose System > High Availability > IP Link.

Step 2 In IP Link List, select the check boxes of entries or the check box in the table header for selecting all.

Step 3 Click Delete.

If the operation succeeds, successful operation is displayed on the page and entries that are just selected are not displayed in the list.

----End

The Huawei Symantec competitive price on huanetwork, the popular model as below:

USG2220

USG2250

USG5310

How to Enable the HTTP/HTTPS Services

An administrator can access the web configuration UI of the Huawei Symantec USG using the HTTP or HTTPS service for intuitive configuration and management.

HTTP and HTTPS are enabled on the USG by default. When users use HTTP for access, the device automatically redirects to use HTTPS instead. If the HTTPS service uses default port 8443 but port 8443 is used by another service, the device does not use HTTPS for HTTP access.

NOTE

Once you have used a service to log in to a USG, the service cannot be disabled, and the port running the service cannot be modified.

Step 1 Choose System > Admin > Settings.

Step 2 Select Enable corresponding to HTTP Service or HTTPS Service.

Step 3 In the HTTP Port or HTTPS Port text box, enter the port number.

The default HTTP port number is 80,and the default HTTPS port number is 8443.

Step 4 Click Apply.

----End

After enabling the HTTP/HTTPS Services, should also know enabling the SFTP/STELNET Services:

SSH File Transfer Protocol (SFTP) is short for the SSH File Transfer Protocol. It guarantees secure file transfer over an insecure network by authenticating the client and encrypting data in bidirectional mode.

STELNET ensures secure Telnet services. It guarantees secure file transfer on a traditional insecure network by authenticating the client and encrypting data in bidirectional mode.

Step 1 Choose System > Admin > Settings.

Step 2 Select Enable corresponding to STELNET Service or SFTP Service.

The STELNET and SFTP services can be enabled simultaneously.

Step 3 Enter or select parameters.

Step 4 Click Apply.

                                                

Setting the Web Service Timeout Period

Web service timeout period: If no operation is performed within this period, you will be informed of an timeout error upon an operation attempt. You must relog in to the system.

The default value is recommended.

Step 1 Choose System > Admin > Settings.

Step 2 In the Web Timeout text box, enter the timeout period of the Web service.

Step 3 Click Apply.

----End

More related Huawei symantec firewall, please visit:

How to Configure System Time for USG2000/5000

Application of the Huawei Firewall USG5300

How to Enable DST for USG2000/5000

Huawei Firewall USG5300: Configuring System Parameters

How to Configure System Time for USG2000/5000

To ensure the coordination with other devices, an accurate system time is required. How to Configure System Time for USG2000/5000 include USG5320, USG5120, below we will tell you the steps:

Setting the Time Manually

Step 1 Choose System > Configuration > Time.

Step 2 Select Manually Set the Time in Configuration Mode.

Step 3 Set Time Zone and Date.

Step 4 Set System Time.

The system time format is: HH:MM:SS (hour/minute/second). Click a time area and then the / button on the right to adjust the system time.

Step 5 Click Apply.

----End

Synchronizing the Time with the Local System Time

After you synchronize the time with the local system time, the device system time is

synchronized with the system time of the terminal (the PC for login to the device).

Step 1 Choose System > Configuration > Time.

Step 2 Select Synchronize the Time with the Local System Time in Configuration Mode.

Step 3 Click Apply.

----End

Synchronizing the Time with the NTP Server

After you synchronize the time with the NTP server, the device system time is synchronized with the system time of the NTP server. A NTP server is required for this mode.

Step 1 Choose System > Configuration > Time.

Step 2 Select Synchronize the Time with the NTP Server in Configuration Mode.

Step 3 Set Time Zone.

Step 4 Optional: Set Date and System Time.

This configuration is recommended. When NTP is normal, Date and System Time are obtained from the NTP server. When NTP is abnormal, the device uses the Date and System Time manually specified.

Step 5 Enter the IP address of the NTP server in NTP Server IP.

If you need to enter multiple NTP server IP addresses, click View/Configure on the right after you have applied the first NTP server. Enter the IP addresses of other NTP servers. Click Add to complete the configuration.

Step 6 Click Apply.

----End

More related:
Application of the Huawei Firewall USG5300
Huawei Firewall USG5300: Configuring System Parameters

How to configure single arm routing for Huawei USG2130 firewall

USG2100: Initializing Web Configurations

Secospace USG2100/2200/5100 BSR/HSR & USG2000/5000 (include USG2130, USG2210, USG5310)Configuration Guide-Web:

Upon your first login to the Web page, you need to initialize the Web page to realize basic

network communication.

Procedure

Step 1 Choose Wizard > Startup Wizard. Configure the host name, system time, Internet interface, and LAN interface.

After configurations in Startup Wizard are complete, LAN hosts can access the Internet through the device.

Step 2 Verify software version and license information.

1. Choose System > Dashboard > Status.

2. Check the current software version on the System Information plane.

You can access Software anytime to check the latest software version.

After the latest software version is downloaded.

3. In the License Information plane, check the current license authorization information.

Licenses may affect certain functions of the device. Therefore, check whether the current

license is consistent with the one purchased. If Deactivate is displayed in License State,

If the current authorization information is different from that in the purchase contract, see How to Obtain Technical Support to contact the technical support personnel.

Step 3 Upgrade the signature database.

The signature database of the device for monitoring viruses and behaviors can be upgraded sustainably from the online upgrade center. Generally, the signature database that you obtained for the first time is not the latest version. You can upgrade it online on the network.

Step 4 Back up the configuration file.

After configurations are initialized, click Save on the upper right of the page to save the current configurations. Then save the current configurations as another configuration file to restore configurations in the case of faults or compare configuration files for fault diagnosis in the future.

This operation is recommended each time you perform big changes on the device configurations.

----End