配置完接口地址之后,默认不通,需要把接口加入安全域,放通域间策略即可。R04XX以后的版本有此情况(可参考我司V7的防火墙)
例:
security-zone intra-zone default permit
acl basic 2000
rule permit
security-zone name Trust
import interface GigabitEthernet 0/0
import interface GigabitEthernet 0/1
quit
zone-pair security source Any destination Any
packet-filter 2000