Help Center/
Cloud Firewall/
User Guide/
Enabling VPC Border Traffic Protection/
Enterprise Router Mode (New)/
Enabling the VPC Border Firewall and Ensuring the Traffic Passes Through CFW
Updated on 2024-12-18 GMT+08:00
Enabling the VPC Border Firewall and Ensuring the Traffic Passes Through CFW
A new firewall is disabled by default. Traffic passes through the enterprise router without being forwarded to the new firewall. You can enable a VPC border firewall as needed.
Enabling a VPC Border Firewall
- Log in to the management console.
- Click
in the upper left corner of the management console and select a region or project. - In the navigation pane on the left, click
and choose . The Dashboard page will be displayed. - (Optional) Switch firewall instance: Select a firewall from the drop-down list in the upper left corner of the page.
- In the navigation pane, choose Assets > Inter-VPC Border Firewalls.
- Click Enable Protection to the right of Firewall Status.
- Click OK.
Verifying That Traffic Passes Through CFW
- Generate traffic. For details, see Verifying Network Connectivity.
- Viewing logs. In the navigation pane, choose . Click the tab and click VPC Border Firewall.
- If a log is generated, CFW is protecting the traffic between VPCs.
- If no logs are recorded, check the configurations of the enterprise router. For details, see Configuring the Enterprise Router to Direct Traffic to the Cloud Firewall.
Follow-up Operations
- For details about how to add a protected VPC, see Adding a Protected VPC.
- After protection is enabled, all traffic is allowed by default. CFW will block traffic based on the policies you configure.
- To implement traffic control, configure a protection policy. For details, see Adding an Internet Boundary Protection Rule or Adding Blacklist or Whitelist Items to Block or Allow Traffic.
- Allow or block traffic based on protection rules.
- Traffic allowing rule: The allowed traffic will be checked by functions such as intrusion prevention system (IPS) and antivirus.
- Traffic blocking rule: Traffic will be directly blocked.
- Allow or block traffic based on the blacklist and whitelist:
- Whitelist: Traffic will be directly allowed without being checked by other functions.
- Blacklist: Traffic will be directly blocked.
- Allow or block traffic based on protection rules.
- For details about how to block network attacks, see Blocking Network Attacks.
- To implement traffic control, configure a protection policy. For details, see Adding an Internet Boundary Protection Rule or Adding Blacklist or Whitelist Items to Block or Allow Traffic.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
The system is busy. Please try again later.
For any further questions, feel free to contact us through the chatbot.
Chatbot
