Help Center/ Cloud Firewall/ User Guide/ CFW Protection/ Enabling VPC Border Traffic Protection/ Enterprise Router Mode (New)/ Enabling the VPC Border Firewall and Ensuring the Traffic Passes Through CFW
Updated on 2025-06-27 GMT+08:00

Enabling the VPC Border Firewall and Ensuring the Traffic Passes Through CFW

A new firewall is disabled by default. Traffic passes through the enterprise router without being forwarded to the new firewall. You can enable a VPC border firewall as needed.

Enabling a VPC Border Firewall

  1. Log in to the management console.
  2. Click in the upper left corner of the management console and select a region or project.
  3. In the navigation pane on the left, click and choose Security & Compliance > Cloud Firewall. The Dashboard page will be displayed.
  4. (Optional) Switch to another firewall instance. Select a firewall from the drop-down list in the upper left corner of the page.
  5. In the navigation pane, choose Assets > Inter-VPC Border Firewalls.
  6. Click Enable Protection to the right of Firewall Status.
  7. Click OK.

Verifying That Traffic Passes Through CFW

  1. Generate traffic. For details, see Verifying Network Connectivity.
  2. View logs. In the navigation pane, choose Log Audit > Log Query. Click the Traffic Logs tab and click VPC Border Firewall.

References

For details about how to disable VPC border protection, see Disabling VPC Border Protection.

Follow-up Operations

  • For details about how to add a protected VPC, see Adding a Protected VPC.
  • For details about how to view the traffic trend and statistics of CFW, see Traffic Analysis. For details about traffic records, see Traffic Logs.
  • After protection is enabled, all traffic is allowed by default. CFW will block traffic based on the policies you configure.