Hi
I would like to confirm my understanding is correct. Now, let's say, i have 3 sub interface but it is belong to all the same zone and I want to divide three different zones.
Config is quite straight forward so I don't think I need to change but below items are that I want to confirm.
set interface bgroup0.1 ip 10.1..1.1/24
set interface bgroup0.1 nat
set interface bgroup0.2 ip 10.1..2.1/24
set interface bgroup0.2 nat
set interface bgroup0.3 ip 10.1..3.1/24
set interface bgroup0.3 nat
1. change zone from Trust to each zone.
set interface "bgroup0.1" tag 10 zone "Trust"
set interface "bgroup0.2" tag 20 zone "Trust"
set interface "bgroup0.3" tag 30 zone "Trust"
==Change to separate zone==
set interface "bgroup0.1" tag 10 zone “vlan1”
set interface "bgroup0.2" tag 20 zone “vlan2”
set interface "bgroup0.3" tag 30 zone “vlan3”
2. Add new zone into "trust-vr"
set zone “vlan1” vrouter "trust-vr"
set zone “vlan2” vrouter "trust-vr"
set zone “vlan3” vrouter "trust-vr"
3. One MIP question.
since all sub vlan will still have same “trust-vr”, I don’t need to change below MIP setting after 10.10..1.x/24 zone is changed from "Trust" to "Vlan1"
Current MIP setting
set interface "ethernet0/0" mip 1.1.1.15 host 10.10.1.10 netmask 255.255.255.255 vr "trust-vr"
Thanks