config vdom
edit {{vdom}}
config system interface
edit cv{{vlan}}-H{{hno}}
set vlanid {{vlan}}
set interface
port34
port39
port39
set type vlan
set ip {{ip}}
set allowaccess ping
set vdom {{vdom}}
end
config firewall policy
edit 0
set srcintf root_outside_m1 root_outside_m2
set srcintf EntCloud-Out
set srcintf EntCloud-Out1
set dstintf cv{{vlan}}-H{{hno}}
set srcaddr all
set dstaddr all
set schedule always
set service ALL
set logtraffic all
set action accept
set nat disable
end
config firewall policy
edit 0
set srcintf cv{{vlan}}-H{{hno}}
set dstintf root_outside_m1 root_outside_m2
set dstintf EntCloud-Out
set dstintf EntCloud-Out1
set srcaddr all
set dstaddr all
set schedule always
set service ALL
set logtraffic all
set action accept
set nat disable
end
MLX01
no ip prefix-list 10-20-20-122-rootvdom-in seq 9999 deny 0.0.0.0/0 le 32
ip prefix-list 10-20-20-122-rootvdom-in permit {{ip}}
ip prefix-list 10-20-20-122-rootvdom-in seq 9999 deny 0.0.0.0/0 le 32
no ip prefix-list 10-20-20-234-entcloud2-in seq 9999 deny 0.0.0.0/0 le 32
ip prefix-list 10-20-20-234-entcloud2-in permit {{ip}}
ip prefix-list 10-20-20-234-entcloud2-in seq 9999 deny 0.0.0.0/0 le 32
no ip prefix-list 10-20-20-130-entcloud-in seq 9999 deny 0.0.0.0/0 le 32
ip prefix-list 10-20-20-130-entcloud-in permit {{ip}}
ip prefix-list 10-20-20-130-entcloud-in seq 9999 deny 0.0.0.0/0 le 32
MLX02
no ip prefix-list 10-20-20-126-rootvdom-in seq 9999 deny 0.0.0.0/0 le 32
ip prefix-list 10-20-20-126-rootvdom-in permit {{ip}}
ip prefix-list 10-20-20-126-rootvdom-in seq 9999 deny 0.0.0.0/0 le 32
no ip prefix-list 10-20-20-238-entcloud2-in seq 9999 deny 0.0.0.0/0 le 32
ip prefix-list 10-20-20-238-entcloud2-in permit {{ip}}
ip prefix-list 10-20-20-238-entcloud2-in seq 9999 deny 0.0.0.0/0 le 32
no ip prefix-list 10-20-20-134-entcloud-in seq 9999 deny 0.0.0.0/0 le 32
ip prefix-list 10-20-20-134-entcloud-in permit {{ip}}
ip prefix-list 10-20-20-134-entcloud-in seq 9999 deny 0.0.0.0/0 le 32