Vpn-Instance Policy Deny - HP MSR Series Command Reference Manual
Hide thumbs
Also See for MSR Series:
- Configuration manual (889 pages) ,
- Command reference manual (684 pages) ,
- Wan access configuration manual (293 pages)
Table of Contents
Advertisement
Related commands
display role
•
permit vlan
•
•
role
vpn-instance policy deny
Use vpn-instance policy deny to enter user role VPN instance policy view.
Use undo vpn-instance policy deny to restore the default user role VPN instance policy.
Syntax
vpn-instance policy deny
undo vpn-instance policy deny
Default
A user role has access to any VPN.
Views
User role view
Predefined user roles
network-admin
Usage guidelines
The vpn-instance policy deny command denies the access of a user role to any VPN.
To restrict the VPN access of a user role to only a set of VPNs:
1.
Use vpn-instance policy deny to deny access to any VPN.
2.
Use permit vpn-instance to specify accessible VPNs.
To configure a VPN, make sure the VPN is permitted by the user role VPN instance policy in use. You can
perform the following tasks on an accessible VPN:
•
Create, remove, or configure the VPN.
Enter the VPN instance view.
•
Specify the VPN in feature commands.
•
Any change to a user role VPN instance policy takes effect only on users who log in with the user role
after the change.
Examples
# Deny the access of user role role1 to any VPN.
<Sysname> system-view
[Sysname] role name role1
[Sysname-role-role1] vpn-instance policy deny
[Sysname-role-role1-vpnpolicy] quit
# Deny the access of user role role1 to any VPN except vpn2.
<Sysname> system-view
[Sysname] role name role1
[Sysname-role-role1] vpn-instance policy deny
37
Advertisement
Table of Contents
