Vpn-Instance Policy Deny - HP 6125XLG Command Reference Manual
Blade switch fundamentals command reference
Hide thumbs
Also See for 6125XLG:
- Layer 3 - ip routing configuration manual (492 pages) ,
- Command reference manual (466 pages) ,
- Configuration manual (414 pages)
Table of Contents
Advertisement
vpn-instance policy deny
Use vpn-instance policy deny to enter user role VPN instance policy view.
Use undo vpn-instance policy deny to restore the default user role VPN instance policy.
Syntax
vpn-instance policy deny
undo vpn-instance policy deny
Default
A user role has access to any VPN.
Views
User role view
Predefined user roles
network-admin
Usage guidelines
The vpn-instance policy deny command denies the access of a user role to any VPN.
To restrict the VPN access of a user role to only a set of VPNs:
1.
Use vpn-instance policy deny to deny access to any VPN.
2.
Use permit vpn-instance to specify accessible VPNs.
To perform any of the following operations, you must make sure the VPN is permitted by the VPN
instance policy of any user role that you are logged in with:
Create, remove, or configure an MPLS L3VPN.
•
Enter its view.
•
•
Specify it in a feature command,
Any change to a user role VPN instance policy takes effect only on users that log in with the user role after
the change.
Examples
# Deny the access of user role role1 to any VPN.
<Sysname> system-view
[Sysname] role name role1
[Sysname-role-role1] vpn-instance policy deny
[Sysname-role-role1-vpnpolicy] quit
# Deny the access of user role role1 to any VPN but vpn2.
<Sysname> system-view
[Sysname] role name role1
[Sysname-role-role1] vpn-instance policy deny
[Sysname-role-role1-vpnpolicy] permit vpn-instance vpn2
Related commands
•
display role
permit vpn-instance
•
role
•
64
Advertisement
Table of Contents
