Permit Vpn-Instance - HPE D6020 Maintenance And Service Manual
Hide thumbs
Also See for HPE D6020:
- Maintenance and service manual (54 pages) ,
- User manual (44 pages)
Table of Contents
Advertisement
2.
Verify that you cannot use the user role to work on any VLANs except for VLANs 2, 4, and 50 to
100:
# Verify that you can create VLAN 100 and enter the VLAN view.
[Sysname] vlan 100
[Sysname-vlan100] quit
# Verify that you can add GigabitEthernet 1/0/1 to VLAN 100 as an access port.
[Sysname] interface gigabitethernet 1/0/1
[Sysname-GigabitEthernet1/0/1] port access vlan 100
[Sysname-GigabitEthernet1/0/1] quit
# Verify that you cannot create VLAN 101 or enter the VLAN view.
[Sysname] vlan 101
Permission denied.
Related commands
display role
role
vlan policy deny
permit vpn-instance
Use permit vpn-instance to configure a list of VPN instances accessible to a user role.
Use undo permit vpn-instance to disable the access of a user role to specific VPN instances.
Syntax
permit vpn-instance vpn-instance-name&<1-10>
undo permit vpn-instance [ vpn-instance-name&<1-10> ]
Default
No permitted VPN instances are configured in user role VPN instance policy.
Views
User role VPN instance policy view
Predefined user roles
network-admin
Parameters
vpn-instance-name&<1-10>: Specifies a space-separated list of up to 10 MPLS L3VPN instance
names. Each name is a case-sensitive string of 1 to 31 characters.
Usage guidelines
To permit a user role to access an MPLS L3VPN instance after you configure the vpn-instance
policy deny command, you must add the VPN instance to the permitted VPN instance list of the
policy. With the user role, you can perform the following tasks on the VPN instances in the permitted
VPN instance list:
•
Create, remove, or configure the VPN instances.
•
Enter the VPN instance views.
•
Specify the VPN instances in feature commands.
You can repeat the permit vpn-instance command to add multiple permitted MPLS L3VPN
instances to a user role VPN instance policy.
33
Advertisement
Table of Contents
