To Next Page

To Previous Page

• Create, remove, or configure the VLAN.

• Enter VLAN view.

• Specify the VLAN in feature commands.

Any change to a user role VLAN policy takes effect only on users who log in with the user role after

the change.

Examples

# Enter user role VLAN policy view of role1, and deny the access of role1 to all VLANs.

<Sysname> system-view

[Sysname] role name role1

[Sysname-role-role1] vlan policy deny

[Sysname-role-role1-vlanpolicy] quit

# Enter user role VLAN policy view of role1, and deny the access of role1 to all VLANs except for

VLANs 50 to 100.

<Sysname> system-view

[Sysname] role name role1

[Sysname-role-role1] vlan policy deny

[Sysname-role-role1-vlanpolicy] permit vlan 50 to 100

Related commands

display role

permit vlan

role

vpn-instance policy deny

Use vpn-instance policy deny to enter user role VPN instance policy view.

Use undo vpn-instance policy deny to restore the default.

Syntax

vpn-instance policy deny

undo vpn-instance policy deny

Default

A user role has access to all VPN instances.

Views

User role view

Predefined user roles

network-admin

Usage guidelines

To restrict the VPN instance access of a user role to a set of VPN instances, perform the following

tasks:

1. Use vpn-instance policy deny to enter user role VPN instance policy view.

2. Use permit vpn-instance to specify accessible VPN instances.

HPE FlexFabric 5940 SERIES Fundamentals Command Reference

Other manuals for HPE FlexFabric 5940 SERIES