44
NOTE:
The vpn-instance policy deny command denies the access of the user role to all VPN instances i
the permit vpn-instance command is not configured.
To configure a VPN instance, make sure the VPN instance is permitted by the user role VPN
instance policy in use. You can perform the following tasks on an accessible VPN instance:
• Create, remove, or configure the VPN instance.
• Enter VPN instance view.
• Specify the VPN instance in feature commands.
Any change to a user role VPN instance policy takes effect only on users who log in with the user role
after the change.
Examples
# Enter user role VPN instance policy view of role1, and deny the access of role1 to all VPN
instances.
<Sysname> system-view
[Sysname] role name role1
[Sysname-role-role1] vpn-instance policy deny
[Sysname-role-role1-vpnpolicy] quit
# Enter user role VPN instance policy view of role1, and deny the access of role1 to all VPN
instances except for vpn2.
<Sysname> system-view
[Sysname] role name role1
[Sysname-role-role1] vpn-instance policy deny
[Sysname-role-role1-vpnpolicy] permit vpn-instance vpn2
Related commands
display role
permit vpn-instance
role
To Next Page
Loading...
Need help?
General