User
Type
Virt
ual
Gate
way
Na
me
Extranet
Interfac
e
Intranet
Interfac
e
AAA
Dom
ain
User Name and
Password
Network
Segment
Mark
eting
perso
nnel
mark
et
Ethernet
2/0/0
Vlanif10 defau
lt
Michael and
Michael123456
Jessica and
Jessica654321
10.135.30.
0/24
NOTE
Choose an AAA domain according to service requirements. For the configuration of an AAA domain, see
AAA Configuration in the Huawei AR1200 Series Enterprise Routers Configuration Guide - Security.
l IP address of extranet interface Ethernet2/0/0: 1.1.1.1/24
l IP address of intranet interface Vlanif10: 10.138.10.254/24
l IP address pool: 10.139.30.0/24
NOTE
Before configuring the SSL VPN gateway, configure the Router as an HTTPS server and ensure that reachable
routes exist between Router, internal servers, and terminals.
Procedure
Step 1 Configure an IP address pool.
<Huawei> system-view
[Huawei] sysname Router
[Router] ip pool market_pool
[Router-ip-pool-company_pool] network 10.139.30.0 mask 24
[Router-ip-pool-company_pool] quit
Step 2 Create a virtual gateway named market.
[Router] sslvpn gateway market
Step 3 Configure the intranet/extranet interfaces and bind an AAA domain to the virtual gateway.
[Router-sslvpn-market] extranet interface ethernet 2/0/0
[Router-sslvpn-market] intranet interface vlanif 10
[Router-sslvpn-market] bind domain default
[Router-sslvpn-market] enable
[Router-sslvpn-market] quit
Step 4 Configure user information.
[Router] aaa
[Router-aaa] local-user liming service-type sslvpn
[Router-aaa] local-user liming password cipher liming123456
[Router-aaa] local-user wangjun service-type sslvpn
[Router-aaa] local-user wangjun password cipher wangjun654321
[Router-aaa] quit
Step 5 Configure SSL VPN services.
Huawei AR1200 Series Enterprise Routers
Configuration Guide - VPN 7 SSL VPN Configuration
Issue 01 (2012-04-20) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
379
To Next Page
Loading...
