Configuring the VPN instance policy of a user role

Step

Command

Remarks

1. Enter system view.

system-view

N/A

2. Enter user role view.

role name role-name

N/A

3. Enter user role VPN instance policy view.

vpn-instance policy deny

By default, the VPN instance policy of the user role permits access to all VPNs.

This command denies the access of the user role to all VPNs if the permit vpn-instance command is not configured.

4. (Optional.) Specify a list of VPNs accessible to the user role.

permit vpn-instance vpn-instance-name&<1-10>

By default, no accessible VPNs are configured in user role VPN instance policy view.

Repeat this step to add more accessible VPNs.