Interworking between SACG and TSM ACL 3099 can’t be compiled directly to customize the interworking policy of TSM

Publication Date:  2012-09-17 Views:  243 Downloads:  0
Issue Description
When the version V100T003 of USG5300 do the interworking with TSM, if we hope to open the right of some PC, we can connect to the back region without the authentication of TSM Agent, and follow the way in the version V100T003 of USG5300, to compile the list of ACL 3099 directly, But when we input the ACL 3099 under the system view, the system clew “command fault”.
[USG5360]acl 3099
             ^
% Wrong parameter found at '^' position.
Alarm Information
none
Handling Process
If we want to give the rights to pc 1.1.1.1 and 1.1.1.20 and the pc in the network segment from 2.2.2.1 to 2.2.2.10, we can configure as below:

[USG5360]policy right-manager
[USG5360-policy-rightmanager]policy 1
[USG5360-policy-rightmanager-1]policy source 1.1.1.1 0
[USG5360-policy-rightmanager-1]policy source 1.1.1.20 0
[USG5360-policy-rightmanager-1]policy source range 2.2.2.1 2.2.2.10
[USG5360-policy-rightmanager-1]action permit
[USG5360-policy-rightmanager-1]quit
[USG5360-policy-rightmanager]policy 1 enable
Info: The policy is enabled.

And then with the commands below to verifier:

[USG5360-policy-rightmanager]dis policy right-manager
policy right-manager
policy 1 (2 times matched)
action permit
policy source 1.1.1.1 0
policy source 1.1.1.20 0
policy source range 2.2.2.1 2.2.2.10
policy destination any
Root Cause
In the version V100T003 of USG5300, the method to edit the ACL 3099 directly is ameliorated.
We can enter into the TSM interworking policy view with the command policy right-manager, and add some policy customized.
With that command to enter into the TSM interworking policy view, we can configure 1000 TSM interworking policy at most by the command policy policy-id. In the ACL 2099, the rules from 0 to 999 are the TSM interworking policy with the ID from 0 to 999.
Suggestions
Notification: can’t use the display acl 3099 to consult this rule.

END