No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

AR500, AR510, and AR530 V200R007 Commands Reference

This document describes all the configuration commands of the device, including the command function, syntax, parameters, views, default level, usage guidelines, examples, and related commands.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
resource acl

resource acl

Function

The resource acl command defines subnet information of the headquarters on the Efficient VPN server.

The undo resource acl command cancels the configuration.

By default, no subnet information of the headquarters is defined on the Efficient VPN server.

Format

resource acl acl-number

undo resource acl

Parameters

Parameter

Description

Value

acl-number

Specifies the number of an advanced ACL.

The value is an integer that ranges from 3000 to 3999.

Views

IKE peer view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

The Efficient VPN server delivers headquarters network information defined in an ACL to the remote device. The ACL defines the headquarters subnets that branches can access. Traffic not destined for the subnets specified in the ACL is directly forwarded to the Internet. Such traffic does not pass through the IPSec tunnel.

When an Efficient VPN policy is configured, this command is used on the Efficient VPN server. You can reference the IKE peer on the Efficient VPN server to implement ACL delivery.

Prerequisites

An advanced ACL has been created.

Precautions

This command is only valid for IKEv1.

The sum of ACL rules pushed by the headquarters and ACL rules configured on the branch cannot exceed 512. Otherwise, the IPSec tunnels cannot be established.

Example

# Configure ACL 3100 that defines headquarters subnet information on the IPSec Efficient VPN server.

<Huawei> system-view
[Huawei] ike peer huawei v1
[Huawei-ike-peer-huawei] resource acl 3100
Translation
Download
Updated: 2019-05-29

Document ID: EDOC1000097293

Views: 91507

Downloads: 124

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next