No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search


To have a better experience, please upgrade your IE browser.


CLI-based Configuration Guide - VPN

AR100, AR120, AR150, AR160, AR200, AR1200, AR2200, AR3200, and AR3600 V200R010

This document describes VPN features on the device and provides configuration procedures and configuration examples.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
(Optional) Configuring IPSec Mask Filtering

(Optional) Configuring IPSec Mask Filtering


In scenarios where branches connect to the headquarters, if a branch has a too large protection data flow range configured, traffic of other branches may be incorrectly diverted to the branch. In this case, you can configure IPSec mask filtering to check and restrict access of flow information negotiated by the IPSec tunnel. After this function is configured, the device checks the source and destination IP address masks of the peer device. If the mask values are greater than or equal to the configured values, subsequent negotiation continues. Otherwise, the IPSec SA negotiation fails.


The device checks and restricts the access of flow information only when it adopts the IPSec policy template.


  1. Run system-view

    The system view is displayed.

  2. Run ipsec netmask { source source-mask | [ source source-mask ] destination destination-mask }

    IPSec mask filtering is configured.

    By default, IPSec mask filtering is not configured in the system.

Updated: 2019-08-07

Document ID: EDOC1100033725

Views: 153274

Downloads: 369

Average rating:
This Document Applies to these Products
Related Version
Related Documents
Previous Next