National Research and Education Network
Education Cloud Data Center
Multi-Channel HD Telemedicine Solution
Over The Top/Multi-Tenant Data Center (OTT/MTDC)
Internet Exchange Point (IXP)
Internet Access Provider (IAP)
Design & Simulation
Planning & Analytics
Oil & Gas IoT
HPC & Operations Management
Digital Urban Rail
Retail Cloud Platform
Enterprise Data Center
Enterprise Cloud Communications
Network Management System
Buy from Huawei
If you want to get more information about your project, you can submit your information and we will contact you as soon as possible.
If your company has signed an eDeal contract with Huawei, please buy your required product/solution via the link below.
Buy from resellers
Search for a nearby reseller and get direct contact information.
Become a Partner
Resources and Support
Huawei Authorized Learning Partner
Huawei Authorized Information and Network Academy
We followed the product document and configured SSLVPN, but can't access intranet after login SSLVPN via SecoClient.
It is no problem but the mechanism is changed after version V500R001C30SPC300. When we enable Network Extension, firewall will check the reverse-route when it send SSLVPN packets. We changed the reverse-route mechanism after V500R001C30SPC300. Firewall define the source zone as the public ip address of SSLVPN Client PC, but don’t define as the SSLVPN Client’s iprivate ip address.
Checked the firewall configuration, it has two same-cost default route, when firewall check the reverse-route of the public ip address, it may come from the two different outbound interface. And the outbound interface have two different zone (Untrust1 or untrust). So you must configure the source zone both Untrust1 and untrust.
Firewall define the source-zone as the route of the public ip address of SSLVPN Client PC but not the private ip address.
Configured the security-policy's source zone as the two outbound interface.
rule name SSLVPN