National Research and Education Network
Education Cloud Data Center
Multi-Channel HD Telemedicine Solution
Over The Top/Multi-Tenant Data Center (OTT/MTDC)
Internet Exchange Point (IXP)
Internet Access Provider (IAP)
Design & Simulation
Planning & Analytics
Oil & Gas IoT
HPC & Operations Management
Digital Urban Rail
Retail Cloud Platform
Enterprise Data Center
Enterprise Cloud Communications
Network Management System
Buy from Huawei
If you want to get more information about your project, you can submit your information and we will contact you as soon as possible.
If your company has signed an eDeal contract with Huawei, please buy your required product/solution via the link below.
Buy from resellers
Search for a nearby reseller and get direct contact information.
Become a Partner
Resources and Support
Huawei Authorized Learning Partner
Huawei Authorized Information and Network Academy
Customer requirements is to give SSL VPN access their employ and other supplier. They would like to create a network extension different for type of user:
- Employ need to reach internal network A e B
- Supplier need to reach internal network B
First we need to follow this configuration example . And we need to add some other configurations to achieve customer’s need.
1, customer need to add a authentication policy for the network extent IP pool.
2, for the network extension, please add network A and B in the accessible private network segment list.
3, in the security policy, please add a policy deny the access to network A with other supplier.
1, create the group and users in the domain.
2, create the SSL VPN with web.
3, Binding ip pool (start with 10.1.1.1) with group1 (for employ). And binding another pool to the group for other supplier.
[sysname] v-gateway abc -into the ssl vpn gateway
[sysname-abc-service] network-extension netpool 10.1.1.1 10.1.1.10 255.255.255.0 -create the ip pool for group1
[sysname-abc-vpndb] group /default/group1 -add the group to v-gateway
[sysname-abc-vpndb] group /default/group1 network-extension netpool 10.1.1.1 -binding the ip pool with group
[sysname-abc-vpndb] display group -
[sysname-abc-vpndb] display user
[sysname-abc-vpndb] display group /default/group1 - Displays detailed information about a user group, including whether the user group is bound to a virtual IP address segment.
4, create a security policy deny the ip pool ( which is binding the group with supplier ) access to network A.
Source zone: ip pool, destination zone: network A. Action: deny