No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade
Knowledge Base

FAQ-NGFW 在SSL VPN启用网络扩展后能否实现同一虚拟网关的用户可以互相通讯

Publication Date:  2018-11-13  |   Views:  176  |   Downloads:  0  |   Author:  cWX466219  |   Document ID:  EKB1001985628

Contents

Issue Description

NGFW 在SSL VPN启用网络扩展后能否实现同一虚拟网关的用户可以互相通讯

Solution

可以实现,启用网络扩展功能和网络扩展的点对点通讯功能后,同一虚拟网关的用户可以互相通讯,如同在一个局域网内部;如果客户端路由方式采用手动模式,需将虚拟IP地址池包含在手动模式的IP网段中。

配置命令如下:

启用网络扩展的点对点通讯功能。

<sysname> system-view
[sysname] v-gateway gateway
[sysname-gateway] service
[sysname-gateway-service] network-extension point-to-point enable
  When enabling P2P communication, if the manual routing mode is adopted,       
  you need to configure the virtual IP address pool to belong to the IP         
  network segment in manual mode.