F3726, F3211, F3174, R5135, R3816-HP Firewalls and UTM Devices Access Control Command Reference-6PW100

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module

161

162

163

164

165

166

167

168

169

170

155

Syntax

authorization dvpn { local | none | radius-scheme radius-scheme-name [ local ] }

undo authorization dvpn

Default

The default authorization method for the ISP domain is used for DVPN users.

Views

ISP domain view

Default command level

2: System level

Parameters

local: Performs local authorization.

none: Does not perform any authorization exchange. In this case, an authenticated LAN user can access

the network directly.

radius-scheme radius-scheme-name: Specifies a RADIUS scheme by its name, a case-insensitive string of

1 to 32 characters.

Usage guidelines

The specified RADIUS scheme must have been configured.

The RADIUS authorization configuration takes effect only when the authentication method and

authorization method of the ISP domain use the same RADIUS scheme.

The following matrix shows the authorization dvpn command and firewalls and UTM devices

compatibility:

Hardware Command com

atible

F1000-A-EI/F1000-S-EI No

F1000-E Yes

F5000 Yes

Firewall module Yes

U200-A No

U200-S No

Examples

# Configure ISP domain test to use local authorization for DVPN users.

<Sysname> system-view

[Sysname] domain test

[Sysname-isp-test] authorization dvpn local

# Configure ISP domain test to use RADIUS authorization scheme rd for DVPN users and use local

authorization as the backup.

<Sysname> system-view

[Sysname] domain test

[Sysname-isp-test] authorization dvpn radius-scheme rd local