< Home

vpn-instance

Function

The vpn-instance command adds a PKI realm to a specified VPN.

The undo vpn-instance command unbinds a PKI realm from a specified VPN.

By default, a PKI realm is not added to any VPN.

Format

vpn-instance vpn-instance-name

undo vpn-instance

Parameters

Parameter

Description

Value

vpn-instance-name

Specifies the name of a VPN instance.

The value must be an existing VPN instance name.

Views

PKI realm view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

To obtain and verify certificates, the device needs to communicate with the CA or SCEP server. When the CA or SECP server is in a VPN, add the PKI realm to the specified VPN.

Prerequisites

  1. A VPN instance has been created using the ip vpn-instance command.

  2. The RD has been configured using the route-distinguisher command.

Example

# Add a PKI realm to the VPN named vrf1.

<HUAWEI> system-view
[HUAWEI] ip vpn-instance vrf1
[HUAWEI-vpn-instance-vrf1] route-distinguisher 22:1
[HUAWEI-vpn-instance-vrf1-af-ipv4] quit
[HUAWEI-vpn-instance-vrf1] quit
[HUAWEI] pki realm abc
[HUAWEI-pki-realm-abc] vpn-instance vrf1
Parent Topic: PKI Configuration Commands
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic