The vpn-group command creates a VPN group and add VPN instances to the VPN group in sequence.
The undo vpn-group command deletes a VPN group or delete the association between a VPN group and VPN instances.
By default, no VPN group is configured, and VPN instances are not configured to be added to the VPN group in sequence.
| Parameter | Description | Value |
|---|---|---|
| vpn-group-name |
Specifies the name of a VPN group. |
The name is a string of 1 to 31 characters and case sensitive. In addition, the VPN instance name must not be _public_. When double quotation marks are used around the string, spaces are allowed in the string. |
| vpn-instance vpn-name |
Specifies the name of the VPN instance added to a VPN group. Up to 8 VPN instances can be added to a VPN group. |
The name is a string of 1 to 31 characters and case sensitive. In addition, the VPN instance name must not be _public_. When double quotation marks are used around the string, spaces are allowed in the string. |
Usage Scenario
As defined in a traffic policy, packets that match rules in complex traffic classification are redirected to specific VPN groups. You can run the vpn-group command to configure VPN groups and then configure redirection in the traffic behavior view.
Precautions
The VPN instances added to a VPN group must exist. One VPN instance can be added to different VPN groups.
The VPN instances in a VPN group are arranged in the configuration sequence. If a VPN group exists, when you use the vpn-group command to re-add the existing VPN instances to the VPN group, the VPN instances remain in the previous sequence. To change the sequence of VPN instances in a VPN group, you need to delete the VPN instances from the VPN group and then re-add VPN instances. You cannot delete a VPN group if the VPN group is in use.