Description:This script creates a client access for the Advanced VPN Client based on the specified information. After executing the script, an .ini file is offered for download. List of used variables:Add-in code:
exports.main = function (config, context) { {
to create VRRP Entry var addVRRPEntry = function (routerID, routerIP, mainPrio, backupPrio, remoteSite, comment) { var table1_2_8_21_2 =
var addVPNAuth = function (AuthName, LocalAuth, LocalIDType, LocalID, LocalPWD, RemoteAuth, RemoteIDType, RemoteID, RemotePWD) {
var TableAUTH = config.getTableByOid("1.2.19. 836. 213. 21");
var table_1_2_8_21_2_row_1 = table1_2_8_21_2
var TableAUTH_row = TableAUTH.createNewRow();
table_1_2_8_21_2_row_1.setByOid(1, routerID); table_1_2_8_21_2_row_1.setByOid(2, routerIP); table_1_2_8_21_2_row_1.setByOid(3, mainPrio); table_1_2_8_21_2_row_1.setByOid(4, backupPrio); table_1_2_8_21_2_row_1.setByOid(5, remoteSite); table_1_2_8_21_2_row_1.setByOid(6, comment); table1_2_8_21_2.addOrMerge(table_1_2_8_21_2_row_1); }; // If Statement to only create VRRP Entry, if device has the variable VRRP_Prio if (context.vars.VRRP_PRIO != "") {
TableAUTH_row.setByOid("1", AuthName);
TableAUTH_row.setByOid("2", LocalAuth);
TableAUTH_row.setByOid("3", LocalIDType);
TableAUTH_row.setByOid("4", LocalID);
TableAUTH_row.setByOid("5", LocalPWD);
TableAUTH_row.setByOid("6", RemoteAuth);
TableAUTH_row.setByOid("7", RemoteIDType);
TableAUTH_row.setByOid("8", RemoteID);
TableAUTH_row.setByOid("9", RemotePWD);
TableAUTH.addOrMerge(TableAUTH_row);
};
var addVPNPool = function (PoolName, StartAddr, EndAddr, PrimaryDNS) {
var TableIPv4Pool = config.getTableByOid("1.2.19.36.7.1");
var TableIPv4Pool_row = TableIPv4Pool.createNewRow();
TableIPv4Pool_row.setByOid("1", PoolName);
TableIPv4Pool_row.setByOid("2", StartAddr);
TableIPv4Pool_row.setByOid("3", EndAddr);
TableIPv4Pool_row.setByOid("4", PrimaryDNS);
TableIPv4Pool.addOrMerge(TableIPv4Pool_row);
};
var addVPNPeer = function (PeerName, EntryActive, RemoteGW, Auth, IKEcfgMode, IPv4Pool, RuleCreate, VPNRule) {
var TableVPNPeer = config.getTableByOid("1.2.19.36.1");
var TableVPNPeer_row = TableVPNPeer.createNewRow();
TableVPNPeer_row.setByOid("1", PeerName);
TableVPNPeer_row.setByOid("2", EntryActive);
TableVPNPeer_row.setByOid("4", RemoteGW);
TableVPNPeer_row.setByOid("7", Auth);
TableVPNPeer_row.setByOid("10", IKEcfgMode);
TableVPNPeer_row.setByOid("18", IPv4Pool);
TableVPNPeer_row.setByOid("11", RuleCreate);
TableVPNPeer_row.setByOid("12", VPNRule);
TableVPNPeer.addOrMerge(TableVPNPeer_row);
};
var clientOS = context.vars.V1_clientOS;
var peer = context.vars.V2_vpnPeer;
var wanIp = context.vars.V3_wanIP;
var pwd = Math.random().toString(36).slice(-8);
var poolStart = context.vars.V4_IPv4firstAddress;
var poolEnd = context.vars.V5_IPv4lastAddress;
var poolDNS = context.vars.V6_IPv4Nameserver;
var splitTunnelIp = context.vars.V7_SplitTunnelingIP;
var splitTunnelMask = context.vars.V8_SplitTunnelingNetmask;
config.setScalarByOid("1.2.19.8", "1");
config.setScalarByOid("1.2.19.27", "1");
config.setScalarByOid("1.2.8 .21.1", "1"); // Function Call to create a new Entry addVRRPEntry("1", "10.10.10.254", context.vars.VRRP_PRIO, "0", "INTERNET", ""); }
.5", "1");
var outputStream = config.createOutputStream();
var vpnINI = config.createOutputStream(peer + '.ini');
addVPNAuth(peer, "PSK", "Email-Address", peer + "@intern", pwd, "PSK", "Email-Address", peer + "@intern", pwd);
var tablePool = config.getTableByOid("1.2.19.36.7.1");
var row = tablePool.getFirstRowByOids({ "2": poolStart }) || tablePool.getFirstRowByOids({ "3": poolEnd });
if (row) {
var pool = row.getByOid("1");
addVPNPeer(peer, "1", "0.0.0.0", peer, "2", pool, "1", "RAS-WITH-CONFIG-PAYLOAD");
} else {
addVPNPool(peer + "-Pool", poolStart, poolEnd, poolDNS);
addVPNPeer(peer, "1", "0.0.0.0", peer, "2", peer + "-Pool", "1", "RAS-WITH-CONFIG-PAYLOAD");
}
outputStream.addLine('Die VPN-Verbindung konnte erfolgreich angelegt werden.');
outputStream.addLine('Bitte laden Sie die Datei .ini herunter und importieren Sie diese in den Advanced VPN-Client.');
vpnINI.addLine("[PROFILE1]");
vpnINI.addLine("Name=" + peer);
if (clientOS == "windows") {
vpnINI.addLine("ConnMedia=21");
} else if (clientOS == "mac") {
vpnINI.addLine("ConnMedia=8");
}
vpnINI.addLine("ConnMode=0");
vpnINI.addLine("SeamRoaming=1");
vpnINI.addLine("PriVoIP=1");
vpnINI.addLine("Gateway=" + wanIp);
vpnINI.addLine("PFS=14");
vpnINI.addLine("UseComp=0");
vpnINI.addLine("IkeIdType=3");
vpnINI.addLine("IkeIdStr=" + peer + "@intern");
vpnINI.addLine("Secret=" + pwd);
vpnINI.addLine("UseXAUTH=0");
vpnINI.addLine("IpAddrAssign=0");
vpnINI.addLine("IkeDhGroup=14");
vpnINI.addLine("ExchMode=34");
vpnINI.addLine("IKEv2Auth=2");
vpnINI.addLine("IKEv2Policy=WIZ-AES256-SHA256");
vpnINI.addLine("IPSEC-Policy=WIZ-AES256-SHA256");
if (splitTunnelIp && splitTunnelMask) {
vpnINI.addLine("Network1=" + splitTunnelIp);
vpnINI.addLine("SubMask1=" + splitTunnelMask);
}
vpnINI.addLine("[IKEV2POLICY1]");
vpnINI.addLine("Ikev2Name=WIZ-AES256-SHA256");
vpnINI.addLine("Ikev2Crypt=6");
vpnINI.addLine("Ikev2PRF=5");
vpnINI.addLine("Ikev2IntAlgo=12");
vpnINI.addLine("[IPSECPOLICY1]");
vpnINI.addLine("IPSecName=WIZ-AES256-SHA256");
vpnINI.addLine("IpsecCrypt=6");
vpnINI.addLine("IpsecAuth=5");
};
|
---|
Add-in as JSON file: View file |
---|
name | creating-advanced-VPNC-access.json |
---|
height | 150 |
---|
|
|