| Seiteneigenschaften |
|---|
| Deutsch |
|---|
Beschreibung:
Das Skript konfiguriert alles, was notwendig ist, um einen IKE-Load-Balancer für eine Zentrale zu konfigurieren (einschließlich DMZ-Netzwerk, VRRP und Route).
Liste der verwendeten Variablen:
| Variable | Beschreibung |
|---|
Add-in Code
|
Description:
The script configures everything that is necessary to configure an IKE load balancer for a the head office (including DMZ network, VRRP & route).
List of used variables:
Add-in code:
/**
* @param {Config} config
* @param {Context} context
* Do not edit this comment or parameter types. Required for code suggestions
*/
exports.main = function (config, context) { |
|---|
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
Required variables:
// VRID |
|---|
...
= string
// VRRP_IP = string
// VRRP_PRIO = string
// DMZ_IP |
|---|
...
...
= string
// LOAD_PASSWORD = string
if
(context.network.isCentralGateway) {
// /Setup/TCP-IP/Network-list/
var
networkList = config.getTableByOid(
"1.2.7.30"
);
var
rowDmz = networkList.createNewRow();
rowDmz.setByOid(
"1"
,
"DMZ"
);
|
|---|
...
...
...
...
...
...
...
...
...
Add-in als JSON-Datei:
| View file |
|---|
| name | ike_load_balancer.json |
|---|
| page | Konfiguration eines IKE-Load Balancer |
|---|
| space | LMCADEN |
|---|
| height | 150 |
|---|
|
...
Description:
The script configures everything that is necessary to configure an IKE load balancer for a the head office (including DMZ network, VRRP & route).
List of used variables:
...
Add-in code:
/**
* @param {Config} config
* @param {Context} context
* Do not edit this comment or parameter types. Required for code suggestions
*/
exports.main = function (config, context) {
...
"2"
, context.vars.
DMZ_IP
);
//IP-Address
rowDmz.setByOid(
"3"
,
"255.255.255.0"
);
//IP-Netmask
rowDmz.setByOid(
"4"
,
"1"
);
//VLAN-ID
rowDmz.setByOid(
"5"
,
"256"
);
//Interface (257 = LAN-2)
rowDmz.setByOid(
"6"
,
"0"
);
//Src-check (0 = Loose)
rowDmz.setByOid(
"7"
,
"2"
);
//Type (2 = DMZ)
rowDmz.setByOid(
"8"
,
"0"
);
//Rtg-Tag
rowDmz.setByOid(
"9"
,
"demilitarized zone"
);
//Comment
networkList.addOrMerge(rowDmz);
// /Setup/IP-Router/IP-Routing-Table/
var
routingTable = config.getTableByOid(
"1.2.8.2"
);
var
routeToGw = routingTable.createNewRow();
routeToGw.setByOid(
"1"
,
"255.255.255.255"
);
//IP-Address
routeToGw.setByOid(
"2"
,
"0.0.0.0"
);
//IP-Netmask
routeToGw.setByOid(
"8"
,
"0"
);
//Rtg-tag
routeToGw.setByOid(
"6"
,
"0"
);
//Active (No (1), Yes (0), Semi (2))
routeToGw.setByOid(
"3"
, context.vars.
DMZ_GW
);
//Peer-or-IP
routeToGw.setByOid(
"4"
,
"0"
);
//Distance
routeToGw.setByOid(
"5"
,
"0"
);
//Masquerade (No (0), on (1), intranet (2))
routeToGw.setByOid(
"7"
,
""
);
//Comment
routingTable.addOrMerge(routeToGw);
config.setScalarByOid(
"1.2.102.12"
,
"DMZ"
);
//Loopback-Adresse für LMC
config.setScalarByOid(
"1.2.8.21.1"
,
"1"
);
//VRRP Operating
config.setScalarByOid(
"1.2.8.21.3"
,
"30"
);
//VRRP Reconnect-Delay
// /Setup/IP-Router/VRRP/VRRP-List
var
vrrpList = config.getTableByOid(
"1.2.8.21.2"
);
var
vrrpRow = vrrpList.createNewRow();
vrrpRow.setByOid(
"1"
, context.vars.
VRID
);
//VRID
vrrpRow.setByOid(
"2"
, context.vars.
VRRP_IP
);
//Virtual IP
vrrpRow.setByOid(
"3"
, context.vars.
VRRP_PRIO
);
//VRRP Prio
vrrpList.addOrMerge(vrrpRow);
config.setScalarByOid(
"1.2.19.50.1"
,
"1"
);
//VPN Loadbalancer Operating
// /Setup/VPN/Load-Balancer/Instances
var
lbInstances = config.getTableByOid(
"1.2.19.50.2"
);
var
lbInstance = lbInstances.createNewRow();
lbInstance.setByOid(
"1"
, context.vars.
VRID
);
//VRID
lbInstance.setByOid(
"2"
, context.vars.
DMZ_IP
);
//Redirect-Target
lbInstance.setByOid(
"4"
,
"DEFAULT"
);
//Message-Profile
lbInstances.addOrMerge(lbInstance);
// /Setup/VPN/Load-Balancer/Message-Profiles
var
messageProfiles = config.getTableByOid(
"1.2.19.50.3"
);
var
profile = messageProfiles.createNewRow();
profile.setByOid(
"1"
,
"DEFAULT"
);
//Profile-Name
profile.setByOid(
"2"
,
"DMZ"
);
//Interface
profile.setByOid(
"3"
,
"239.255.22.11"
);
//Address
profile.setByOid(
"4"
,
"1987"
);
//Port
profile.setByOid(
"5"
,
"2000"
);
//Interval
profile.setByOid(
"6"
,
"3000"
); |
|---|
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
setByOid(
"9"
, context.vars.
LOAD_PASSWORD
);
//Secret
|
|---|
...
...
...
...
//Cipher (3 = AES-256-CGM)
profile.setByOid( |
|---|
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
Add-in as JSON file:
| View file |
|---|
| name | ike_load_balancer.json |
|---|
|
...
