Seitenhistorie

Seiteneigenschaften

Description:

With this Add-in you can change the 1 to 1 VPN routing, to make additional private Networks reachable via the VPN connection.

...

The following example expects the centralVPN Device to have an additional network, that the remoteVPN Device wants to reach over the existing VPN-Connection in the untagged (VLAN 1) Network.

List of used variables:

Variable	Description
context.vars.centralVPN
context.vars.remoteVPN

Add-in code:

/**
* @param {Config} config
* @param {Context} context
* Do not edit this comment or parameter types. Required for code suggestions
*/
exports.main = function (config, context) {
var addFirewallRule = function (Name, Source, Destination, Action, RtgTag) {
var firewallRule = config.getTableByOid("1.2.8.10.2");
var firewallRule_row = firewallRule.createNewRow();
firewallRulefirewallRule_row.setByOid("1", Name);
firewallRulefirewallRule_row.setByOid("3", Source);
firewallRulefirewallRule_row.setByOid("4", Destination);
firewallRulefirewallRule_row.setByOid("7", Action);
firewallRulefirewallRule_row.setByOid("14", RtgTag);
firewallRulefirewallRule.addOrMerge(firewallRule_row);
};
var addRoute = function (DestinationIP, IpMask, RtgTag, AdminDistance, PeerOrIP, Distance, Masquerade, Active, Comment) {
varTableRouting = config.getTableByOid("1.2.8.2");
varTableRouting_row = TableRouting.createNewRow();
TableRouting_row.setByOid(1, DestinationIP);
TableRouting_row.setByOid(2, IpMask);
TableRouting_row.setByOid(8, RtgTag);
TableRouting_row.setByOid(9, AdminDistance);
TableRouting_row.setByOid(3, PeerOrIP);
TableRouting_row.setByOid(4, Distance);
TableRouting_row.setByOid(5, Masquerade);
TableRouting_row.setByOid(6, Active);
TableRouting_row.setByOid(7, Comment);
TableRouting.addOrMerge(TableRouting_row);
};

// centralVPN = Settings regarding and outgoint to Central Site Device
// remoteVPN = Settings regarding and outgoint to Remote Site Device

// Firewall Rule and Routing Table Entry on Central Site Device
if (context.vars.centralVPN == "true" ) {
config.infoLog( "central" );
addFirewallRule( "RuleName" , "%HremoteVPNPeer" , "%centralVPNNetworkName" , "ACCEPT" , "centralVPNNetworkRtgTag" )
addRoute( "remoteVPNNetwork" , "remoteVPNNetmask" , "0" , "0" , "remoteVPNPeer" , "4" , "0" , "0" , "Route for additional Central VPN Network to Remote VPN Peer" )

}
// Firewall Rule and Routing Table Entry on Remote Site Device
if (context.vars.remoteVPN == "true" ) {
config.infoLog( "remote" );
addFirewallRule( "RuleName" , "%HcentralVPNPeer" , "%LremoteVPNNetworkName" , "ACCEPT" , "remoteVPNNetworkRtgTag" )
addRoute( "centralVPNNetwork" , "centralVPNNetmask" , "0" , "0" , "centralVPNPeer" , "4" , "0" , "0" , "Route for additional Central VPN Network" )
}

};
config.infoLog("central");
addFirewallRule("RuleName", "%HremoteVPNPeer", "%centralVPNNetworkName", "ACCEPT", "centralVPNNetworkRtgTag")
addRoute("remoteVPNNetwork", "remoteVPNNetmask", "0", "0", "remoteVPNPeer", "4", "0", "0", "Route for additional Central VPN Network to Remote VPN Peer")

}
// Firewall Rule and Routing Table Entry on Remote Site Device
if (context.vars.remoteVPN == "true") {
config.infoLog("remote");
addFirewallRule("RuleName", "%HcentralVPNPeer", "%LremoteVPNNetworkName", "ACCEPT", "remoteVPNNetworkRtgTag")
addRoute("centralVPNNetwork", "centralVPNNetmask", "0", "0", "centralVPNPeer", "4", "0", "0", "Route for additional Central VPN Network")
}

};

Add-in as JSON file:

View file

name	1toN-VPN-Routing.json
page	Changing the 1:1 VPNouting
space	LMCADEN
height	150

Seitenhierarchie

Versionen im Vergleich

Alte Version 2

Neue Version Aktuell

Schlüssel

Description:

List of used variables:

Add-in code:

Add-in as JSON file:

Service & Support

Links