Versionen im Vergleich

Alte Version 4

changes.mady.by.user LANCOM Redaktion

Gespeichert am

verglichen mit

Neue Version Aktuell

changes.mady.by.user LANCOM Redaktion

Gespeichert am

Schlüssel

  • Diese Zeile wurde hinzugefügt.
  • Diese Zeile wurde entfernt.
  • Formatierung wurde geändert.

...

Deutsch

Beschreibung:

Mit diesem Add-In können Sie das 1:1 VPN-Routing ändern, um zusätzliche private Netzwerke über die VPN-Verbindung erreichbar zu machen.

Wichtige Variablen:

  • context.vars.centralVPN = true
  • context.vars.remoteVPN = true

Das folgende Beispiel geht davon aus, dass das centralVPN Device ein zusätzliches Netzwerk hat, das das remoteVPN Device über die bestehende VPN-Verbindung im ungetaggten (VLAN 1) Netzwerk erreichen möchte.

Liste der verwendeten Variablen:

VariableBeschreibung
context.vars.centralVPN
context.vars.remoteVPN

Add-in Code:

/**

 

* @param {Config} config

 

* @param {Context} context

 

* Do not edit this comment or parameter types. Required for code suggestions
*/
exports.main = function (config, context) {


    // Function to create VRRP Entry


   var

addVRRPEntry

addFirewallRule = function (

routerID

Name,

routerIP

Source,

mainPrio

Destination,

backupPrio

Action,

remoteSite, comment

RtgTag) {
       var

table1_2_8_21_2

firewallRule = config.getTableByOid("1.2.8.

21

10.2");
       var

table_1_2_8_21_2_row_1 = table1_2_8_21_2

firewallRule_row = firewallRule.createNewRow();
       firewallRule_row.setByOid("1", Name);
       firewallRule_row.setByOid("3", Source);
       firewallRule_row.setByOid("4", Destination);
       firewallRule_row.setByOid("7", Action);
       firewallRule_row.setByOid("14", RtgTag);
       firewallRule.addOrMerge(firewallRule_row);
   };
   var addRoute = function (DestinationIP, IpMask, RtgTag, AdminDistance, PeerOrIP, Distance, Masquerade, Active, Comment) {
       varTableRouting = config.getTableByOid("1.2.8.2");
       varTableRouting_row = TableRouting.createNewRow();
       

table_1_2_8_21_2_row_1

TableRouting_row.setByOid(1,

routerID

DestinationIP);
       

table_1_2_8_21_2_row_1.setByOid(2, routerIP

TableRouting_row.setByOid(2, IpMask);
       TableRouting_row.setByOid(8, RtgTag);
       TableRouting_row.setByOid(9, AdminDistance);
       

table_1_2_8_21_2

TableRouting_row

_1

.setByOid(3,

mainPrio

PeerOrIP);
       

table_1_2_8_21_2

TableRouting_row

_1

.setByOid(4,

backupPrio

Distance);
       

table_1_2_8_21_2_row_1

TableRouting_row.setByOid(5,

remoteSite

Masquerade);
       

table_1_2_8_21_2

TableRouting_row

_1

.setByOid(6,

comment

Active);
       

table1_2_8_21_2

TableRouting_row.setByOid(7, Comment);
       TableRouting.addOrMerge(

table_1_2_8_21_2_row_1

TableRouting_row);
   };



   //
If Statement to only create VRRP Entry, if device has the variable VRRP_Prio
    if
 centralVPN = Settings regarding and outgoint to Central Site Device
   // remoteVPN  = Settings regarding and outgoint to Remote Site Device

   // Firewall Rule and Routing Table Entry on Central Site Device
   if (context.vars.
VRRP_PRIO != "
centralVPN == "true") {
       config.infoLog("central");
     
config.setScalarByOid("1.2.8.21.1", "1");
        // Function Call to create a new Entry
        addVRRPEntry("1", "10.10.10.254", context.vars.VRRP_PRIO, "0", "INTERNET", "");
    }
};
  addFirewallRule("RuleName", "%HremoteVPNPeer", "%centralVPNNetworkName", "ACCEPT", "centralVPNNetworkRtgTag")
       addRoute("remoteVPNNetwork", "remoteVPNNetmask", "0", "0", "remoteVPNPeer", "4", "0", "0", "Route for additional Central VPN Network to Remote VPN Peer")

   }
// Firewall Rule and Routing Table Entry on Remote Site Device
   if (context.vars.remoteVPN == "true") {
       config.infoLog("remote");
       addFirewallRule("RuleName", "%HcentralVPNPeer", "%LremoteVPNNetworkName", "ACCEPT", "remoteVPNNetworkRtgTag")
       addRoute("centralVPNNetwork", "centralVPNNetmask", "0", "0", "centralVPNPeer", "4", "0", "0", "Route for additional Central VPN Network")
   }

};  

Add-in als JSON-Datei:

View file
name1toN-VPN-Routing.json
height150

...

Englisch

Description:

With this Add-in you can change the 1 to 1 VPN routing, to make additional private Networks reachable via the VPN connection.

Important Variables:

  • context.vars.centralVPN = true
  • context.vars.remoteVPN = true

The following example expects the centralVPN Device to have an additional network, that the remoteVPN Device wants to reach over the existing VPN-Connection in the untagged (VLAN 1) Network.

List of used variables:

VariableDescription
context.vars.centralVPN
context.vars.remoteVPN

Add-in code:

/**

 

* @param {Config} config

 

* @param {Context} context

 

* Do not edit this comment or parameter types. Required for code suggestions
*/
exports.main = function (config, context) {


    // Function to create VRRP Entry


   var

addVRRPEntry

addFirewallRule = function (

routerID

Name,

routerIP

Source,

mainPrio

Destination,

backupPrio

Action,

remoteSite, comment

RtgTag) {
       var

table1_2_8_21_2

firewallRule = config.getTableByOid("1.2.8.

21

10.2");
       var

table_1_2_8_21_2_row_1 = table1_2_8_21_2

firewallRule_row = firewallRule.createNewRow();
       firewallRule_row.setByOid("1", Name);
       firewallRule_row.setByOid("3", Source);
       firewallRule_row.setByOid("4", Destination);
       firewallRule_row.setByOid("7", Action);
       firewallRule_row.setByOid("14", RtgTag);
       firewallRule.addOrMerge(firewallRule_row);
   };
   var addRoute = function (DestinationIP, IpMask, RtgTag, AdminDistance, PeerOrIP, Distance, Masquerade, Active, Comment) {
       varTableRouting = config.getTableByOid("1.2.8.2");
       varTableRouting_row = TableRouting.createNewRow();
       

table_1_2_8_21_2_row_1

TableRouting_row.setByOid(1,

routerID

DestinationIP);
       

table_1_2_8_21_2_row_1.setByOid(2, routerIP

TableRouting_row.setByOid(2, IpMask);
       TableRouting_row.setByOid(8, RtgTag);
       TableRouting_row.setByOid(9, AdminDistance);
       

table_1_2_8_21_2

TableRouting_row

_1

.setByOid(3,

mainPrio

PeerOrIP);
       

table_1_2_8_21_2

TableRouting_row

_1

.setByOid(4,

backupPrio

Distance);
       

table_1_2_8_21_2

TableRouting_row

_1

.setByOid(5,

remoteSite

Masquerade);
       

table_1_2_8_21_2

TableRouting_row

_1

.setByOid(6,

comment

Active);
       

table1_2_8_21_2

TableRouting_row.setByOid(7, Comment);
       TableRouting.addOrMerge(

table_1_2_8_21_2_row_1

TableRouting_row);
   };



   //
If Statement to only create VRRP Entry, if device has the variable VRRP_Prio
    if
 centralVPN = Settings regarding and outgoint to Central Site Device
   // remoteVPN  = Settings regarding and outgoint to Remote Site Device

   // Firewall Rule and Routing Table Entry on Central Site Device
   if (context.vars.
VRRP_PRIO != "
centralVPN == "true") {
       config.infoLog("central");
     
config.setScalarByOid("1.2.8.21.1", "1");
        // Function Call to create a new Entry
        addVRRPEntry("1", "10.10.10.254", context.vars.VRRP_PRIO, "0", "INTERNET", "");
  
  addFirewallRule("RuleName", "%HremoteVPNPeer", "%centralVPNNetworkName", "ACCEPT", "centralVPNNetworkRtgTag")
       addRoute("remoteVPNNetwork", "remoteVPNNetmask", "0", "0", "remoteVPNPeer", "4", "0", "0", "Route for additional Central VPN Network to Remote VPN Peer")

   }
// Firewall Rule and Routing Table Entry on Remote Site Device
   if (context.vars.remoteVPN == "true") {
       config.infoLog("remote");
       addFirewallRule("RuleName", "%HcentralVPNPeer", "%LremoteVPNNetworkName", "ACCEPT", "remoteVPNNetworkRtgTag")
       addRoute("centralVPNNetwork", "centralVPNNetmask", "0", "0", "centralVPNPeer", "4", "0", "0", "Route for additional Central VPN Network")
   }

};

Add-in as JSON file:

View file
name1toN-VPN-Routing.json
height150

...