Description:
With this Add-in you can change the 1 to 1 VPN routing, to make additional private Networks reachable via the VPN connection.
Important Variables:
- context.vars.centralVPN = true
- context.vars.remoteVPN = true
The following example expects the centralVPN Device to have an additional network, that the remoteVPN Device wants to reach over the existing VPN-Connection in the untagged (VLAN 1) Network.
List of used variables:
| Variable | Description |
|---|
| context.vars.centralVPN |
|
| context.vars.remoteVPN |
|
Add-in code:
/**
* @param {Config} config
* @param {Context} context
* Do not edit this comment or parameter types. Required for code suggestions
*/
exports.main = function (config, context) {
var addFirewallRule = function ( Name , Source , Destination , Action , RtgTag ) {
var firewallRule = config.getTableByOid( "1.2.8.10.2" );
var firewallRule_row = firewallRule.createNewRow();
firewallRule_row.setByOid( "1" , Name );
firewallRule_row.setByOid( "3" , Source );
firewallRule_row.setByOid( "4" , Destination );
firewallRule_row.setByOid( "7" , Action );
firewallRule_row.setByOid( "14" , RtgTag );
firewallRule.addOrMerge(firewallRule_row);
};
var addRoute = function ( DestinationIP , IpMask , RtgTag , AdminDistance , PeerOrIP , Distance , Masquerade , Active , Comment ) {
var TableRouting = config.getTableByOid( "1.2.8.2" );
var TableRouting_row = TableRouting .createNewRow();
TableRouting_row .setByOid( 1 , DestinationIP );
TableRouting_row .setByOid( 2 , IpMask );
TableRouting_row .setByOid( 8 , RtgTag );
TableRouting_row .setByOid( 9 , AdminDistance );
TableRouting_row .setByOid( 3 , PeerOrIP );
TableRouting_row .setByOid( 4 , Distance );
TableRouting_row .setByOid( 5 , Masquerade );
TableRouting_row .setByOid( 6 , Active );
TableRouting_row .setByOid( 7 , Comment );
TableRouting .addOrMerge( TableRouting_row );
};
// centralVPN = Settings regarding and outgoint to Central Site Device
// remoteVPN = Settings regarding and outgoint to Remote Site Device
// Firewall Rule and Routing Table Entry on Central Site Device
if
(context.vars.centralVPN ==
"true"
) {
config.infoLog(
"central"
);
addFirewallRule(
"RuleName"
,
"%HremoteVPNPeer"
,
"%centralVPNNetworkName"
,
"ACCEPT"
,
"centralVPNNetworkRtgTag"
)
addRoute(
"remoteVPNNetwork"
,
"remoteVPNNetmask"
,
"0"
,
"0"
,
"remoteVPNPeer"
,
"4"
,
"0"
,
"0"
,
"Route for additional Central VPN Network to Remote VPN Peer"
)
}
// Firewall Rule and Routing Table Entry on Remote Site Device
if
(context.vars.remoteVPN ==
"true"
) {
config.infoLog(
"remote"
);
addFirewallRule(
"RuleName"
,
"%HcentralVPNPeer"
,
"%LremoteVPNNetworkName"
,
"ACCEPT"
,
"remoteVPNNetworkRtgTag"
)
addRoute(
"centralVPNNetwork"
,
"centralVPNNetmask"
,
"0"
,
"0"
,
"centralVPNPeer"
,
"4"
,
"0"
,
"0"
,
"Route for additional Central VPN Network"
)
}
};
|
|---|
Add-in as JSON file:
