With this Add-in you can change the 1 to 1 VPN routing, to make additional private Networks reachable via the VPN connection.
Important Variables:
- context.vars.centralVPN = true
- context.vars.remoteVPN = true
The following example expects the centralVPN Device to have an additional network, that the remoteVPN Device wants to reach over the existing VPN-Connection in the untagged (VLAN 1) Network.
List of used variables:
Variable | Description |
context.vars.centralVPN |
context.vars.remoteVPN |
Add-in code:
/** * @param {Config} config * @param {Context} context * Do not edit this comment or parameter types. Required for code suggestions */ exports.main = function (config, context) { var addFirewallRule = function (Name, Source, Destination, Action, RtgTag) { var firewallRule = config.getTableByOid(""); var firewallRule_row = firewallRule.createNewRow(); firewallRule_row.setByOid("1", Name); firewallRule_row.setByOid("3", Source); firewallRule_row.setByOid("4", Destination); firewallRule_row.setByOid("7", Action); firewallRule_row.setByOid("14", RtgTag); firewallRule.addOrMerge(firewallRule_row); }; var addRoute = function (DestinationIP, IpMask, RtgTag, AdminDistance, PeerOrIP, Distance, Masquerade, Active, Comment) { var TableRouting = config.getTableByOid(""); var TableRouting_row = TableRouting.createNewRow(); TableRouting_row.setByOid(1, DestinationIP); TableRouting_row.setByOid(2, IpMask); TableRouting_row.setByOid(8, RtgTag); TableRouting_row.setByOid(9, AdminDistance); TableRouting_row.setByOid(3, PeerOrIP); TableRouting_row.setByOid(4, Distance); TableRouting_row.setByOid(5, Masquerade); TableRouting_row.setByOid(6, Active); TableRouting_row.setByOid(7, Comment); TableRouting.addOrMerge(TableRouting_row); };
// centralVPN = Settings regarding and outgoint to Central Site Device // remoteVPN = Settings regarding and outgoint to Remote Site Device
// Firewall Rule and Routing Table Entry on Central Site Device if (context.vars.centralVPN == "true") { config.infoLog("central"); addFirewallRule("RuleName", "%HremoteVPNPeer", "%centralVPNNetworkName", "ACCEPT", "centralVPNNetworkRtgTag") addRoute("remoteVPNNetwork", "remoteVPNNetmask", "0", "0", "remoteVPNPeer", "4", "0", "0", "Route for additional Central VPN Network to Remote VPN Peer") } // Firewall Rule and Routing Table Entry on Remote Site Device if (context.vars.remoteVPN == "true") { config.infoLog("remote"); addFirewallRule("RuleName", "%HcentralVPNPeer", "%LremoteVPNNetworkName", "ACCEPT", "remoteVPNNetworkRtgTag") addRoute("centralVPNNetwork", "centralVPNNetmask", "0", "0", "centralVPNPeer", "4", "0", "0", "Route for additional Central VPN Network") }
Add-in as JSON file: