Beschreibung:

Mit diesem Add-In können Sie das 1:1 VPN-Routing ändern, um zusätzliche private Netzwerke über die VPN-Verbindung erreichbar zu machen.

Wichtige Variablen:

  • context.vars.centralVPN = true
  • context.vars.remoteVPN = true

Das folgende Beispiel geht davon aus, dass das centralVPN Device ein zusätzliches Netzwerk hat, das das remoteVPN Device über die bestehende VPN-Verbindung im ungetaggten (VLAN 1) Netzwerk erreichen möchte.

Liste der verwendeten Variablen:

VariableBeschreibung
context.vars.centralVPN
context.vars.remoteVPN

Add-in Code:

/**
 * @param {Config} config
 * @param {Context} context
 * Do not edit this comment or parameter types. Required for code suggestions
*/
exports.main = function (config, context) {
    var addFirewallRule = function (Name, Source, Destination, Action, RtgTag) {
        var firewallRule = config.getTableByOid("1.2.8.10.2");
        var firewallRule_row = firewallRule.createNewRow();
        firewallRule_row.setByOid("1", Name);
        firewallRule_row.setByOid("3", Source);
        firewallRule_row.setByOid("4", Destination);
        firewallRule_row.setByOid("7", Action);
        firewallRule_row.setByOid("14", RtgTag);
        firewallRule.addOrMerge(firewallRule_row);
    };
    var addRoute = function (DestinationIP, IpMask, RtgTag, AdminDistance, PeerOrIP, Distance, Masquerade, Active, Comment) {
        var TableRouting = config.getTableByOid("1.2.8.2");
        var TableRouting_row = TableRouting.createNewRow();
        TableRouting_row.setByOid(1, DestinationIP);
        TableRouting_row.setByOid(2, IpMask);
        TableRouting_row.setByOid(8, RtgTag);
        TableRouting_row.setByOid(9, AdminDistance);
        TableRouting_row.setByOid(3, PeerOrIP);
        TableRouting_row.setByOid(4, Distance);
        TableRouting_row.setByOid(5, Masquerade);
        TableRouting_row.setByOid(6, Active);
        TableRouting_row.setByOid(7, Comment);
        TableRouting.addOrMerge(TableRouting_row);
    };



    // centralVPN = Settings regarding and outgoint to Central Site Device
    // remoteVPN  = Settings regarding and outgoint to Remote Site Device

    // Firewall Rule and Routing Table Entry on Central Site Device
    if (context.vars.centralVPN == "true") {
        config.infoLog("central");
        addFirewallRule("RuleName", "%HremoteVPNPeer", "%centralVPNNetworkName", "ACCEPT", "centralVPNNetworkRtgTag")
        addRoute("remoteVPNNetwork", "remoteVPNNetmask", "0", "0", "remoteVPNPeer", "4", "0", "0", "Route for additional Central VPN Network to Remote VPN Peer")
       
    }
// Firewall Rule and Routing Table Entry on Remote Site Device
    if (context.vars.remoteVPN == "true") {
        config.infoLog("remote");
        addFirewallRule("RuleName", "%HcentralVPNPeer", "%LremoteVPNNetworkName", "ACCEPT", "remoteVPNNetworkRtgTag")
        addRoute("centralVPNNetwork", "centralVPNNetmask", "0", "0", "centralVPNPeer", "4", "0", "0", "Route for additional Central VPN Network")
    }

};

Add-in als JSON-Datei:

1toN-VPN-Routing.json

Alle LANCOM Produkte und Software-Versionen unterliegen dem LANCOM Software Lifecycle Management.
Informationen erhalten Sie auf unserer Webseite unter https://www.lancom-systems.de/produkte/firmware/software-lifecycle-management

© 2025 LANCOM Systems GmbH