VPN Feature Template

Change the ECMP hash, add DNS servers, advertise protocols (BGP, static, connected, OSPF external) from the VPN into OMP, and add IPv4 or v6 static routes, service routes, and GRE routes.

Diagram

Classes

edge_feature_templates (sdwan)

Name	Type	Constraint	Mandatory	Default Value
vpn_templates	List	[vpn_templates]	No

vpn_templates (sdwan.edge_feature_templates)

Name	Type	Constraint	Mandatory	Default Value
name	String	Regex: ^[^<>!&" ]{1,128}$	Yes
description	String		Yes
device_types	List	Choice[ASR-1001-HX, ASR-1001-X, ASR-1002-HX, ASR-1002-X, ASR-1006-X, C1101-4P, C1101-4PLTEP, C1101-4PLTEPW, C1109-2PLTEGB, C1109-2PLTEUS, C1109-2PLTEVZ, C1109-4PLTE2P, C1109-4PLTE2PW, C1111-4P, C1111-4PLTEEA, C1111-4PLTELA, C1111-4PW, C1111-8P, C1111-8PLTEEA, C1111-8PLTEEAW, C1111-8PLTELA, C1111-8PLTELAW, C1111-8PW, C1111X-8P, C1112-8P, C1112-8PLTEEA, C1112-8PLTEEAWE, C1112-8PWE, C1113-8P, C1113-8PLTEEA, C1113-8PLTEEAW, C1113-8PLTELA, C1113-8PLTELAWZ, C1113-8PLTEW, C1113-8PM, C1113-8PMLTEEA, C1113-8PMWE, C1113-8PW, C1116-4P, C1116-4PLTEEA, C1116-4PLTEEAWE, C1116-4PWE, C1117-4P, C1117-4PLTEEA, C1117-4PLTEEAW, C1117-4PLTELA, C1117-4PLTELAWZ, C1117-4PM, C1117-4PMLTEEA, C1117-4PMLTEEAWE, C1117-4PMWE, C1117-4PW, C1118-8P, C1121-4P, C1121-4PLTEP, C1121-8P, C1121-8PLTEP, C1121-8PLTEPW, C1121X-8P, C1121X-8PLTEP, C1121X-8PLTEPW, C1126-8PLTEP, C1126X-8PLTEP, C1127-8PLTEP, C1127-8PMLTEP, C1127X-8PLTEP, C1127X-8PMLTEP, C1128-8PLTEP, C1131-8PLTEPW, C1131-8PW, C1131X-8PLTEPW, C1131X-8PW, C1161-8P, C1161-8PLTEP, C1161X-8P, C1161X-8PLTEP, C8000V, C8200-1N-4T, C8200L-1N-4T, C8300-1N1S-4T2X, C8300-1N1S-6T, C8300-2N2S-4T2X, C8300-2N2S-6T, C8500-12X, C8500-12X4QC, C8500-20X6C, C8500L-8S4X, IR-1101, IR-1821, IR-1831, IR-1833, IR-1835, IR-8140H, IR-8140H-P, IR-8340, ISR-4221, ISR-4221X, ISR-4321, ISR-4331, ISR-4351, ISR-4431, ISR-4451-X, ISR-4461, ISR1100-4G-XE, ISR1100-4GLTEGB-XE, ISR1100-4GLTENA-XE, ISR1100-6G-XE, ISR1100X-4G-XE, ISR1100X-6G-XE]	No
enhance_ecmp_keying	Boolean	true, false	No
enhance_ecmp_keying_variable	String	Regex: ^[^"~$&+,]255$`	No
ipv4_dns_hosts	List	[ipv4_dns_hosts]	No
ipv4_primary_dns_server	IP		No
ipv4_primary_dns_server_variable	String	Regex: ^[^"~$&+,]255$`	No
ipv4_secondary_dns_server	IP		No
ipv4_secondary_dns_server_variable	String	Regex: ^[^"~$&+,]255$`	No
ipv4_static_gre_routes	List	[ipv4_static_gre_routes]	No
ipv4_static_ipsec_routes	List	[ipv4_static_ipsec_routes]	No
ipv4_static_routes	List	[ipv4_static_routes]	No
ipv4_static_service_routes	List	[ipv4_static_service_routes]	No
ipv6_dns_hosts	List	[ipv6_dns_hosts]	No
ipv6_primary_dns_server	IP		No
ipv6_primary_dns_server_variable	String	Regex: ^[^"~$&+,]255$`	No
ipv6_secondary_dns_server	IP		No
ipv6_secondary_dns_server_variable	String	Regex: ^[^"~$&+,]255$`	No
ipv6_static_routes	List	[ipv6_static_routes]	No
nat_pools	List	[nat_pools]	No
nat64_pools	List	[nat64_pools]	No
omp_admin_distance_ipv4	Integer	min: 1, max: 255	No
omp_admin_distance_ipv4_variable	String	Regex: ^[^"~$&+,]255$`	No
omp_admin_distance_ipv6	Integer	min: 1, max: 255	No
omp_admin_distance_ipv6_variable	String	Regex: ^[^"~$&+,]255$`	No
omp_advertise_ipv4_routes	List	[omp_advertise_ipv4_routes]	No
omp_advertise_ipv6_routes	List	[omp_advertise_ipv6_routes]	No
port_forwarding_rules	List	[port_forwarding_rules]	No
route_global_exports	List	[route_global_exports]	No
route_global_imports	List	[route_global_imports]	No
route_vpn_imports	List	[route_vpn_imports]	No
services	List	[services]	No
static_nat_rules	List	[static_nat_rules]	No
static_nat_subnet_rules	List	[static_nat_subnet_rules]	No
vpn_id	Integer	min: 0, max: 65527	Yes
vpn_name	String	min: 1, max: 32	No
vpn_name_variable	String	Regex: ^[^"~$&+,]255$`	No

ipv4_dns_hosts (sdwan.edge_feature_templates.vpn_templates)

Name	Type	Constraint	Mandatory	Default Value
hostname	String	min: 1, max: 128, matches: `^(([a-zA-Z0-9]	[a-zA-Z0-9][a-zA-Z0-9-	_][a-zA-Z0-9]).)([A-Za-z0-9]
hostname_variable	String	Regex: ^[^"~$&+,]255$`	No
ips	List	IP	No
ips_variable	String	Regex: ^[^"~$&+,]255$`	No
optional	Boolean	true, false	No

ipv4_static_gre_routes (sdwan.edge_feature_templates.vpn_templates)

Name	Type	Constraint	Mandatory	Default Value
interfaces	List	String[Regex: ^gre[0-9]{1,3}$]	No
interfaces_variable	String	Regex: ^[^"~$&+,]255$`	No
prefix	IP		No
prefix_variable	String	Regex: ^[^"~$&+,]255$`	No
optional	Boolean	true, false	No

ipv4_static_ipsec_routes (sdwan.edge_feature_templates.vpn_templates)

Name	Type	Constraint	Mandatory	Default Value
interfaces	List	String[Regex: ^ipsec[0-9]{1,3}$]	No
interfaces_variable	String	Regex: ^[^"~$&+,]255$`	No
prefix	IP		No
prefix_variable	String	Regex: ^[^"~$&+,]255$`	No
optional	Boolean	true, false	No

ipv4_static_routes (sdwan.edge_feature_templates.vpn_templates)

Name	Type	Constraint	Mandatory	Default Value
next_hop_dhcp	Boolean	true, false	No
next_hop_null0	Boolean	true, false	No
next_hop_null0_distance	Integer	min: 1, max: 255	No
next_hop_null0_distance_variable	String	Regex: ^[^"~$&+,]255$`	No
next_hop_dia	Boolean	true, false	No
next_hops	List	[next_hops]	No
optional	Boolean	true, false	No
prefix	IP		No
prefix_variable	String	Regex: ^[^"~$&+,]255$`	No
track_next_hops	List	[track_next_hops]	No

ipv4_static_service_routes (sdwan.edge_feature_templates.vpn_templates)

Name	Type	Constraint	Mandatory	Default Value
prefix	IP		No
prefix_variable	String	Regex: ^[^"~$&+,]255$`	No
service	Choice	sig	No

ipv6_dns_hosts (sdwan.edge_feature_templates.vpn_templates)

Name	Type	Constraint	Mandatory	Default Value
hostname	String	min: 1, max: 128, matches: `^(([a-zA-Z0-9]	[a-zA-Z0-9][a-zA-Z0-9-	_][a-zA-Z0-9]).)([A-Za-z0-9]
hostname_variable	String	Regex: ^[^"~$&+,]255$`	No
ips	List	IP	No
ips_variable	String	Regex: ^[^"~$&+,]255$`	No
optional	Boolean	true, false	No

ipv6_static_routes (sdwan.edge_feature_templates.vpn_templates)

Name	Type	Constraint	Mandatory	Default Value
nat	Choice	NAT64, NAT66	No
nat_variable	String	Regex: ^[^"~$&+,]255$`	No
next_hop_null0	Boolean	true, false	No
next_hop_dia	Boolean	true, false	No
next_hops	List	[next_hops]	No
optional	Boolean	true, false	No
prefix	IP		No
prefix_variable	String	Regex: ^[^"~$&+,]255$`	No

nat_pools (sdwan.edge_feature_templates.vpn_templates)

Name	Type	Constraint	Mandatory	Default Value
direction	Choice	inside, outside	No
direction_variable	String	Regex: ^[^"~$&+,]255$`	No
id	Integer	min: 1, max: 31	No
id_variable	String	Regex: ^[^"~$&+,]255$`	No
overload	Boolean	true, false	No
overload_variable	String	Regex: ^[^"~$&+,]255$`	No
prefix_length	Integer	min: 1, max: 31	No
prefix_length_variable	String	Regex: ^[^"~$&+,]255$`	No
range_start	IP		No
range_start_variable	String	Regex: ^[^"~$&+,]255$`	No
range_end	IP		No
range_end_variable	String	Regex: ^[^"~$&+,]255$`	No
tracker_id	Integer	min: 1, max: 1000	No
tracker_id_variable	String	Regex: ^[^"~$&+,]255$`	No

nat64_pools (sdwan.edge_feature_templates.vpn_templates)

Name	Type	Constraint	Mandatory	Default Value
name	String	min: 1, max: 32	Yes
overload	Boolean	true, false	No
overload_variable	String	Regex: ^[^"~$&+,]255$`	No
range_start	IP		No
range_start_variable	String	Regex: ^[^"~$&+,]255$`	No
range_end	IP		No
range_end_variable	String	Regex: ^[^"~$&+,]255$`	No

omp_advertise_ipv4_routes (sdwan.edge_feature_templates.vpn_templates)

Name	Type	Constraint	Mandatory	Default Value
networks	List	[networks]	No
protocol	Choice	bgp, ospf, ospfv3, connected, static, network, aggregate, eigrp, lisp, isis	No
protocol_variable	String	Regex: ^[^"~$&+,]255$`	No
route_policy	String	min: 1, max: 127	No
route_policy_variable	String	Regex: ^[^"~$&+,]255$`	No

omp_advertise_ipv6_routes (sdwan.edge_feature_templates.vpn_templates)

Name	Type	Constraint	Mandatory	Default Value
networks	List	[networks]	No
protocol	Choice	bgp, ospf, connected, static, network, aggregate	No
protocol_variable	String	Regex: ^[^"~$&+,]255$`	No
route_policy	String	min: 1, max: 127	No
route_policy_variable	String	Regex: ^[^"~$&+,]255$`	No

port_forwarding_rules (sdwan.edge_feature_templates.vpn_templates)

Name	Type	Constraint	Mandatory	Default Value
nat_pool_id	Integer	min: 1, max: 31	No
nat_pool_id_variable	String	Regex: ^[^"~$&+,]255$`	No
protocol	Choice	tcp, udp	No
protocol_variable	String	Regex: ^[^"~$&+,]255$`	No
source_ip	IP		No
source_ip_variable	String	Regex: ^[^"~$&+,]255$`	No
source_port	Integer	min: 1, max: 65535	No
source_port_variable	String	Regex: ^[^"~$&+,]255$`	No
translate_ip	IP		No
translate_ip_variable	String	Regex: ^[^"~$&+,]255$`	No
translate_port	Integer	min: 1, max: 65535	No
translate_port_variable	String	Regex: ^[^"~$&+,]255$`	No

route_global_exports (sdwan.edge_feature_templates.vpn_templates)

Name	Type	Constraint	Mandatory	Default Value
protocol	Choice	static, connected, bgp, ospf	No
protocol_variable	String	Regex: ^[^"~$&+,]255$`	No
route_policy	String		No
redistributes	List	[redistributes]	No

route_global_imports (sdwan.edge_feature_templates.vpn_templates)

Name	Type	Constraint	Mandatory	Default Value
protocol	Choice	static, connected, bgp, eigrp, ospf	No
protocol_variable	String	Regex: ^[^"~$&+,]255$`	No
route_policy	String		No
redistributes	List	[redistributes]	No

route_vpn_imports (sdwan.edge_feature_templates.vpn_templates)

Name	Type	Constraint	Mandatory	Default Value
protocol	Choice	static, connected, bgp, eigrp, ospf	No
protocol_variable	String	Regex: ^[^"~$&+,]255$`	No
route_policy	String		No
route_policy_variable	String	Regex: ^[^"~$&+,]255$`	No
source_vpn_id	Integer	min: 1, max: 65530	No
source_vpn_id_variable	String	Regex: ^[^"~$&+,]255$`	No
redistributes	List	[redistributes]	No

services (sdwan.edge_feature_templates.vpn_templates)

Name	Type	Constraint	Mandatory	Default Value
addresses	List	IP	No
addresses_variable	String	Regex: ^[^"~$&+,]255$`	No
service_type	Choice	FW, IDS, IDP, netsvc1, netsvc2, netsvc3, netsvc4, TE, appqoe	No
track_enable	Boolean	true, false	No
track_enable_variable	String	Regex: ^[^"~$&+,]255$`	No

static_nat_rules (sdwan.edge_feature_templates.vpn_templates)

Name	Type	Constraint	Mandatory	Default Value
direction	Choice	inside, outside	No
direction_variable	String	Regex: ^[^"~$&+,]255$`	No
nat_pool_id	Integer	min: 1, max: 31	No
nat_pool_id_variable	String	Regex: ^[^"~$&+,]255$`	No
optional	Boolean	true, false	No
source_ip	IP		No
source_ip_variable	String	Regex: ^[^"~$&+,]255$`	No
tracker_id	Integer	min: 1, max: 1000	No
tracker_id_variable	String	Regex: ^[^"~$&+,]255$`	No
translate_ip	IP		No
translate_ip_variable	String	Regex: ^[^"~$&+,]255$`	No

static_nat_subnet_rules (sdwan.edge_feature_templates.vpn_templates)

Name	Type	Constraint	Mandatory	Default Value
direction	Choice	inside, outside	No
direction_variable	String	Regex: ^[^"~$&+,]255$`	No
optional	Boolean	true, false	No
prefix_length	Integer	min: 1, max: 32	No
prefix_length_variable	String	Regex: ^[^"~$&+,]255$`	No
source_ip_subnet	IP		No
source_ip_subnet_variable	String	Regex: ^[^"~$&+,]255$`	No
tracker_id	Integer	min: 1, max: 1000	No
tracker_id_variable	String	Regex: ^[^"~$&+,]255$`	No
translate_ip_subnet	IP		No
translate_ip_subnet_variable	String	Regex: ^[^"~$&+,]255$`	No

next_hops (sdwan.edge_feature_templates.vpn_templates.ipv4_static_routes)

Name	Type	Constraint	Mandatory	Default Value
address	IP		No
address_variable	String	Regex: ^[^"~$&+,]255$`	No
distance	Integer	min: 1, max: 255	No
distance_variable	String	Regex: ^[^"~$&+,]255$`	No

track_next_hops (sdwan.edge_feature_templates.vpn_templates.ipv4_static_routes)

Name	Type	Constraint	Mandatory	Default Value
address	IP		No
address_variable	String	Regex: ^[^"~$&+,]255$`	No
distance	Integer	min: 1, max: 255	No
distance_variable	String	Regex: ^[^"~$&+,]255$`	No
tracker	String	min: 1, max: 128	No
tracker_variable	String	Regex: ^[^"~$&+,]255$`	No

next_hops (sdwan.edge_feature_templates.vpn_templates.ipv6_static_routes)

Name	Type	Constraint	Mandatory	Default Value
address	IP		No
address_variable	String	Regex: ^[^"~$&+,]255$`	No
distance	Integer	min: 1, max: 255	No
distance_variable	String	Regex: ^[^"~$&+,]255$`	No

networks (sdwan.edge_feature_templates.vpn_templates.omp_advertise_ipv4_routes)

Name	Type	Constraint	Mandatory	Default Value
aggregate_only	Boolean	true, false	No
aggregate_only_variable	String	Regex: ^[^"~$&+,]255$`	No
prefix	IP		No
prefix_variable	String	Regex: ^[^"~$&+,]255$`	No
optional	Boolean	true, false	No

networks (sdwan.edge_feature_templates.vpn_templates.omp_advertise_ipv6_routes)

Name	Type	Constraint	Mandatory	Default Value
aggregate_only	Boolean	true, false	No
aggregate_only_variable	String	Regex: ^[^"~$&+,]255$`	No
prefix	IP		No
prefix_variable	String	Regex: ^[^"~$&+,]255$`	No
optional	Boolean	true, false	No

redistributes (sdwan.edge_feature_templates.vpn_templates.route_global_exports)

Name	Type	Constraint	Mandatory	Default Value
protocol	Choice	bgp, eigrp, ospf	No
protocol_variable	String	Regex: ^[^"~$&+,]255$`	No
route_policy	String		No

redistributes (sdwan.edge_feature_templates.vpn_templates.route_global_imports)

Name	Type	Constraint	Mandatory	Default Value
protocol	Choice	bgp, ospf	No
protocol_variable	String	Regex: ^[^"~$&+,]255$`	No
route_policy	String		No

redistributes (sdwan.edge_feature_templates.vpn_templates.route_vpn_imports)

Name	Type	Constraint	Mandatory	Default Value
protocol	Choice	bgp, eigrp, ospf	No
protocol_variable	String	Regex: ^[^"~$&+,]255$`	No
route_policy	String		No
route_policy_variable	String	Regex: ^[^"~$&+,]255$`	No

Examples

sdwan:
  edge_feature_templates:
    vpn_templates:
      - name: FT-CEDGE-VPN0-01
        description: "EDGE VPN0 with static IP settings"
        ipv4_primary_dns_server_variable: vpn0_dns_primary
        ipv4_secondary_dns_server_variable: vpn0_dns_secondary
        enhance_ecmp_keying: true
        ipv4_static_routes:
          - prefix: 0.0.0.0/0
            next_hops:
              - address_variable: vpn0_ipv4_default_route_nexthop1_ip
              - address_variable: vpn0_ipv4_default_route_nexthop2_ip
        vpn_name: VPN0
        vpn_id: 0
      - name: FT-CEDGE-VPN1-01
        description: "EDGE VPN1 with DIA"
        ipv4_primary_dns_server: 1.1.1.1
        ipv4_secondary_dns_server: 1.0.0.1
        ipv4_static_routes:
          - prefix: 0.0.0.0/0
            next_hop_dia: true
        vpn_name: VPN1
        vpn_id: 1
        services:
          - service_type: TE