Transport WAN VPN Feature
Add WAN VPN configuration, including DNS servers, NAT, IPv4 or IPv6 static routes and service routes.
Diagram
Classes
transport_profiles (sdwan.feature_profiles)
| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| wan_vpn | Class | [wan_vpn] | No |
wan_vpn (sdwan.feature_profiles.transport_profiles)
| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| name | String | Regex: ^[^&<>! "]{1,128}$ | No | wan_vpn |
| description | String | No | ||
| enhance_ecmp_keying | Boolean | true, false | No | |
| enhance_ecmp_keying_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| ethernet_interfaces | List | [ethernet_interfaces] | No | |
| host_mappings | List | [host_mappings] | No | |
| ipv4_primary_dns_address | IP | No | ||
| ipv4_primary_dns_address_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| ipv4_secondary_dns_address | IP | No | ||
| ipv4_secondary_dns_address_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| ipv4_static_routes | List | [ipv4_static_routes] | No | |
| ipv6_primary_dns_address | IP | No | ||
| ipv6_primary_dns_address_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| ipv6_secondary_dns_address | IP | No | ||
| ipv6_secondary_dns_address_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| ipv6_static_routes | List | [ipv6_static_routes] | No | |
| nat_64_v4_pools | List | [nat_64_v4_pools] | No | |
| services | List | Choice[TE] | No |
ethernet_interfaces (sdwan.feature_profiles.transport_profiles.wan_vpn)
| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| name | String | Regex: ^[^&<>! "]{1,128}$ | Yes | |
| description | String | No | ||
| adaptive_qos | Boolean | true, false | No | |
| adaptive_qos_period | Integer | min: 1, max: 720 | No | |
| adaptive_qos_period_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| adaptive_qos_shaping_rate_downstream | Class | [adaptive_qos_shaping_rate_downstream] | No | |
| adaptive_qos_shaping_rate_upstream | Class | [adaptive_qos_shaping_rate_upstream] | No | |
| arp_entries | List | [arp_entries] | No | |
| arp_timeout | Integer | min: 0, max: 2147483 | No | |
| arp_timeout_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| auto_detect_bandwidth | Boolean | true, false | No | |
| auto_detect_bandwidth_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| autonegotiate | Boolean | true, false | No | |
| autonegotiate_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| bandwidth_downstream | Integer | min: 1, max: 2147483647 | No | |
| bandwidth_downstream_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| bandwidth_upstream | Integer | min: 1, max: 2147483647 | No | |
| bandwidth_upstream_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| block_non_source_ip | Boolean | true, false | No | |
| block_non_source_ip_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| duplex | Choice | full, half, auto | No | |
| duplex_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| gre_tloc_extension_source_ip | IP | No | ||
| gre_tloc_extension_source_ip_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| gre_tloc_extension_xconnect | String | No | ||
| gre_tloc_extension_xconnect_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| icmp_redirect_disable | Boolean | true, false | No | |
| icmp_redirect_disable_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| interface_description | String | max: 200 | No | |
| interface_description_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| interface_mtu | Integer | min: 1500, max: 9216 | No | |
| interface_mtu_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| interface_name | String | Regex: (ATM|ATM-ACR|AppGigabitEthernet|AppNav-Compress|AppNav-UnCompress|Async|BD-VIF|BDI|CEM|CEM-ACR|Cellular|Dialer|Embedded-Service-Engine|Ethernet|Ethernet-Internal|FastEthernet|FiftyGigabitEthernet|FiveGigabitEthernet|FortyGigabitEthernet|FourHundredGigE|GMPLS|GigabitEthernet|Group-Async|HundredGigE|L2LISP|LISP|Loopback|MFR|Multilink|Port-channel|SM|Serial|Service-Engine|TenGigabitEthernet|Tunnel|TwentyFiveGigE|TwentyFiveGigabitEthernet|TwoGigabitEthernet|TwoHundredGigE|Vif|Virtual-PPP|Virtual-Template|VirtualPortGroup|Vlan|Wlan-GigabitEthernet|nat64|nat66|ntp|nve|ospfv3|overlay|pseudowire|ucse|vasileft|vasiright|vmi)([0-9]*(. ?[1-9][0-9]*)*|[0-9/]+|[0-9]+/[0-9]+/[0-9]+:[0-9]+|[0-9]+/[0-9]+/[0-9]+|[0-9]+/[0-9]+|[0-9]+) | No | |
| interface_name_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| iperf_server | String | No | ||
| iperf_server_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| ip_directed_broadcast | Boolean | true, false | No | |
| ip_directed_broadcast_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| ip_mtu | Integer | min: 576, max: 9216 | No | |
| ip_mtu_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| ipv4_address | IP | No | ||
| ipv4_address_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| ipv4_configuration_type | Choice | dynamic, static | No | static |
| ipv4_dhcp_distance | Integer | min: 1, max: 255 | No | |
| ipv4_dhcp_distance_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| ipv4_dhcp_helpers | List | IP | No | |
| ipv4_dhcp_helpers_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| ipv4_egress_acl | String | No | ||
| ipv4_ingress_acl | String | No | ||
| ipv4_nat | Boolean | true, false | No | |
| ipv4_nat_type | Choice | interface, pool, loopback | No | |
| ipv4_nat_type_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| ipv4_nat_loopback_interface | String | No | ||
| ipv4_nat_loopback_interface_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| ipv4_nat_pool_overload | Boolean | true, false | No | |
| ipv4_nat_pool_overload_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| ipv4_nat_pool_prefix_length | Integer | min: 1, max: 32 | No | |
| ipv4_nat_pool_prefix_length_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| ipv4_nat_pool_range_end | IP | No | ||
| ipv4_nat_pool_range_end_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| ipv4_nat_pool_range_start | IP | No | ||
| ipv4_nat_pool_range_start_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| ipv4_nat_static_entries | List | [ipv4_nat_static_entries] | No | |
| ipv4_nat_tcp_timeout | Integer | min: 1, max: 8947 | No | |
| ipv4_nat_tcp_timeout_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| ipv4_nat_udp_timeout | Integer | min: 1, max: 8947 | No | |
| ipv4_nat_udp_timeout_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| ipv4_secondary_addresses | List | [ipv4_secondary_addresses] | No | |
| ipv4_subnet_mask | Choice | 255.255.255.255, 255.255.255.254, 255.255.255.252, 255.255.255.248, 255.255.255.240, 255.255.255.224, 255.255.255.192, 255.255.255.128, 255.255.255.0, 255.255.254.0, 255.255.252.0, 255.255.248.0, 255.255.240.0, 255.255.224.0, 255.255.192.0, 255.255.128.0, 255.255.0.0, 255.254.0.0, 255.252.0.0, 255.240.0.0, 255.224.0.0, 255.192.0.0, 255.128.0.0, 255.0.0.0, 254.0.0.0, 252.0.0.0, 248.0.0.0, 240.0.0.0, 224.0.0.0, 192.0.0.0, 128.0.0.0, 0.0.0.0 | No | |
| ipv4_subnet_mask_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| ipv4_tracker | String | Regex: ^[^&<>! "]{1,128}$ | No | |
| ipv4_tracker_group | String | Regex: ^[^&<>! "]{1,128}$ | No | |
| ipv6_configuration_type | Choice | dynamic, static, none | No | none |
| ipv6_address | IP | No | ||
| ipv6_address_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| ipv6_egress_acl | String | No | ||
| ipv6_ingress_acl | String | No | ||
| ipv6_nat | Boolean | true, false | No | |
| ipv6_nat_type | Choice | nat64, nat66 | No | |
| ipv6_nat66_static_entries | List | [ipv6_nat66_static_entries] | No | |
| ipv6_secondary_addresses | List | [ipv6_secondary_addresses] | No | |
| ipv6_tracker | String | Regex: ^[^&<>! "]{1,128}$ | No | |
| ipv6_tracker_group | String | Regex: ^[^&<>! "]{1,128}$ | No | |
| load_interval | Integer | min: 30, max: 600 | No | |
| load_interval_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| mac_address | String | Regex: ^(([a-fA-F\d]{2}:){5}[a-fA-F\d]{2})$ | No | |
| mac_address_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| media_type | Choice | auto-select, rj45, sfp | No | |
| media_type_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| service_provider | String | No | ||
| service_provider_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| shutdown | Boolean | true, false | No | |
| shutdown_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| speed | Choice | 10, 100, 1000, 2500, 10000 | No | |
| speed_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| shaping_rate | Integer | min: 8, max: 100000000 | No | |
| shaping_rate_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| tcp_mss | Integer | min: 500, max: 1460 | No | |
| tcp_mss_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| tloc_extension | String | No | ||
| tloc_extension_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| tunnel_interface | Class | [tunnel_interface] | No |
host_mappings (sdwan.feature_profiles.transport_profiles.wan_vpn)
| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| hostname | String | min: 1, max: 32 | No | |
| hostname_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| ips | List | IP | No | |
| ips_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No |
ipv4_static_routes (sdwan.feature_profiles.transport_profiles.wan_vpn)
| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| administrative_distance | Integer | min: 1, max: 255 | No | |
| administrative_distance_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| gateway | Choice | nextHop, dhcp, null0 | No | nextHop |
| network_address | IP | No | ||
| network_address_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| next_hops | List | [next_hops] | No | |
| subnet_mask | Choice | 255.255.255.255, 255.255.255.254, 255.255.255.252, 255.255.255.248, 255.255.255.240, 255.255.255.224, 255.255.255.192, 255.255.255.128, 255.255.255.0, 255.255.254.0, 255.255.252.0, 255.255.248.0, 255.255.240.0, 255.255.224.0, 255.255.192.0, 255.255.128.0, 255.255.0.0, 255.254.0.0, 255.252.0.0, 255.240.0.0, 255.224.0.0, 255.192.0.0, 255.128.0.0, 255.0.0.0, 254.0.0.0, 252.0.0.0, 248.0.0.0, 240.0.0.0, 224.0.0.0, 192.0.0.0, 128.0.0.0, 0.0.0.0 | No | |
| subnet_mask_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No |
ipv6_static_routes (sdwan.feature_profiles.transport_profiles.wan_vpn)
| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| gateway | Choice | nextHop, nat, null0 | No | nextHop |
| nat | Choice | NAT64, NAT66 | No | |
| next_hops | List | [next_hops] | No | |
| prefix | String | Regex: ((^\s*((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:)))(%.+)?\s*(\/)(\b([0-9]{1,2}|1[01][0-9]|12[0-8])\b)$)) | No | |
| prefix_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No |
nat_64_v4_pools (sdwan.feature_profiles.transport_profiles.wan_vpn)
| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| name | String | min: 1, max: 32 | No | |
| name_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| overload | Boolean | true, false | No | |
| overload_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| range_end | IP | No | ||
| range_end_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| range_start | IP | No | ||
| range_start_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No |
adaptive_qos_shaping_rate_downstream (sdwan.feature_profiles.transport_profiles.wan_vpn.ethernet_interfaces)
| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| default | Integer | min: 8, max: 100000000 | No | |
| default_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| maximum | Integer | min: 8, max: 100000000 | No | |
| maximum_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| minimum | Integer | min: 8, max: 100000000 | No | |
| minimum_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No |
adaptive_qos_shaping_rate_upstream (sdwan.feature_profiles.transport_profiles.wan_vpn.ethernet_interfaces)
| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| default | Integer | min: 8, max: 100000000 | No | |
| default_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| maximum | Integer | min: 8, max: 100000000 | No | |
| maximum_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| minimum | Integer | min: 8, max: 100000000 | No | |
| minimum_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No |
arp_entries (sdwan.feature_profiles.transport_profiles.wan_vpn.ethernet_interfaces)
| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| ip_address | IP | No | ||
| ip_address_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| mac_address | String | Regex: ^(([a-fA-F\d]{2}:){5}[a-fA-F\d]{2})$ | No | |
| mac_address_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No |
ipv4_nat_static_entries (sdwan.feature_profiles.transport_profiles.wan_vpn.ethernet_interfaces)
| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| direction | Choice | inside, outside | No | |
| source_ip | IP | No | ||
| source_ip_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| source_vpn_id | Integer | min: 0, max: 65530 | No | |
| source_vpn_id_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| translate_ip | IP | No | ||
| translate_ip_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No |
ipv4_secondary_addresses (sdwan.feature_profiles.transport_profiles.wan_vpn.ethernet_interfaces)
| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| address | IP | No | ||
| address_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| subnet_mask | Choice | 255.255.255.255, 255.255.255.254, 255.255.255.252, 255.255.255.248, 255.255.255.240, 255.255.255.224, 255.255.255.192, 255.255.255.128, 255.255.255.0, 255.255.254.0, 255.255.252.0, 255.255.248.0, 255.255.240.0, 255.255.224.0, 255.255.192.0, 255.255.128.0, 255.255.0.0, 255.254.0.0, 255.252.0.0, 255.240.0.0, 255.224.0.0, 255.192.0.0, 255.128.0.0, 255.0.0.0, 254.0.0.0, 252.0.0.0, 248.0.0.0, 240.0.0.0, 224.0.0.0, 192.0.0.0, 128.0.0.0, 0.0.0.0 | No | |
| subnet_mask_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No |
ipv6_nat66_static_entries (sdwan.feature_profiles.transport_profiles.wan_vpn.ethernet_interfaces)
| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| source_prefix | String | Regex: ((^\s*((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:)))(%.+)?\s*(\/)(\b([0-9]{1,2}|1[01][0-9]|12[0-8])\b)$)) | No | |
| source_prefix_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| source_vpn_id | Integer | min: 0, max: 65530 | No | |
| source_vpn_id_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| translate_prefix | String | Regex: ((^\s*((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:)))(%.+)?\s*(\/)(\b([0-9]{1,2}|1[01][0-9]|12[0-8])\b)$)) | No | |
| translate_prefix_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No |
ipv6_secondary_addresses (sdwan.feature_profiles.transport_profiles.wan_vpn.ethernet_interfaces)
| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| address | IP | No | ||
| address_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No |
tunnel_interface (sdwan.feature_profiles.transport_profiles.wan_vpn.ethernet_interfaces)
| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| allow_service_all | Boolean | true, false | No | |
| allow_service_all_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| allow_service_bfd | Boolean | true, false | No | |
| allow_service_bfd_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| allow_service_bgp | Boolean | true, false | No | |
| allow_service_bgp_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| allow_service_dhcp | Boolean | true, false | No | |
| allow_service_dhcp_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| allow_service_dns | Boolean | true, false | No | |
| allow_service_dns_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| allow_service_https | Boolean | true, false | No | |
| allow_service_https_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| allow_service_icmp | Boolean | true, false | No | |
| allow_service_icmp_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| allow_service_netconf | Boolean | true, false | No | |
| allow_service_netconf_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| allow_service_ntp | Boolean | true, false | No | |
| allow_service_ntp_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| allow_service_ospf | Boolean | true, false | No | |
| allow_service_ospf_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| allow_service_snmp | Boolean | true, false | No | |
| allow_service_snmp_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| allow_service_ssh | Boolean | true, false | No | |
| allow_service_ssh_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| allow_service_stun | Boolean | true, false | No | |
| allow_service_stun_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| bind_loopback_tunnel | String | min: 1, max: 32 | No | |
| bind_loopback_tunnel_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| border | Boolean | true, false | No | |
| border_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| carrier | Choice | default, carrier1, carrier2, carrier3, carrier4, carrier5, carrier6, carrier7, carrier8 | No | |
| carrier_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| clear_dont_fragment | Boolean | true, false | No | |
| clear_dont_fragment_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| color | Choice | 3g, biz-internet, blue, bronze, custom1, custom2, custom3, default, gold, green, lte, metro-ethernet, mpls, public-internet, private1, private2, private3, private4, private5, private6, red, silver | No | |
| color_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| cts_sgt_propagation | Boolean | true, false | No | |
| cts_sgt_propagation_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| exclude_controller_groups | List | Integer[min: 0, max: 100] | No | |
| exclude_controller_groups_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| gre_encapsulation | Boolean | true, false | No | |
| gre_preference | Integer | min: 0, max: 4294967295 | No | |
| gre_preference_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| gre_tunnel_destination_ip | IP | No | ||
| gre_tunnel_destination_ip_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| gre_weight | Integer | min: 1, max: 255 | No | |
| gre_weight_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| group | Integer | min: 1, max: 4294967295 | No | |
| group_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| hello_interval | Integer | min: 100, max: 600000 | No | |
| hello_interval_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| hello_tolerance | Integer | min: 12, max: 6000 | No | |
| hello_tolerance_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| ipsec_encapsulation | Boolean | true, false | No | true |
| ipsec_preference | Integer | min: 0, max: 4294967295 | No | |
| ipsec_preference_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| ipsec_weight | Integer | min: 1, max: 255 | No | |
| ipsec_weight_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| last_resort_circuit | Boolean | true, false | No | |
| last_resort_circuit_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| low_bandwidth_link | Boolean | true, false | No | |
| low_bandwidth_link_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| max_control_connections | Integer | min: 0, max: 100 | No | |
| max_control_connections_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| nat_refresh_interval | Integer | min: 1, max: 60 | No | |
| nat_refresh_interval_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| network_broadcast | Boolean | true, false | No | |
| network_broadcast_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| per_tunnel_qos | Boolean | true, false | No | |
| per_tunnel_qos_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| per_tunnel_qos_bandwidth_percent | Integer | min: 1, max: 100 | No | |
| per_tunnel_qos_bandwidth_percent_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| per_tunnel_qos_mode | Choice | hub, spoke | No | |
| per_tunnel_qos_mode_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| port_hop | Boolean | true, false | No | |
| port_hop_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| restrict | Boolean | true, false | No | |
| restrict_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| tcp_mss | Integer | min: 500, max: 1460 | No | |
| tcp_mss_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| vbond_as_stun_server | Boolean | true, false | No | |
| vbond_as_stun_server_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| vmanage_connection_preference | Integer | min: 0, max: 8 | No | |
| vmanage_connection_preference_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No |
next_hops (sdwan.feature_profiles.transport_profiles.wan_vpn.ipv4_static_routes)
| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| address | IP | No | ||
| address_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| administrative_distance | Integer | min: 1, max: 255 | No | |
| administrative_distance_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No |
next_hops (sdwan.feature_profiles.transport_profiles.wan_vpn.ipv6_static_routes)
| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| address | IP | No | ||
| address_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| administrative_distance | Integer | min: 1, max: 255 | No | |
| administrative_distance_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No |
Examples
Example-1: This example demonstrates how to configure a WAN VPN feature under a transport profile. It configures the static host mapping for the "vbond.local" FQDN and maps it to two IP addresses. It also specifies the IPv4 primary and secondary addresses as variables (these will need to be filled when deploying the configuration to a device that uses the configuration group with this profile). It defines a static default route with two next hops configured as variables. Additionally, it enables enhanced ECMP keying and the Traffic Engineering (TE) service.
sdwan:
feature_profiles:
transport_profiles:
- name: transport
description: this is a test transport profile
wan_vpn:
name: wan_vpn
description: VPN 0 configuration
host_mappings:
- hostname: vbond.local
ips:
- 10.0.0.1
- 10.0.0.2
ipv4_primary_dns_address_variable: vpn0_dns_primary
ipv4_secondary_dns_address_variable: vpn0_dns_secondary
enhance_ecmp_keying: true
ipv4_static_routes:
- network_address: 0.0.0.0
subnet_mask: 0.0.0.0
next_hops:
- address_variable: vpn0_ipv4_default_route_nexthop1_ip
- address_variable: vpn0_ipv4_default_route_nexthop2_ip
services:
- TE