Skip to content
Network as Code

Service LAN VPN Feature

Configure LAN VPN feature.

Diagram

Diagram

Classes

service_profiles (sdwan.feature_profiles)

NameTypeConstraintMandatoryDefault Value
lan_vpnsList[lan_vpns]No

lan_vpns (sdwan.feature_profiles.service_profiles)

NameTypeConstraintMandatoryDefault Value
nameStringRegex: ^[^&<>! "]{1,128}$Yes
descriptionStringNo
gre_routesList[gre_routes]No
host_mappingsList[host_mappings]No
ipsec_routesList[ipsec_routes]No
ipv4_export_route_targetsList[ipv4_export_route_targets]No
ipv4_import_route_targetsList[ipv4_import_route_targets]No
ipv4_omp_admin_distanceIntegermin: 1, max: 255No
ipv4_omp_admin_distance_variableStringRegex: ^[./\[\]a-zA-Z0-9_-]{1,64}$No
ipv4_omp_advertise_routesList[ipv4_omp_advertise_routes]No
ipv4_primary_dns_addressIPNo
ipv4_primary_dns_address_variableStringRegex: ^[./\[\]a-zA-Z0-9_-]{1,64}$No
ipv4_secondary_dns_addressIPNo
ipv4_secondary_dns_address_variableStringRegex: ^[./\[\]a-zA-Z0-9_-]{1,64}$No
ipv4_static_routesList[ipv4_static_routes]No
ipv6_import_route_targetsList[ipv6_import_route_targets]No
ipv6_export_route_targetsList[ipv6_export_route_targets]No
ipv6_omp_admin_distanceIntegermin: 1, max: 255No
ipv6_omp_admin_distance_variableStringRegex: ^[./\[\]a-zA-Z0-9_-]{1,64}$No
ipv6_omp_advertise_routesList[ipv6_omp_advertise_routes]No
ipv6_primary_dns_addressIPNo
ipv6_primary_dns_address_variableStringRegex: ^[./\[\]a-zA-Z0-9_-]{1,64}$No
ipv6_secondary_dns_addressIPNo
ipv6_secondary_dns_address_variableStringRegex: ^[./\[\]a-zA-Z0-9_-]{1,64}$No
ipv6_static_routesList[ipv6_static_routes]No
nat_poolsList[nat_pools]No
nat_port_forwardsList[nat_port_forwards]No
nat64_poolsList[nat64_pools]No
route_leaks_from_globalList[route_leaks_from_global]No
route_leaks_to_globalList[route_leaks_to_global]No
route_leaks_from_serviceList[route_leaks_from_service]No
sdwan_remote_accessBooleantrue, falseNo
servicesList[services]No
service_routesList[service_routes]No
static_nat_entriesList[static_nat_entries]No
vpn_idIntegermin: 0, max: 65527No
vpn_id_variableStringRegex: ^[./\[\]a-zA-Z0-9_-]{1,64}$No
vpn_nameStringmin: 1, max: 244No
vpn_name_variableStringRegex: ^[./\[\]a-zA-Z0-9_-]{1,64}$No

gre_routes (sdwan.feature_profiles.service_profiles.lan_vpns)

NameTypeConstraintMandatoryDefault Value
interfacesListString[Regex: ^(gre|GRE)(.:){0,1}([0-9]*)$]No
interfaces_variableStringRegex: ^[./\[\]a-zA-Z0-9_-]{1,64}$No
network_addressIPNo
network_address_variableStringRegex: ^[./\[\]a-zA-Z0-9_-]{1,64}$No
subnet_maskChoice255.255.255.255, 255.255.255.254, 255.255.255.252, 255.255.255.248, 255.255.255.240, 255.255.255.224, 255.255.255.192, 255.255.255.128, 255.255.255.0, 255.255.254.0, 255.255.252.0, 255.255.248.0, 255.255.240.0, 255.255.224.0, 255.255.192.0, 255.255.128.0, 255.255.0.0, 255.254.0.0, 255.252.0.0, 255.240.0.0, 255.224.0.0, 255.192.0.0, 255.128.0.0, 255.0.0.0, 254.0.0.0, 252.0.0.0, 248.0.0.0, 240.0.0.0, 224.0.0.0, 192.0.0.0, 128.0.0.0, 0.0.0.0No
subnet_mask_variableStringRegex: ^[./\[\]a-zA-Z0-9_-]{1,64}$No

host_mappings (sdwan.feature_profiles.service_profiles.lan_vpns)

NameTypeConstraintMandatoryDefault Value
hostnameStringmin: 1, max: 32No
hostname_variableStringRegex: ^[./\[\]a-zA-Z0-9_-]{1,64}$No
ipsListIPNo
ips_variableStringRegex: ^[./\[\]a-zA-Z0-9_-]{1,64}$No

ipsec_routes (sdwan.feature_profiles.service_profiles.lan_vpns)

NameTypeConstraintMandatoryDefault Value
interfacesListString[Regex: ^(ipsec|IPSEC)(.:){0,1}([0-9]*)$]No
interfaces_variableStringRegex: ^[./\[\]a-zA-Z0-9_-]{1,64}$No
network_addressIPNo
network_address_variableStringRegex: ^[./\[\]a-zA-Z0-9_-]{1,64}$No
subnet_maskChoice255.255.255.255, 255.255.255.254, 255.255.255.252, 255.255.255.248, 255.255.255.240, 255.255.255.224, 255.255.255.192, 255.255.255.128, 255.255.255.0, 255.255.254.0, 255.255.252.0, 255.255.248.0, 255.255.240.0, 255.255.224.0, 255.255.192.0, 255.255.128.0, 255.255.0.0, 255.254.0.0, 255.252.0.0, 255.240.0.0, 255.224.0.0, 255.192.0.0, 255.128.0.0, 255.0.0.0, 254.0.0.0, 252.0.0.0, 248.0.0.0, 240.0.0.0, 224.0.0.0, 192.0.0.0, 128.0.0.0, 0.0.0.0No
subnet_mask_variableStringRegex: ^[./\[\]a-zA-Z0-9_-]{1,64}$No

ipv4_export_route_targets (sdwan.feature_profiles.service_profiles.lan_vpns)

NameTypeConstraintMandatoryDefault Value
route_targetStringRegex: ^(([0-9]+\.[0-9]+)|([0-9]+)|((([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5]))):[0-9]+$No
route_target_variableStringRegex: ^[./\[\]a-zA-Z0-9_-]{1,64}$No

ipv4_import_route_targets (sdwan.feature_profiles.service_profiles.lan_vpns)

NameTypeConstraintMandatoryDefault Value
route_targetStringRegex: ^(([0-9]+\.[0-9]+)|([0-9]+)|((([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5]))):[0-9]+$No
route_target_variableStringRegex: ^[./\[\]a-zA-Z0-9_-]{1,64}$No

ipv4_omp_advertise_routes (sdwan.feature_profiles.service_profiles.lan_vpns)

NameTypeConstraintMandatoryDefault Value
aggregatesList[aggregates]No
networksList[networks]No
protocolChoicebgp, ospf, ospfv3, connected, static, network, aggregate, eigrp, lisp, isisNo
protocol_variableStringRegex: ^[./\[\]a-zA-Z0-9_-]{1,64}$No
route_policyStringRegex: ^[^<! ]{1,128}$No

ipv4_static_routes (sdwan.feature_profiles.service_profiles.lan_vpns)

NameTypeConstraintMandatoryDefault Value
gatewayChoicenexthop, dhcp, null0, vpnNonexthop
network_addressIPNo
network_address_variableStringRegex: ^[./\[\]a-zA-Z0-9_-]{1,64}$No
next_hopsList[next_hops]No
next_hops_with_trackerList[next_hops_with_tracker]No
subnet_maskChoice255.255.255.255, 255.255.255.254, 255.255.255.252, 255.255.255.248, 255.255.255.240, 255.255.255.224, 255.255.255.192, 255.255.255.128, 255.255.255.0, 255.255.254.0, 255.255.252.0, 255.255.248.0, 255.255.240.0, 255.255.224.0, 255.255.192.0, 255.255.128.0, 255.255.0.0, 255.254.0.0, 255.252.0.0, 255.240.0.0, 255.224.0.0, 255.192.0.0, 255.128.0.0, 255.0.0.0, 254.0.0.0, 252.0.0.0, 248.0.0.0, 240.0.0.0, 224.0.0.0, 192.0.0.0, 128.0.0.0, 0.0.0.0No
subnet_mask_variableStringRegex: ^[./\[\]a-zA-Z0-9_-]{1,64}$No

ipv6_import_route_targets (sdwan.feature_profiles.service_profiles.lan_vpns)

NameTypeConstraintMandatoryDefault Value
route_targetStringRegex: ^(([0-9]+\.[0-9]+)|([0-9]+)|((([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5]))):[0-9]+$No
route_target_variableStringRegex: ^[./\[\]a-zA-Z0-9_-]{1,64}$No

ipv6_export_route_targets (sdwan.feature_profiles.service_profiles.lan_vpns)

NameTypeConstraintMandatoryDefault Value
route_targetStringRegex: ^(([0-9]+\.[0-9]+)|([0-9]+)|((([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5]))):[0-9]+$No
route_target_variableStringRegex: ^[./\[\]a-zA-Z0-9_-]{1,64}$No

ipv6_omp_advertise_routes (sdwan.feature_profiles.service_profiles.lan_vpns)

NameTypeConstraintMandatoryDefault Value
aggregatesList[aggregates]No
networksList[networks]No
protocolChoicebgp, ospf, connected, static, network, aggregateNo
protocol_variableStringRegex: ^[./\[\]a-zA-Z0-9_-]{1,64}$No
route_policyStringRegex: ^[^<! ]{1,128}$No

ipv6_static_routes (sdwan.feature_profiles.service_profiles.lan_vpns)

NameTypeConstraintMandatoryDefault Value
gatewayChoicenexthop, nat, null0Nonexthop
natChoicenat64, nat66No
nat_variableStringRegex: ^[./\[\]a-zA-Z0-9_-]{1,64}$No
next_hopsList[next_hops]No
prefixStringRegex: ((^\s*((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:)))(%.+)?\s*(\/)(\b([0-9]{1,2}|1[01][0-9]|12[0-8])\b)$))No
prefix_variableStringRegex: ^[./\[\]a-zA-Z0-9_-]{1,64}$No

nat_pools (sdwan.feature_profiles.service_profiles.lan_vpns)

NameTypeConstraintMandatoryDefault Value
directionChoiceinside, outsideNo
direction_variableStringRegex: ^[./\[\]a-zA-Z0-9_-]{1,64}$No
idIntegermin: 1, max: 32No
id_variableStringRegex: ^[./\[\]a-zA-Z0-9_-]{1,64}$No
overloadBooleantrue, falseNo
overload_variableStringRegex: ^[./\[\]a-zA-Z0-9_-]{1,64}$No
prefix_lengthIntegermin: 1, max: 32No
prefix_length_variableStringRegex: ^[./\[\]a-zA-Z0-9_-]{1,64}$No
range_startIPNo
range_start_variableStringRegex: ^[./\[\]a-zA-Z0-9_-]{1,64}$No
range_endIPNo
range_end_variableStringRegex: ^[./\[\]a-zA-Z0-9_-]{1,64}$No
tracker_objectStringRegex: ^[^<! ]{1,128}$No

nat_port_forwards (sdwan.feature_profiles.service_profiles.lan_vpns)

NameTypeConstraintMandatoryDefault Value
nat_pool_idIntegermin: 1, max: 31No
nat_pool_id_variableStringRegex: ^[./\[\]a-zA-Z0-9_-]{1,64}$No
protocolChoicetcp, udpNo
protocol_variableStringRegex: ^[./\[\]a-zA-Z0-9_-]{1,64}$No
source_ipIPNo
source_ip_variableStringRegex: ^[./\[\]a-zA-Z0-9_-]{1,64}$No
source_portIntegermin: 1, max: 65535No
source_port_variableStringRegex: ^[./\[\]a-zA-Z0-9_-]{1,64}$No
translate_ipIPNo
translate_ip_variableStringRegex: ^[./\[\]a-zA-Z0-9_-]{1,64}$No
translate_portIntegermin: 1, max: 65535No
translate_port_variableStringRegex: ^[./\[\]a-zA-Z0-9_-]{1,64}$No

nat64_pools (sdwan.feature_profiles.service_profiles.lan_vpns)

NameTypeConstraintMandatoryDefault Value
nameStringmin: 1, max: 32No
overloadBooleantrue, falseNo
overload_variableStringRegex: ^[./\[\]a-zA-Z0-9_-]{1,64}$No
range_startIPNo
range_start_variableStringRegex: ^[./\[\]a-zA-Z0-9_-]{1,64}$No
range_endIPNo
range_end_variableStringRegex: ^[./\[\]a-zA-Z0-9_-]{1,64}$No

route_leaks_from_global (sdwan.feature_profiles.service_profiles.lan_vpns)

NameTypeConstraintMandatoryDefault Value
protocolChoicestatic, connected, bgp, ospfNo
protocol_variableStringRegex: ^[./\[\]a-zA-Z0-9_-]{1,64}$No
route_policyStringRegex: ^[^<! ]{1,128}$No
redistributionsList[redistributions]No

route_leaks_to_global (sdwan.feature_profiles.service_profiles.lan_vpns)

NameTypeConstraintMandatoryDefault Value
protocolChoicestatic, connected, bgp, ospfNo
protocol_variableStringRegex: ^[./\[\]a-zA-Z0-9_-]{1,64}$No
route_policyStringRegex: ^[^<! ]{1,128}$No
redistributionsList[redistributions]No

route_leaks_from_service (sdwan.feature_profiles.service_profiles.lan_vpns)

NameTypeConstraintMandatoryDefault Value
source_vpnIntegermin: 0, max: 65530No
source_vpn_variableStringRegex: ^[./\[\]a-zA-Z0-9_-]{1,64}$No
protocolChoicestatic, connected, bgp, ospfNo
protocol_variableStringRegex: ^[./\[\]a-zA-Z0-9_-]{1,64}$No
route_policyStringRegex: ^[^<! ]{1,128}$No
redistributionsList[redistributions]No

services (sdwan.feature_profiles.service_profiles.lan_vpns)

NameTypeConstraintMandatoryDefault Value
ipv4_addressesListIPNo
ipv4_addresses_variableStringRegex: ^[./\[\]a-zA-Z0-9_-]{1,64}$No
service_typeChoicefw, ids, idp, netsvc1, netsvc2, netsvc3, netsvc4, te, appqoeNo
service_type_variableStringRegex: ^[./\[\]a-zA-Z0-9_-]{1,64}$No
track_enableBooleantrue, falseNo
track_enable_variableStringRegex: ^[^"~$&+,]255$`No

service_routes (sdwan.feature_profiles.service_profiles.lan_vpns)

NameTypeConstraintMandatoryDefault Value
network_addressIPNo
network_address_variableStringRegex: ^[./\[\]a-zA-Z0-9_-]{1,64}$No
subnet_maskChoice255.255.255.255, 255.255.255.254, 255.255.255.252, 255.255.255.248, 255.255.255.240, 255.255.255.224, 255.255.255.192, 255.255.255.128, 255.255.255.0, 255.255.254.0, 255.255.252.0, 255.255.248.0, 255.255.240.0, 255.255.224.0, 255.255.192.0, 255.255.128.0, 255.255.0.0, 255.254.0.0, 255.252.0.0, 255.240.0.0, 255.224.0.0, 255.192.0.0, 255.128.0.0, 255.0.0.0, 254.0.0.0, 252.0.0.0, 248.0.0.0, 240.0.0.0, 224.0.0.0, 192.0.0.0, 128.0.0.0, 0.0.0.0No
subnet_mask_variableStringRegex: ^[./\[\]a-zA-Z0-9_-]{1,64}$No
serviceChoicesigNo

static_nat_entries (sdwan.feature_profiles.service_profiles.lan_vpns)

NameTypeConstraintMandatoryDefault Value
directionChoiceinside, outsideNo
direction_variableStringRegex: ^[./\[\]a-zA-Z0-9_-]{1,64}$No
nat_pool_idIntegermin: 1, max: 32No
nat_pool_id_variableStringRegex: ^[./\[\]a-zA-Z0-9_-]{1,64}$No
source_ipIPNo
source_ip_variableStringRegex: ^[./\[\]a-zA-Z0-9_-]{1,64}$No
tracker_objectStringRegex: ^[^<! ]{1,128}$No
translate_ipIPNo
translate_ip_variableStringRegex: ^[./\[\]a-zA-Z0-9_-]{1,64}$No

aggregates (sdwan.feature_profiles.service_profiles.lan_vpns.ipv4_omp_advertise_routes)

NameTypeConstraintMandatoryDefault Value
aggregate_addressIPNo
aggregate_address_variableStringRegex: ^[./\[\]a-zA-Z0-9_-]{1,64}$No
aggregate_onlyBooleantrue, falseNo
subnet_maskChoice255.255.255.255, 255.255.255.254, 255.255.255.252, 255.255.255.248, 255.255.255.240, 255.255.255.224, 255.255.255.192, 255.255.255.128, 255.255.255.0, 255.255.254.0, 255.255.252.0, 255.255.248.0, 255.255.240.0, 255.255.224.0, 255.255.192.0, 255.255.128.0, 255.255.0.0, 255.254.0.0, 255.252.0.0, 255.240.0.0, 255.224.0.0, 255.192.0.0, 255.128.0.0, 255.0.0.0, 254.0.0.0, 252.0.0.0, 248.0.0.0, 240.0.0.0, 224.0.0.0, 192.0.0.0, 128.0.0.0, 0.0.0.0No
subnet_mask_variableStringRegex: ^[./\[\]a-zA-Z0-9_-]{1,64}$No
regionChoiceaccess, core, core-and-accessNo
region_variableStringRegex: ^[./\[\]a-zA-Z0-9_-]{1,64}$No

networks (sdwan.feature_profiles.service_profiles.lan_vpns.ipv4_omp_advertise_routes)

NameTypeConstraintMandatoryDefault Value
network_addressIPNo
network_address_variableStringRegex: ^[./\[\]a-zA-Z0-9_-]{1,64}$No
subnet_maskChoice255.255.255.255, 255.255.255.254, 255.255.255.252, 255.255.255.248, 255.255.255.240, 255.255.255.224, 255.255.255.192, 255.255.255.128, 255.255.255.0, 255.255.254.0, 255.255.252.0, 255.255.248.0, 255.255.240.0, 255.255.224.0, 255.255.192.0, 255.255.128.0, 255.255.0.0, 255.254.0.0, 255.252.0.0, 255.240.0.0, 255.224.0.0, 255.192.0.0, 255.128.0.0, 255.0.0.0, 254.0.0.0, 252.0.0.0, 248.0.0.0, 240.0.0.0, 224.0.0.0, 192.0.0.0, 128.0.0.0, 0.0.0.0No
regionChoiceaccess, core, core-and-accessNo
region_variableStringRegex: ^[./\[\]a-zA-Z0-9_-]{1,64}$No

next_hops (sdwan.feature_profiles.service_profiles.lan_vpns.ipv4_static_routes)

NameTypeConstraintMandatoryDefault Value
addressIPNo
address_variableStringRegex: ^[./\[\]a-zA-Z0-9_-]{1,64}$No
administrative_distanceIntegermin: 1, max: 255No
administrative_distance_variableStringRegex: ^[./\[\]a-zA-Z0-9_-]{1,64}$No

next_hops_with_tracker (sdwan.feature_profiles.service_profiles.lan_vpns.ipv4_static_routes)

NameTypeConstraintMandatoryDefault Value
addressIPNo
address_variableStringRegex: ^[./\[\]a-zA-Z0-9_-]{1,64}$No
administrative_distanceIntegermin: 1, max: 255No
administrative_distance_variableStringRegex: ^[./\[\]a-zA-Z0-9_-]{1,64}$No
trackerStringRegex: ^[^<! ]{1,128}$No

aggregates (sdwan.feature_profiles.service_profiles.lan_vpns.ipv6_omp_advertise_routes)

NameTypeConstraintMandatoryDefault Value
aggregate_prefixIPNo
aggregate_prefix_variableStringRegex: ^[./\[\]a-zA-Z0-9_-]{1,64}$No
aggregate_onlyBooleantrue, falseNo
regionChoiceaccess, core, core-and-accessNo
region_variableStringRegex: ^[./\[\]a-zA-Z0-9_-]{1,64}$No

networks (sdwan.feature_profiles.service_profiles.lan_vpns.ipv6_omp_advertise_routes)

NameTypeConstraintMandatoryDefault Value
prefixIPNo
prefix_variableStringRegex: ^[./\[\]a-zA-Z0-9_-]{1,64}$No
regionChoiceaccess, core, core-and-accessNo
region_variableStringRegex: ^[./\[\]a-zA-Z0-9_-]{1,64}$No

next_hops (sdwan.feature_profiles.service_profiles.lan_vpns.ipv6_static_routes)

NameTypeConstraintMandatoryDefault Value
addressIPNo
address_variableStringRegex: ^[./\[\]a-zA-Z0-9_-]{1,64}$No
administrative_distanceIntegermin: 1, max: 255No
administrative_distance_variableStringRegex: ^[./\[\]a-zA-Z0-9_-]{1,64}$No

redistributions (sdwan.feature_profiles.service_profiles.lan_vpns.route_leaks_from_global)

NameTypeConstraintMandatoryDefault Value
protocolChoicebgp, ospfNo
protocol_variableStringRegex: ^[./\[\]a-zA-Z0-9_-]{1,64}$No
route_policyStringRegex: ^[^<! ]{1,128}$No

redistributions (sdwan.feature_profiles.service_profiles.lan_vpns.route_leaks_to_global)

NameTypeConstraintMandatoryDefault Value
protocolChoicebgp, ospfNo
protocol_variableStringRegex: ^[./\[\]a-zA-Z0-9_-]{1,64}$No
route_policyStringRegex: ^[^<! ]{1,128}$No

redistributions (sdwan.feature_profiles.service_profiles.lan_vpns.route_leaks_from_service)

NameTypeConstraintMandatoryDefault Value
protocolChoicebgp, ospfNo
protocol_variableStringRegex: ^[./\[\]a-zA-Z0-9_-]{1,64}$No
route_policyStringRegex: ^[^<! ]{1,128}$No

Examples

Example-1: Basic LAN VPN Configuration

The example below illustrates how to configure a LAN VPN feature within a service profile. It defines the LAN VPN instance, specifying the VPN ID, static IPv4 and IPv6 routes for internal network reachability, OMP route advertisements, DNS server addresses as well as static host mapping.

sdwan:
  feature_profiles:
    service_profiles:
      - name: BRANCH-LAN-VPN20
        description: Branch LAN VPN 20
        lan_vpns:
          - name: BRANCH-LAN-VPN20
            description: Branch LAN VPN for internal users
            vpn_id: 20
            vpn_name: VPN20-LAN
            ipv4_omp_advertise_routes:
              - protocol: connected
              - protocol: static
              - protocol: ospf
                route_policy: route-policy-omp
            ipv4_primary_dns_address: 10.2.1.1
            ipv4_secondary_dns_address: 10.2.1.2
            ipv4_static_routes:
              - network_address: 10.10.10.0
                subnet_mask: 255.255.255.0
                gateway: nexthop
                next_hops:
                  - address: 10.2.1.1
                    administrative_distance: 1
            ipv6_static_routes:
              - prefix: 2001:0:0:2::0/64
                gateway: nexthop
                next_hops:
                  - address: 2001:0:0:1::1
                    administrative_distance: 1
            ipv6_omp_advertise_routes:
              - protocol: connected
              - protocol: static
            ipv6_primary_dns_address: 2001:0:0:1::1
            ipv6_secondary_dns_address: 2001:0:0:2::2
            host_mappings:
              - hostname: fileserver.example
                ips:
                  - 10.20.0.10
            route_leaks_from_global:
              - protocol: connected
                redistributions:
                  - protocol: ospf
                    route_policy: import-from-global