Service LAN VPN Feature
Configure LAN VPN feature.
Diagram
Section titled “Diagram”Classes
Section titled “Classes”service_profiles (sdwan.feature_profiles)
Section titled “service_profiles (sdwan.feature_profiles)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| lan_vpns | List | [lan_vpns] | No |
lan_vpns (sdwan.feature_profiles.service_profiles)
Section titled “lan_vpns (sdwan.feature_profiles.service_profiles)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| name | String | Regex: ^[^&<>! "]{1,128}$ | Yes | |
| description | String | No | ||
| bgp | String | Regex: ^[^&<>! "]{1,128}$ | No | |
| eigrp | String | Regex: ^[^&<>! "]{1,128}$ | No | |
| ethernet_interfaces | List | [ethernet_interfaces] | No | |
| gre_routes | List | [gre_routes] | No | |
| host_mappings | List | [host_mappings] | No | |
| ipsec_routes | List | [ipsec_routes] | No | |
| ipv4_export_route_targets | List | [ipv4_export_route_targets] | No | |
| ipv4_import_route_targets | List | [ipv4_import_route_targets] | No | |
| ipv4_omp_admin_distance | Integer | min: 1, max: 255 | No | |
| ipv4_omp_admin_distance_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| ipv4_omp_advertise_routes | List | [ipv4_omp_advertise_routes] | No | |
| ipv4_primary_dns_address | IP | No | ||
| ipv4_primary_dns_address_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| ipv4_secondary_dns_address | IP | No | ||
| ipv4_secondary_dns_address_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| ipv4_static_routes | List | [ipv4_static_routes] | No | |
| ipv6_import_route_targets | List | [ipv6_import_route_targets] | No | |
| ipv6_export_route_targets | List | [ipv6_export_route_targets] | No | |
| ipv6_omp_admin_distance | Integer | min: 1, max: 255 | No | |
| ipv6_omp_admin_distance_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| ipv6_omp_advertise_routes | List | [ipv6_omp_advertise_routes] | No | |
| ipv6_primary_dns_address | IP | No | ||
| ipv6_primary_dns_address_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| ipv6_secondary_dns_address | IP | No | ||
| ipv6_secondary_dns_address_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| ipv6_static_routes | List | [ipv6_static_routes] | No | |
| nat_pools | List | [nat_pools] | No | |
| nat_port_forwards | List | [nat_port_forwards] | No | |
| nat64_pools | List | [nat64_pools] | No | |
| ospf | String | Regex: ^[^&<>! "]{1,128}$ | No | |
| route_leaks_from_global | List | [route_leaks_from_global] | No | |
| route_leaks_to_global | List | [route_leaks_to_global] | No | |
| route_leaks_from_service | List | [route_leaks_from_service] | No | |
| sdwan_remote_access | Boolean | true, false | No | |
| services | List | [services] | No | |
| service_routes | List | [service_routes] | No | |
| static_nat_entries | List | [static_nat_entries] | No | |
| vpn_id | Integer | min: 0, max: 65527 | No | |
| vpn_id_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| vpn_name | String | min: 1, max: 244 | No | |
| vpn_name_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No |
ethernet_interfaces (sdwan.feature_profiles.service_profiles.lan_vpns)
Section titled “ethernet_interfaces (sdwan.feature_profiles.service_profiles.lan_vpns)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| name | String | Regex: ^[^&<>! "]{1,128}$ | Yes | |
| description | String | No | ||
| arp_entries | List | [arp_entries] | No | |
| arp_timeout | Integer | min: 0, max: 2147483 | No | |
| arp_timeout_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| autonegotiate | Boolean | true, false | No | |
| autonegotiate_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| dhcp_server | String | Regex: ^[^&<>! "]{1,128}$ | No | |
| duplex | Choice | full, half, auto | No | |
| duplex_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| icmp_redirect_disable | Boolean | true, false | No | |
| icmp_redirect_disable_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| interface_description | String | max: 200 | No | |
| interface_description_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| interface_mtu | Integer | min: 1500, max: 9216 | No | |
| interface_mtu_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| interface_name | String | Regex: (ATM|ATM-ACR|AppGigabitEthernet|AppNav-Compress|AppNav-UnCompress|Async|BD-VIF|BDI|CEM|CEM-ACR|Cellular|Dialer|Embedded-Service-Engine|Ethernet|Ethernet-Internal|FastEthernet|FiftyGigabitEthernet|FiveGigabitEthernet|FortyGigabitEthernet|FourHundredGigE|GMPLS|GigabitEthernet|Group-Async|HundredGigE|L2LISP|LISP|Loopback|MFR|Multilink|Port-channel|SM|Serial|Service-Engine|TenGigabitEthernet|Tunnel|TwentyFiveGigE|TwentyFiveGigabitEthernet|TwoGigabitEthernet|TwoHundredGigE|Vif|Virtual-PPP|Virtual-Template|VirtualPortGroup|Vlan|Wlan-GigabitEthernet|nat64|nat66|ntp|nve|ospfv3|overlay|pseudowire|ucse|vasileft|vasiright|vmi)([0-9]*(. ?[1-9][0-9]*)*|[0-9/]+|[0-9]+/[0-9]+/[0-9]+:[0-9]+|[0-9]+/[0-9]+/[0-9]+|[0-9]+/[0-9]+|[0-9]+) | No | |
| interface_name_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| ip_directed_broadcast | Boolean | true, false | No | |
| ip_directed_broadcast_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| ip_mtu | Integer | min: 576, max: 9216 | No | |
| ip_mtu_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| ipv4_address | IP | No | ||
| ipv4_address_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| ipv4_configuration_type | Choice | dynamic, static | No | static |
| ipv4_dhcp_distance | Integer | min: 1, max: 255 | No | |
| ipv4_dhcp_distance_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| ipv4_dhcp_helpers | List | IP | No | |
| ipv4_dhcp_helpers_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| ipv4_egress_acl | String | No | ||
| ipv4_ingress_acl | String | No | ||
| ipv4_secondary_addresses | List | [ipv4_secondary_addresses] | No | |
| ipv4_subnet_mask | Choice | 255.255.255.255, 255.255.255.254, 255.255.255.252, 255.255.255.248, 255.255.255.240, 255.255.255.224, 255.255.255.192, 255.255.255.128, 255.255.255.0, 255.255.254.0, 255.255.252.0, 255.255.248.0, 255.255.240.0, 255.255.224.0, 255.255.192.0, 255.255.128.0, 255.255.0.0, 255.254.0.0, 255.252.0.0, 255.240.0.0, 255.224.0.0, 255.192.0.0, 255.128.0.0, 255.0.0.0, 254.0.0.0, 252.0.0.0, 248.0.0.0, 240.0.0.0, 224.0.0.0, 192.0.0.0, 128.0.0.0, 0.0.0.0 | No | |
| ipv4_subnet_mask_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| ipv4_tracker | String | Regex: ^[^&<>! "]{1,128}$ | No | |
| ipv4_tracker_group | String | Regex: ^[^&<>! "]{1,128}$ | No | |
| ipv4_vrrp_groups | List | [ipv4_vrrp_groups] | No | |
| ipv6_configuration_type | Choice | dynamic, static, none | No | none |
| ipv6_address | IP | No | ||
| ipv6_address_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| ipv6_dhcp_helpers | List | [ipv6_dhcp_helpers] | No | |
| ipv6_dhcp_secondary_addresses | List | [ipv6_dhcp_secondary_addresses] | No | |
| ipv6_secondary_addresses | List | [ipv6_secondary_addresses] | No | |
| ipv6_vrrp_groups | List | [ipv6_vrrp_groups] | No | |
| load_interval | Integer | min: 30, max: 600 | No | |
| load_interval_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| mac_address | String | Regex: ^(([a-fA-F\d]{2}:){5}[a-fA-F\d]{2})$ | No | |
| mac_address_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| media_type | Choice | auto-select, rj45, sfp | No | |
| media_type_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| shutdown | Boolean | true, false | No | |
| shutdown_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| speed | Choice | 10, 100, 1000, 2500, 10000 | No | |
| speed_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| shaping_rate | Integer | min: 8, max: 100000000 | No | |
| shaping_rate_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| tcp_mss | Integer | min: 500, max: 1460 | No | |
| tcp_mss_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| trustsec_enable_enforced_propogation | Boolean | true, false | No | |
| trustsec_enable_sgt_propogation | Boolean | true, false | No | |
| trustsec_sgt | Integer | min: 2, max: 65519 | No | |
| trustsec_sgt_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| trustsec_propogate | Boolean | true, false | No | |
| trustsec_enforced_sgt | Integer | min: 2, max: 65519 | No | |
| trustsec_enforced_sgt_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| xconnect | String | No | ||
| xconnect_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No |
gre_routes (sdwan.feature_profiles.service_profiles.lan_vpns)
Section titled “gre_routes (sdwan.feature_profiles.service_profiles.lan_vpns)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| interfaces | List | String[Regex: ^(gre|GRE)(.:){0,1}([0-9]*)$] | No | |
| interfaces_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| network_address | IP | No | ||
| network_address_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| subnet_mask | Choice | 255.255.255.255, 255.255.255.254, 255.255.255.252, 255.255.255.248, 255.255.255.240, 255.255.255.224, 255.255.255.192, 255.255.255.128, 255.255.255.0, 255.255.254.0, 255.255.252.0, 255.255.248.0, 255.255.240.0, 255.255.224.0, 255.255.192.0, 255.255.128.0, 255.255.0.0, 255.254.0.0, 255.252.0.0, 255.240.0.0, 255.224.0.0, 255.192.0.0, 255.128.0.0, 255.0.0.0, 254.0.0.0, 252.0.0.0, 248.0.0.0, 240.0.0.0, 224.0.0.0, 192.0.0.0, 128.0.0.0, 0.0.0.0 | No | |
| subnet_mask_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No |
host_mappings (sdwan.feature_profiles.service_profiles.lan_vpns)
Section titled “host_mappings (sdwan.feature_profiles.service_profiles.lan_vpns)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| hostname | String | min: 1, max: 32 | No | |
| hostname_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| ips | List | IP | No | |
| ips_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No |
ipsec_routes (sdwan.feature_profiles.service_profiles.lan_vpns)
Section titled “ipsec_routes (sdwan.feature_profiles.service_profiles.lan_vpns)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| interfaces | List | String[Regex: ^(ipsec|IPSEC)(.:){0,1}([0-9]*)$] | No | |
| interfaces_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| network_address | IP | No | ||
| network_address_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| subnet_mask | Choice | 255.255.255.255, 255.255.255.254, 255.255.255.252, 255.255.255.248, 255.255.255.240, 255.255.255.224, 255.255.255.192, 255.255.255.128, 255.255.255.0, 255.255.254.0, 255.255.252.0, 255.255.248.0, 255.255.240.0, 255.255.224.0, 255.255.192.0, 255.255.128.0, 255.255.0.0, 255.254.0.0, 255.252.0.0, 255.240.0.0, 255.224.0.0, 255.192.0.0, 255.128.0.0, 255.0.0.0, 254.0.0.0, 252.0.0.0, 248.0.0.0, 240.0.0.0, 224.0.0.0, 192.0.0.0, 128.0.0.0, 0.0.0.0 | No | |
| subnet_mask_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No |
ipv4_export_route_targets (sdwan.feature_profiles.service_profiles.lan_vpns)
Section titled “ipv4_export_route_targets (sdwan.feature_profiles.service_profiles.lan_vpns)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| route_target | String | Regex: ^(([0-9]+\.[0-9]+)|([0-9]+)|((([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5]))):[0-9]+$ | No | |
| route_target_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No |
ipv4_import_route_targets (sdwan.feature_profiles.service_profiles.lan_vpns)
Section titled “ipv4_import_route_targets (sdwan.feature_profiles.service_profiles.lan_vpns)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| route_target | String | Regex: ^(([0-9]+\.[0-9]+)|([0-9]+)|((([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5]))):[0-9]+$ | No | |
| route_target_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No |
ipv4_omp_advertise_routes (sdwan.feature_profiles.service_profiles.lan_vpns)
Section titled “ipv4_omp_advertise_routes (sdwan.feature_profiles.service_profiles.lan_vpns)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| aggregates | List | [aggregates] | No | |
| networks | List | [networks] | No | |
| protocol | Choice | bgp, ospf, ospfv3, connected, static, network, aggregate, eigrp, lisp, isis | No | |
| protocol_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| route_policy | String | Regex: ^[^<! ]{1,128}$ | No |
ipv4_static_routes (sdwan.feature_profiles.service_profiles.lan_vpns)
Section titled “ipv4_static_routes (sdwan.feature_profiles.service_profiles.lan_vpns)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| gateway | Choice | nexthop, dhcp, null0, vpn | No | nexthop |
| network_address | IP | No | ||
| network_address_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| next_hops | List | [next_hops] | No | |
| next_hops_with_tracker | List | [next_hops_with_tracker] | No | |
| subnet_mask | Choice | 255.255.255.255, 255.255.255.254, 255.255.255.252, 255.255.255.248, 255.255.255.240, 255.255.255.224, 255.255.255.192, 255.255.255.128, 255.255.255.0, 255.255.254.0, 255.255.252.0, 255.255.248.0, 255.255.240.0, 255.255.224.0, 255.255.192.0, 255.255.128.0, 255.255.0.0, 255.254.0.0, 255.252.0.0, 255.240.0.0, 255.224.0.0, 255.192.0.0, 255.128.0.0, 255.0.0.0, 254.0.0.0, 252.0.0.0, 248.0.0.0, 240.0.0.0, 224.0.0.0, 192.0.0.0, 128.0.0.0, 0.0.0.0 | No | |
| subnet_mask_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No |
ipv6_import_route_targets (sdwan.feature_profiles.service_profiles.lan_vpns)
Section titled “ipv6_import_route_targets (sdwan.feature_profiles.service_profiles.lan_vpns)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| route_target | String | Regex: ^(([0-9]+\.[0-9]+)|([0-9]+)|((([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5]))):[0-9]+$ | No | |
| route_target_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No |
ipv6_export_route_targets (sdwan.feature_profiles.service_profiles.lan_vpns)
Section titled “ipv6_export_route_targets (sdwan.feature_profiles.service_profiles.lan_vpns)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| route_target | String | Regex: ^(([0-9]+\.[0-9]+)|([0-9]+)|((([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5]))):[0-9]+$ | No | |
| route_target_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No |
ipv6_omp_advertise_routes (sdwan.feature_profiles.service_profiles.lan_vpns)
Section titled “ipv6_omp_advertise_routes (sdwan.feature_profiles.service_profiles.lan_vpns)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| aggregates | List | [aggregates] | No | |
| networks | List | [networks] | No | |
| protocol | Choice | bgp, ospf, connected, static, network, aggregate | No | |
| protocol_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| route_policy | String | Regex: ^[^<! ]{1,128}$ | No |
ipv6_static_routes (sdwan.feature_profiles.service_profiles.lan_vpns)
Section titled “ipv6_static_routes (sdwan.feature_profiles.service_profiles.lan_vpns)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| gateway | Choice | nexthop, nat, null0 | No | nexthop |
| nat | Choice | nat64, nat66 | No | |
| nat_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| next_hops | List | [next_hops] | No | |
| prefix | String | Regex: ((^\s*((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:)))(%.+)?\s*(\/)(\b([0-9]{1,2}|1[01][0-9]|12[0-8])\b)$)) | No | |
| prefix_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No |
nat_pools (sdwan.feature_profiles.service_profiles.lan_vpns)
Section titled “nat_pools (sdwan.feature_profiles.service_profiles.lan_vpns)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| direction | Choice | inside, outside | No | |
| direction_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| id | Integer | min: 1, max: 32 | No | |
| id_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| overload | Boolean | true, false | No | |
| overload_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| prefix_length | Integer | min: 1, max: 32 | No | |
| prefix_length_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| range_start | IP | No | ||
| range_start_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| range_end | IP | No | ||
| range_end_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| tracker_object | String | Regex: ^[^<! ]{1,128}$ | No |
nat_port_forwards (sdwan.feature_profiles.service_profiles.lan_vpns)
Section titled “nat_port_forwards (sdwan.feature_profiles.service_profiles.lan_vpns)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| nat_pool_id | Integer | min: 1, max: 31 | No | |
| nat_pool_id_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| protocol | Choice | tcp, udp | No | |
| protocol_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| source_ip | IP | No | ||
| source_ip_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| source_port | Integer | min: 1, max: 65535 | No | |
| source_port_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| translate_ip | IP | No | ||
| translate_ip_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| translate_port | Integer | min: 1, max: 65535 | No | |
| translate_port_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No |
nat64_pools (sdwan.feature_profiles.service_profiles.lan_vpns)
Section titled “nat64_pools (sdwan.feature_profiles.service_profiles.lan_vpns)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| name | String | min: 1, max: 32 | No | |
| name_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| overload | Boolean | true, false | No | |
| overload_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| range_start | IP | No | ||
| range_start_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| range_end | IP | No | ||
| range_end_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No |
route_leaks_from_global (sdwan.feature_profiles.service_profiles.lan_vpns)
Section titled “route_leaks_from_global (sdwan.feature_profiles.service_profiles.lan_vpns)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| protocol | Choice | static, connected, bgp, ospf | No | |
| protocol_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| route_policy | String | Regex: ^[^<! ]{1,128}$ | No | |
| redistributions | List | [redistributions] | No |
route_leaks_to_global (sdwan.feature_profiles.service_profiles.lan_vpns)
Section titled “route_leaks_to_global (sdwan.feature_profiles.service_profiles.lan_vpns)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| protocol | Choice | static, connected, bgp, ospf | No | |
| protocol_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| route_policy | String | Regex: ^[^<! ]{1,128}$ | No | |
| redistributions | List | [redistributions] | No |
route_leaks_from_service (sdwan.feature_profiles.service_profiles.lan_vpns)
Section titled “route_leaks_from_service (sdwan.feature_profiles.service_profiles.lan_vpns)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| source_vpn | Integer | min: 0, max: 65530 | No | |
| source_vpn_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| protocol | Choice | static, connected, bgp, ospf | No | |
| protocol_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| route_policy | String | Regex: ^[^<! ]{1,128}$ | No | |
| redistributions | List | [redistributions] | No |
services (sdwan.feature_profiles.service_profiles.lan_vpns)
Section titled “services (sdwan.feature_profiles.service_profiles.lan_vpns)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| ipv4_addresses | List | IP | No | |
| ipv4_addresses_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| service_type | Choice | fw, ids, idp, netsvc1, netsvc2, netsvc3, netsvc4, te, appqoe | No | |
| service_type_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| track_enable | Boolean | true, false | No | |
| track_enable_variable | String | Regex: ^[^"~$&+,]255$` | No |
service_routes (sdwan.feature_profiles.service_profiles.lan_vpns)
Section titled “service_routes (sdwan.feature_profiles.service_profiles.lan_vpns)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| network_address | IP | No | ||
| network_address_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| subnet_mask | Choice | 255.255.255.255, 255.255.255.254, 255.255.255.252, 255.255.255.248, 255.255.255.240, 255.255.255.224, 255.255.255.192, 255.255.255.128, 255.255.255.0, 255.255.254.0, 255.255.252.0, 255.255.248.0, 255.255.240.0, 255.255.224.0, 255.255.192.0, 255.255.128.0, 255.255.0.0, 255.254.0.0, 255.252.0.0, 255.240.0.0, 255.224.0.0, 255.192.0.0, 255.128.0.0, 255.0.0.0, 254.0.0.0, 252.0.0.0, 248.0.0.0, 240.0.0.0, 224.0.0.0, 192.0.0.0, 128.0.0.0, 0.0.0.0 | No | |
| subnet_mask_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| service | Choice | sig | No | |
| service_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No |
static_nat_entries (sdwan.feature_profiles.service_profiles.lan_vpns)
Section titled “static_nat_entries (sdwan.feature_profiles.service_profiles.lan_vpns)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| direction | Choice | inside, outside | No | |
| direction_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| nat_pool_id | Integer | min: 1, max: 32 | No | |
| nat_pool_id_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| source_ip | IP | No | ||
| source_ip_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| tracker_object | String | Regex: ^[^<! ]{1,128}$ | No | |
| translate_ip | IP | No | ||
| translate_ip_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No |
arp_entries (sdwan.feature_profiles.service_profiles.lan_vpns.ethernet_interfaces)
Section titled “arp_entries (sdwan.feature_profiles.service_profiles.lan_vpns.ethernet_interfaces)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| ip_address | IP | No | ||
| ip_address_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| mac_address | String | Regex: ^(([a-fA-F\d]{2}:){5}[a-fA-F\d]{2})$ | No | |
| mac_address_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No |
ipv4_secondary_addresses (sdwan.feature_profiles.service_profiles.lan_vpns.ethernet_interfaces)
Section titled “ipv4_secondary_addresses (sdwan.feature_profiles.service_profiles.lan_vpns.ethernet_interfaces)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| address | IP | No | ||
| address_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| subnet_mask | Choice | 255.255.255.255, 255.255.255.254, 255.255.255.252, 255.255.255.248, 255.255.255.240, 255.255.255.224, 255.255.255.192, 255.255.255.128, 255.255.255.0, 255.255.254.0, 255.255.252.0, 255.255.248.0, 255.255.240.0, 255.255.224.0, 255.255.192.0, 255.255.128.0, 255.255.0.0, 255.254.0.0, 255.252.0.0, 255.240.0.0, 255.224.0.0, 255.192.0.0, 255.128.0.0, 255.0.0.0, 254.0.0.0, 252.0.0.0, 248.0.0.0, 240.0.0.0, 224.0.0.0, 192.0.0.0, 128.0.0.0, 0.0.0.0 | No | |
| subnet_mask_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No |
ipv4_vrrp_groups (sdwan.feature_profiles.service_profiles.lan_vpns.ethernet_interfaces)
Section titled “ipv4_vrrp_groups (sdwan.feature_profiles.service_profiles.lan_vpns.ethernet_interfaces)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| address | IP | No | ||
| address_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| id | Integer | min: 1, max: 255 | No | |
| id_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| priority | Integer | min: 1, max: 254 | No | |
| priority_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| secondary_addresses | List | [secondary_addresses] | No | |
| timer | Integer | min: 100, max: 40950 | No | |
| timer_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| tloc_preference_change | Boolean | true, false | No | |
| tloc_preference_change_value | Integer | min: 100, max: 4294967295 | No | |
| track_omp | Boolean | true, false | No | |
| tracking_objects | List | [tracking_objects] | No |
ipv6_dhcp_helpers (sdwan.feature_profiles.service_profiles.lan_vpns.ethernet_interfaces)
Section titled “ipv6_dhcp_helpers (sdwan.feature_profiles.service_profiles.lan_vpns.ethernet_interfaces)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| address | IP | No | ||
| address_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| vpn_id | Integer | min: 1, max: 65536 | No | |
| vpn_id_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No |
ipv6_dhcp_secondary_addresses (sdwan.feature_profiles.service_profiles.lan_vpns.ethernet_interfaces)
Section titled “ipv6_dhcp_secondary_addresses (sdwan.feature_profiles.service_profiles.lan_vpns.ethernet_interfaces)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| address | IP | No | ||
| address_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No |
ipv6_secondary_addresses (sdwan.feature_profiles.service_profiles.lan_vpns.ethernet_interfaces)
Section titled “ipv6_secondary_addresses (sdwan.feature_profiles.service_profiles.lan_vpns.ethernet_interfaces)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| address | IP | No | ||
| address_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No |
ipv6_vrrp_groups (sdwan.feature_profiles.service_profiles.lan_vpns.ethernet_interfaces)
Section titled “ipv6_vrrp_groups (sdwan.feature_profiles.service_profiles.lan_vpns.ethernet_interfaces)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| id | Integer | min: 1, max: 255 | No | |
| id_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| global_prefix | IP | No | ||
| global_prefix_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| link_local_address | IP | No | ||
| link_local_address_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| priority | Integer | min: 1, max: 254 | No | |
| priority_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| timer | Integer | min: 100, max: 40950 | No | |
| timer_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| track_omp | Boolean | true, false | No |
aggregates (sdwan.feature_profiles.service_profiles.lan_vpns.ipv4_omp_advertise_routes)
Section titled “aggregates (sdwan.feature_profiles.service_profiles.lan_vpns.ipv4_omp_advertise_routes)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| aggregate_address | IP | No | ||
| aggregate_address_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| aggregate_only | Boolean | true, false | No | |
| subnet_mask | Choice | 255.255.255.255, 255.255.255.254, 255.255.255.252, 255.255.255.248, 255.255.255.240, 255.255.255.224, 255.255.255.192, 255.255.255.128, 255.255.255.0, 255.255.254.0, 255.255.252.0, 255.255.248.0, 255.255.240.0, 255.255.224.0, 255.255.192.0, 255.255.128.0, 255.255.0.0, 255.254.0.0, 255.252.0.0, 255.240.0.0, 255.224.0.0, 255.192.0.0, 255.128.0.0, 255.0.0.0, 254.0.0.0, 252.0.0.0, 248.0.0.0, 240.0.0.0, 224.0.0.0, 192.0.0.0, 128.0.0.0, 0.0.0.0 | No | |
| subnet_mask_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| region | Choice | access, core, core-and-access | No | |
| region_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No |
networks (sdwan.feature_profiles.service_profiles.lan_vpns.ipv4_omp_advertise_routes)
Section titled “networks (sdwan.feature_profiles.service_profiles.lan_vpns.ipv4_omp_advertise_routes)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| network_address | IP | No | ||
| network_address_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| subnet_mask | Choice | 255.255.255.255, 255.255.255.254, 255.255.255.252, 255.255.255.248, 255.255.255.240, 255.255.255.224, 255.255.255.192, 255.255.255.128, 255.255.255.0, 255.255.254.0, 255.255.252.0, 255.255.248.0, 255.255.240.0, 255.255.224.0, 255.255.192.0, 255.255.128.0, 255.255.0.0, 255.254.0.0, 255.252.0.0, 255.240.0.0, 255.224.0.0, 255.192.0.0, 255.128.0.0, 255.0.0.0, 254.0.0.0, 252.0.0.0, 248.0.0.0, 240.0.0.0, 224.0.0.0, 192.0.0.0, 128.0.0.0, 0.0.0.0 | No | |
| subnet_mask_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| region | Choice | access, core, core-and-access | No | |
| region_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No |
next_hops (sdwan.feature_profiles.service_profiles.lan_vpns.ipv4_static_routes)
Section titled “next_hops (sdwan.feature_profiles.service_profiles.lan_vpns.ipv4_static_routes)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| address | IP | No | ||
| address_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| administrative_distance | Integer | min: 1, max: 255 | No | |
| administrative_distance_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No |
next_hops_with_tracker (sdwan.feature_profiles.service_profiles.lan_vpns.ipv4_static_routes)
Section titled “next_hops_with_tracker (sdwan.feature_profiles.service_profiles.lan_vpns.ipv4_static_routes)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| address | IP | No | ||
| address_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| administrative_distance | Integer | min: 1, max: 255 | No | |
| administrative_distance_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| tracker | String | Regex: ^[^<! ]{1,128}$ | No |
aggregates (sdwan.feature_profiles.service_profiles.lan_vpns.ipv6_omp_advertise_routes)
Section titled “aggregates (sdwan.feature_profiles.service_profiles.lan_vpns.ipv6_omp_advertise_routes)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| aggregate_prefix | IP | No | ||
| aggregate_prefix_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| aggregate_only | Boolean | true, false | No | |
| region | Choice | access, core, core-and-access | No | |
| region_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No |
networks (sdwan.feature_profiles.service_profiles.lan_vpns.ipv6_omp_advertise_routes)
Section titled “networks (sdwan.feature_profiles.service_profiles.lan_vpns.ipv6_omp_advertise_routes)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| prefix | IP | No | ||
| prefix_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| region | Choice | access, core, core-and-access | No | |
| region_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No |
next_hops (sdwan.feature_profiles.service_profiles.lan_vpns.ipv6_static_routes)
Section titled “next_hops (sdwan.feature_profiles.service_profiles.lan_vpns.ipv6_static_routes)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| address | IP | No | ||
| address_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| administrative_distance | Integer | min: 1, max: 255 | No | |
| administrative_distance_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No |
redistributions (sdwan.feature_profiles.service_profiles.lan_vpns.route_leaks_from_global)
Section titled “redistributions (sdwan.feature_profiles.service_profiles.lan_vpns.route_leaks_from_global)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| protocol | Choice | bgp, ospf | No | |
| protocol_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| route_policy | String | Regex: ^[^<! ]{1,128}$ | No |
redistributions (sdwan.feature_profiles.service_profiles.lan_vpns.route_leaks_to_global)
Section titled “redistributions (sdwan.feature_profiles.service_profiles.lan_vpns.route_leaks_to_global)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| protocol | Choice | bgp, ospf | No | |
| protocol_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| route_policy | String | Regex: ^[^<! ]{1,128}$ | No |
redistributions (sdwan.feature_profiles.service_profiles.lan_vpns.route_leaks_from_service)
Section titled “redistributions (sdwan.feature_profiles.service_profiles.lan_vpns.route_leaks_from_service)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| protocol | Choice | bgp, ospf | No | |
| protocol_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| route_policy | String | Regex: ^[^<! ]{1,128}$ | No |
secondary_addresses (sdwan.feature_profiles.service_profiles.lan_vpns.ethernet_interfaces.ipv4_vrrp_groups)
Section titled “secondary_addresses (sdwan.feature_profiles.service_profiles.lan_vpns.ethernet_interfaces.ipv4_vrrp_groups)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| address | IP | No | ||
| address_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| subnet_mask | Choice | 255.255.255.255, 255.255.255.254, 255.255.255.252, 255.255.255.248, 255.255.255.240, 255.255.255.224, 255.255.255.192, 255.255.255.128, 255.255.255.0, 255.255.254.0, 255.255.252.0, 255.255.248.0, 255.255.240.0, 255.255.224.0, 255.255.192.0, 255.255.128.0, 255.255.0.0, 255.254.0.0, 255.252.0.0, 255.240.0.0, 255.224.0.0, 255.192.0.0, 255.128.0.0, 255.0.0.0, 254.0.0.0, 252.0.0.0, 248.0.0.0, 240.0.0.0, 224.0.0.0, 192.0.0.0, 128.0.0.0, 0.0.0.0 | No | |
| subnet_mask_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No |
tracking_objects (sdwan.feature_profiles.service_profiles.lan_vpns.ethernet_interfaces.ipv4_vrrp_groups)
Section titled “tracking_objects (sdwan.feature_profiles.service_profiles.lan_vpns.ethernet_interfaces.ipv4_vrrp_groups)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| action | Choice | decrement, shutdown | No | |
| action_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| decrement_value | Integer | min: 1, max: 255 | No | |
| decrement_value_variable | String | Regex: ^[./\[\]a-zA-Z0-9_-]{1,64}$ | No | |
| tracker_object | String | Regex: ^[^&<>! "]{1,128}$ | No | |
| tracker_object_group | String | Regex: ^[^&<>! "]{1,128}$ | No |
Examples
Section titled “Examples”Example-1: Basic LAN VPN Configuration
The example below illustrates how to configure a LAN VPN feature within a service profile. It defines the LAN VPN instance, specifying the VPN ID, static IPv4 and IPv6 routes for internal network reachability, OMP route advertisements, DNS server addresses as well as static host mapping.
sdwan: feature_profiles: service_profiles: - name: BRANCH-LAN-VPN20 description: Branch LAN VPN 20 lan_vpns: - name: BRANCH-LAN-VPN20 description: Branch LAN VPN for internal users vpn_id: 20 vpn_name: VPN20-LAN ipv4_omp_advertise_routes: - protocol: connected - protocol: static - protocol: ospf route_policy: route-policy-omp ipv4_primary_dns_address: 10.2.1.1 ipv4_secondary_dns_address: 10.2.1.2 ipv4_static_routes: - network_address: 10.10.10.0 subnet_mask: 255.255.255.0 gateway: nexthop next_hops: - address: 10.2.1.1 administrative_distance: 1 ipv6_static_routes: - prefix: 2001:0:0:2::0/64 gateway: nexthop next_hops: - address: 2001:0:0:1::1 administrative_distance: 1 ipv6_omp_advertise_routes: - protocol: connected - protocol: static ipv6_primary_dns_address: 2001:0:0:1::1 ipv6_secondary_dns_address: 2001:0:0:2::2 host_mappings: - hostname: fileserver.example ips: - 10.20.0.10 route_leaks_from_global: - protocol: connected redistributions: - protocol: ospf route_policy: import-from-global