Transport WAN VPN Feature

Add WAN VPN configuration, including DNS servers, NAT, IPv4 or IPv6 static routes and service routes.

Diagram

Classes

transport_profiles (sdwan.feature_profiles)

Name	Type	Constraint	Mandatory	Default Value
wan_vpn	Class	`[wan_vpn]`	No

wan_vpn (sdwan.feature_profiles.transport_profiles)

Name	Type	Constraint	Mandatory	Default Value
name	String	Regex: `^[^&<>! "]{1,128}$`	No	`wan_vpn`
description	String		No
bgp	String	Regex: `^[^&<>! "]{1,128}$`	No
enhance_ecmp_keying	Boolean	`true`, `false`	No
enhance_ecmp_keying_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
ethernet_interfaces	List	`[ethernet_interfaces]`	No
host_mappings	List	`[host_mappings]`	No
ipv4_primary_dns_address	IP		No
ipv4_primary_dns_address_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
ipv4_secondary_dns_address	IP		No
ipv4_secondary_dns_address_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
ipv4_static_routes	List	`[ipv4_static_routes]`	No
ipv6_primary_dns_address	IP		No
ipv6_primary_dns_address_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
ipv6_secondary_dns_address	IP		No
ipv6_secondary_dns_address_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
ipv6_static_routes	List	`[ipv6_static_routes]`	No
nat_64_v4_pools	List	`[nat_64_v4_pools]`	No
ospf	String	Regex: `^[^&<>! "]{1,128}$`	No
services	List	Choice[`te`]	No

ethernet_interfaces (sdwan.feature_profiles.transport_profiles.wan_vpn)

Name	Type	Constraint	Mandatory	Default Value
name	String	Regex: `^[^&<>! "]{1,128}$`	Yes
description	String		No
adaptive_qos	Boolean	`true`, `false`	No
adaptive_qos_period	Integer	min: `1`, max: `720`	No
adaptive_qos_period_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
adaptive_qos_shaping_rate_downstream	Class	`[adaptive_qos_shaping_rate_downstream]`	No
adaptive_qos_shaping_rate_upstream	Class	`[adaptive_qos_shaping_rate_upstream]`	No
arp_entries	List	`[arp_entries]`	No
arp_timeout	Integer	min: `0`, max: `2147483`	No
arp_timeout_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
auto_detect_bandwidth	Boolean	`true`, `false`	No
auto_detect_bandwidth_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
autonegotiate	Boolean	`true`, `false`	No
autonegotiate_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
bandwidth_downstream	Integer	min: `1`, max: `2147483647`	No
bandwidth_downstream_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
bandwidth_upstream	Integer	min: `1`, max: `2147483647`	No
bandwidth_upstream_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
block_non_source_ip	Boolean	`true`, `false`	No
block_non_source_ip_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
duplex	Choice	`full`, `half`, `auto`	No
duplex_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
gre_tloc_extension_source_ip	IP		No
gre_tloc_extension_source_ip_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
gre_tloc_extension_xconnect	String		No
gre_tloc_extension_xconnect_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
icmp_redirect_disable	Boolean	`true`, `false`	No
icmp_redirect_disable_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
interface_description	String	max: `200`	No
interface_description_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
interface_mtu	Integer	min: `1500`, max: `9216`	No
interface_mtu_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
interface_name	String	Regex: (ATM\|ATM-ACR\|AppGigabitEthernet\|AppNav-Compress\|AppNav-UnCompress\|Async\|BD-VIF\|BDI\|CEM\|CEM-ACR\|Cellular\|Dialer\|Embedded-Service-Engine\|Ethernet\|Ethernet-Internal\|FastEthernet\|FiftyGigabitEthernet\|FiveGigabitEthernet\|FortyGigabitEthernet\|FourHundredGigE\|GMPLS\|GigabitEthernet\|Group-Async\|HundredGigE\|L2LISP\|LISP\|Loopback\|MFR\|Multilink\|Port-channel\|SM\|Serial\|Service-Engine\|TenGigabitEthernet\|Tunnel\|TwentyFiveGigE\|TwentyFiveGigabitEthernet\|TwoGigabitEthernet\|TwoHundredGigE\|Vif\|Virtual-PPP\|Virtual-Template\|VirtualPortGroup\|Vlan\|Wlan-GigabitEthernet\|nat64\|nat66\|ntp\|nve\|ospfv3\|overlay\|pseudowire\|ucse\|vasileft\|vasiright\|vmi)([0-9](. ?[1-9][0-9])*\|[0-9/]+\|[0-9]+/[0-9]+/[0-9]+:[0-9]+\|[0-9]+/[0-9]+/[0-9]+\|[0-9]+/[0-9]+\|[0-9]+)	No
interface_name_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
iperf_server	String		No
iperf_server_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
ip_directed_broadcast	Boolean	`true`, `false`	No
ip_directed_broadcast_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
ip_mtu	Integer	min: `576`, max: `9216`	No
ip_mtu_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
ipv4_address	IP		No
ipv4_address_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
ipv4_configuration_type	Choice	`dynamic`, `static`	No	`static`
ipv4_dhcp_distance	Integer	min: `1`, max: `255`	No
ipv4_dhcp_distance_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
ipv4_dhcp_helpers	List	IP	No
ipv4_dhcp_helpers_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
ipv4_egress_acl	String		No
ipv4_ingress_acl	String		No
ipv4_nat	Boolean	`true`, `false`	No
ipv4_nat_type	Choice	`interface`, `pool`, `loopback`	No
ipv4_nat_type_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
ipv4_nat_loopback_interface	String		No
ipv4_nat_loopback_interface_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
ipv4_nat_pool_overload	Boolean	`true`, `false`	No
ipv4_nat_pool_overload_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
ipv4_nat_pool_prefix_length	Integer	min: `1`, max: `32`	No
ipv4_nat_pool_prefix_length_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
ipv4_nat_pool_range_end	IP		No
ipv4_nat_pool_range_end_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
ipv4_nat_pool_range_start	IP		No
ipv4_nat_pool_range_start_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
ipv4_nat_static_entries	List	`[ipv4_nat_static_entries]`	No
ipv4_nat_tcp_timeout	Integer	min: `1`, max: `8947`	No
ipv4_nat_tcp_timeout_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
ipv4_nat_udp_timeout	Integer	min: `1`, max: `8947`	No
ipv4_nat_udp_timeout_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
ipv4_secondary_addresses	List	`[ipv4_secondary_addresses]`	No
ipv4_subnet_mask	Choice	`255.255.255.255`, `255.255.255.254`, `255.255.255.252`, `255.255.255.248`, `255.255.255.240`, `255.255.255.224`, `255.255.255.192`, `255.255.255.128`, `255.255.255.0`, `255.255.254.0`, `255.255.252.0`, `255.255.248.0`, `255.255.240.0`, `255.255.224.0`, `255.255.192.0`, `255.255.128.0`, `255.255.0.0`, `255.254.0.0`, `255.252.0.0`, `255.240.0.0`, `255.224.0.0`, `255.192.0.0`, `255.128.0.0`, `255.0.0.0`, `254.0.0.0`, `252.0.0.0`, `248.0.0.0`, `240.0.0.0`, `224.0.0.0`, `192.0.0.0`, `128.0.0.0`, `0.0.0.0`	No
ipv4_subnet_mask_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
ipv4_tracker	String	Regex: `^[^&<>! "]{1,128}$`	No
ipv4_tracker_group	String	Regex: `^[^&<>! "]{1,128}$`	No
ipv6_configuration_type	Choice	`dynamic`, `static`, `none`	No	`none`
ipv6_address	IP		No
ipv6_address_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
ipv6_egress_acl	String		No
ipv6_ingress_acl	String		No
ipv6_nat	Boolean	`true`, `false`	No
ipv6_nat_type	Choice	`nat64`, `nat66`	No
ipv6_nat66_static_entries	List	`[ipv6_nat66_static_entries]`	No
ipv6_secondary_addresses	List	`[ipv6_secondary_addresses]`	No
ipv6_tracker	String	Regex: `^[^&<>! "]{1,128}$`	No
ipv6_tracker_group	String	Regex: `^[^&<>! "]{1,128}$`	No
load_interval	Integer	min: `30`, max: `600`	No
load_interval_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
mac_address	String	Regex: `^(([a-fA-F\d]{2}:){5}[a-fA-F\d]{2})$`	No
mac_address_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
media_type	Choice	`auto-select`, `rj45`, `sfp`	No
media_type_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
service_provider	String		No
service_provider_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
shutdown	Boolean	`true`, `false`	No
shutdown_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
speed	Choice	`10`, `100`, `1000`, `2500`, `10000`	No
speed_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
shaping_rate	Integer	min: `8`, max: `100000000`	No
shaping_rate_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
tcp_mss	Integer	min: `500`, max: `1460`	No
tcp_mss_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
tloc_extension	String		No
tloc_extension_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
tunnel_interface	Class	`[tunnel_interface]`	No

host_mappings (sdwan.feature_profiles.transport_profiles.wan_vpn)

Name	Type	Constraint	Mandatory
hostname	String	min: `1`, max: `32`	No
hostname_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
ips	List	IP	No
ips_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No

ipv4_static_routes (sdwan.feature_profiles.transport_profiles.wan_vpn)

Name	Type	Constraint	Mandatory	Default Value
administrative_distance	Integer	min: `1`, max: `255`	No
administrative_distance_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
gateway	Choice	`nexthop`, `dhcp`, `null0`	No	`nexthop`
network_address	IP		No
network_address_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
next_hops	List	`[next_hops]`	No
subnet_mask	Choice	`255.255.255.255`, `255.255.255.254`, `255.255.255.252`, `255.255.255.248`, `255.255.255.240`, `255.255.255.224`, `255.255.255.192`, `255.255.255.128`, `255.255.255.0`, `255.255.254.0`, `255.255.252.0`, `255.255.248.0`, `255.255.240.0`, `255.255.224.0`, `255.255.192.0`, `255.255.128.0`, `255.255.0.0`, `255.254.0.0`, `255.252.0.0`, `255.240.0.0`, `255.224.0.0`, `255.192.0.0`, `255.128.0.0`, `255.0.0.0`, `254.0.0.0`, `252.0.0.0`, `248.0.0.0`, `240.0.0.0`, `224.0.0.0`, `192.0.0.0`, `128.0.0.0`, `0.0.0.0`	No
subnet_mask_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No

ipv6_static_routes (sdwan.feature_profiles.transport_profiles.wan_vpn)

Name	Type	Constraint	Mandatory	Default Value
gateway	Choice	`nexthop`, `nat`, `null0`	No	`nexthop`
nat	Choice	`nat64`, `nat66`	No
next_hops	List	`[next_hops]`	No
prefix	String	Regex: ((^\s((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}\|:))\|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}\|((25[0-5]\|2[0-4]\d\|1\d\d\|[1-9]?\d)(\.(25[0-5]\|2[0-4]\d\|1\d\d\|[1-9]?\d)){3})\|:))\|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})\|:((25[0-5]\|2[0-4]\d\|1\d\d\|[1-9]?\d)(\.(25[0-5]\|2[0-4]\d\|1\d\d\|[1-9]?\d)){3})\|:))\|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})\|((:[0-9A-Fa-f]{1,4})?:((25[0-5]\|2[0-4]\d\|1\d\d\|[1-9]?\d)(\.(25[0-5]\|2[0-4]\d\|1\d\d\|[1-9]?\d)){3}))\|:))\|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})\|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]\|2[0-4]\d\|1\d\d\|[1-9]?\d)(\.(25[0-5]\|2[0-4]\d\|1\d\d\|[1-9]?\d)){3}))\|:))\|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})\|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]\|2[0-4]\d\|1\d\d\|[1-9]?\d)(\.(25[0-5]\|2[0-4]\d\|1\d\d\|[1-9]?\d)){3}))\|:))\|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})\|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]\|2[0-4]\d\|1\d\d\|[1-9]?\d)(\.(25[0-5]\|2[0-4]\d\|1\d\d\|[1-9]?\d)){3}))\|:))\|(:(((:[0-9A-Fa-f]{1,4}){1,7})\|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]\|2[0-4]\d\|1\d\d\|[1-9]?\d)(\.(25[0-5]\|2[0-4]\d\|1\d\d\|[1-9]?\d)){3}))\|:)))(%.+)?\s(\/)(\b([0-9]{1,2}\|1[01][0-9]\|12[0-8])\b)$))	No
prefix_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No

nat_64_v4_pools (sdwan.feature_profiles.transport_profiles.wan_vpn)

Name	Type	Constraint	Mandatory
name	String	min: `1`, max: `32`	No
name_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
overload	Boolean	`true`, `false`	No
overload_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
range_end	IP		No
range_end_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
range_start	IP		No
range_start_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No

adaptive_qos_shaping_rate_downstream (sdwan.feature_profiles.transport_profiles.wan_vpn.ethernet_interfaces)

Name	Type	Constraint	Mandatory
default	Integer	min: `8`, max: `100000000`	No
default_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
maximum	Integer	min: `8`, max: `100000000`	No
maximum_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
minimum	Integer	min: `8`, max: `100000000`	No
minimum_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No

adaptive_qos_shaping_rate_upstream (sdwan.feature_profiles.transport_profiles.wan_vpn.ethernet_interfaces)

Name	Type	Constraint	Mandatory
default	Integer	min: `8`, max: `100000000`	No
default_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
maximum	Integer	min: `8`, max: `100000000`	No
maximum_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
minimum	Integer	min: `8`, max: `100000000`	No
minimum_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No

arp_entries (sdwan.feature_profiles.transport_profiles.wan_vpn.ethernet_interfaces)

Name	Type	Constraint	Mandatory
ip_address	IP		No
ip_address_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
mac_address	String	Regex: `^(([a-fA-F\d]{2}:){5}[a-fA-F\d]{2})$`	No
mac_address_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No

ipv4_nat_static_entries (sdwan.feature_profiles.transport_profiles.wan_vpn.ethernet_interfaces)

Name	Type	Constraint	Mandatory
direction	Choice	`inside`, `outside`	No
source_ip	IP		No
source_ip_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
source_vpn_id	Integer	min: `0`, max: `65530`	No
source_vpn_id_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
translate_ip	IP		No
translate_ip_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No

ipv4_secondary_addresses (sdwan.feature_profiles.transport_profiles.wan_vpn.ethernet_interfaces)

Name	Type	Constraint	Mandatory
address	IP		No
address_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
subnet_mask	Choice	`255.255.255.255`, `255.255.255.254`, `255.255.255.252`, `255.255.255.248`, `255.255.255.240`, `255.255.255.224`, `255.255.255.192`, `255.255.255.128`, `255.255.255.0`, `255.255.254.0`, `255.255.252.0`, `255.255.248.0`, `255.255.240.0`, `255.255.224.0`, `255.255.192.0`, `255.255.128.0`, `255.255.0.0`, `255.254.0.0`, `255.252.0.0`, `255.240.0.0`, `255.224.0.0`, `255.192.0.0`, `255.128.0.0`, `255.0.0.0`, `254.0.0.0`, `252.0.0.0`, `248.0.0.0`, `240.0.0.0`, `224.0.0.0`, `192.0.0.0`, `128.0.0.0`, `0.0.0.0`	No
subnet_mask_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No

ipv6_nat66_static_entries (sdwan.feature_profiles.transport_profiles.wan_vpn.ethernet_interfaces)

Name	Type	Constraint	Mandatory
source_prefix	String	Regex: ((^\s((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}\|:))\|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}\|((25[0-5]\|2[0-4]\d\|1\d\d\|[1-9]?\d)(\.(25[0-5]\|2[0-4]\d\|1\d\d\|[1-9]?\d)){3})\|:))\|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})\|:((25[0-5]\|2[0-4]\d\|1\d\d\|[1-9]?\d)(\.(25[0-5]\|2[0-4]\d\|1\d\d\|[1-9]?\d)){3})\|:))\|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})\|((:[0-9A-Fa-f]{1,4})?:((25[0-5]\|2[0-4]\d\|1\d\d\|[1-9]?\d)(\.(25[0-5]\|2[0-4]\d\|1\d\d\|[1-9]?\d)){3}))\|:))\|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})\|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]\|2[0-4]\d\|1\d\d\|[1-9]?\d)(\.(25[0-5]\|2[0-4]\d\|1\d\d\|[1-9]?\d)){3}))\|:))\|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})\|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]\|2[0-4]\d\|1\d\d\|[1-9]?\d)(\.(25[0-5]\|2[0-4]\d\|1\d\d\|[1-9]?\d)){3}))\|:))\|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})\|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]\|2[0-4]\d\|1\d\d\|[1-9]?\d)(\.(25[0-5]\|2[0-4]\d\|1\d\d\|[1-9]?\d)){3}))\|:))\|(:(((:[0-9A-Fa-f]{1,4}){1,7})\|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]\|2[0-4]\d\|1\d\d\|[1-9]?\d)(\.(25[0-5]\|2[0-4]\d\|1\d\d\|[1-9]?\d)){3}))\|:)))(%.+)?\s(\/)(\b([0-9]{1,2}\|1[01][0-9]\|12[0-8])\b)$))	No
source_prefix_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
source_vpn_id	Integer	min: `0`, max: `65530`	No
source_vpn_id_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
translate_prefix	String	Regex: ((^\s((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}\|:))\|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}\|((25[0-5]\|2[0-4]\d\|1\d\d\|[1-9]?\d)(\.(25[0-5]\|2[0-4]\d\|1\d\d\|[1-9]?\d)){3})\|:))\|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})\|:((25[0-5]\|2[0-4]\d\|1\d\d\|[1-9]?\d)(\.(25[0-5]\|2[0-4]\d\|1\d\d\|[1-9]?\d)){3})\|:))\|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})\|((:[0-9A-Fa-f]{1,4})?:((25[0-5]\|2[0-4]\d\|1\d\d\|[1-9]?\d)(\.(25[0-5]\|2[0-4]\d\|1\d\d\|[1-9]?\d)){3}))\|:))\|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})\|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]\|2[0-4]\d\|1\d\d\|[1-9]?\d)(\.(25[0-5]\|2[0-4]\d\|1\d\d\|[1-9]?\d)){3}))\|:))\|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})\|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]\|2[0-4]\d\|1\d\d\|[1-9]?\d)(\.(25[0-5]\|2[0-4]\d\|1\d\d\|[1-9]?\d)){3}))\|:))\|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})\|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]\|2[0-4]\d\|1\d\d\|[1-9]?\d)(\.(25[0-5]\|2[0-4]\d\|1\d\d\|[1-9]?\d)){3}))\|:))\|(:(((:[0-9A-Fa-f]{1,4}){1,7})\|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]\|2[0-4]\d\|1\d\d\|[1-9]?\d)(\.(25[0-5]\|2[0-4]\d\|1\d\d\|[1-9]?\d)){3}))\|:)))(%.+)?\s(\/)(\b([0-9]{1,2}\|1[01][0-9]\|12[0-8])\b)$))	No
translate_prefix_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No

ipv6_secondary_addresses (sdwan.feature_profiles.transport_profiles.wan_vpn.ethernet_interfaces)

Name	Type	Constraint	Mandatory	Default Value
address	IP		No
address_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No

tunnel_interface (sdwan.feature_profiles.transport_profiles.wan_vpn.ethernet_interfaces)

Name	Type	Constraint	Mandatory	Default Value
allow_service_all	Boolean	`true`, `false`	No
allow_service_all_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
allow_service_bfd	Boolean	`true`, `false`	No
allow_service_bfd_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
allow_service_bgp	Boolean	`true`, `false`	No
allow_service_bgp_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
allow_service_dhcp	Boolean	`true`, `false`	No
allow_service_dhcp_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
allow_service_dns	Boolean	`true`, `false`	No
allow_service_dns_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
allow_service_https	Boolean	`true`, `false`	No
allow_service_https_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
allow_service_icmp	Boolean	`true`, `false`	No
allow_service_icmp_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
allow_service_netconf	Boolean	`true`, `false`	No
allow_service_netconf_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
allow_service_ntp	Boolean	`true`, `false`	No
allow_service_ntp_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
allow_service_ospf	Boolean	`true`, `false`	No
allow_service_ospf_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
allow_service_snmp	Boolean	`true`, `false`	No
allow_service_snmp_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
allow_service_ssh	Boolean	`true`, `false`	No
allow_service_ssh_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
allow_service_stun	Boolean	`true`, `false`	No
allow_service_stun_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
bind_loopback_tunnel	String	min: `1`, max: `32`	No
bind_loopback_tunnel_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
border	Boolean	`true`, `false`	No
border_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
carrier	Choice	`default`, `carrier1`, `carrier2`, `carrier3`, `carrier4`, `carrier5`, `carrier6`, `carrier7`, `carrier8`	No
carrier_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
clear_dont_fragment	Boolean	`true`, `false`	No
clear_dont_fragment_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
color	Choice	`3g`, `biz-internet`, `blue`, `bronze`, `custom1`, `custom2`, `custom3`, `default`, `gold`, `green`, `lte`, `metro-ethernet`, `mpls`, `public-internet`, `private1`, `private2`, `private3`, `private4`, `private5`, `private6`, `red`, `silver`	No
color_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
cts_sgt_propagation	Boolean	`true`, `false`	No
cts_sgt_propagation_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
exclude_controller_groups	List	Integer[min: `0`, max: `100`]	No
exclude_controller_groups_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
gre_encapsulation	Boolean	`true`, `false`	No
gre_preference	Integer	min: `0`, max: `4294967295`	No
gre_preference_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
gre_tunnel_destination_ip	IP		No
gre_tunnel_destination_ip_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
gre_weight	Integer	min: `1`, max: `255`	No
gre_weight_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
group	Integer	min: `1`, max: `4294967295`	No
group_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
hello_interval	Integer	min: `100`, max: `600000`	No
hello_interval_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
hello_tolerance	Integer	min: `12`, max: `6000`	No
hello_tolerance_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
ipsec_encapsulation	Boolean	`true`, `false`	No	`true`
ipsec_preference	Integer	min: `0`, max: `4294967295`	No
ipsec_preference_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
ipsec_weight	Integer	min: `1`, max: `255`	No
ipsec_weight_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
last_resort_circuit	Boolean	`true`, `false`	No
last_resort_circuit_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
low_bandwidth_link	Boolean	`true`, `false`	No
low_bandwidth_link_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
max_control_connections	Integer	min: `0`, max: `100`	No
max_control_connections_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
nat_refresh_interval	Integer	min: `1`, max: `60`	No
nat_refresh_interval_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
network_broadcast	Boolean	`true`, `false`	No
network_broadcast_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
per_tunnel_qos	Boolean	`true`, `false`	No
per_tunnel_qos_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
per_tunnel_qos_bandwidth_percent	Integer	min: `1`, max: `100`	No
per_tunnel_qos_bandwidth_percent_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
per_tunnel_qos_mode	Choice	`hub`, `spoke`	No
per_tunnel_qos_mode_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
port_hop	Boolean	`true`, `false`	No
port_hop_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
restrict	Boolean	`true`, `false`	No
restrict_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
tcp_mss	Integer	min: `500`, max: `1460`	No
tcp_mss_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
vbond_as_stun_server	Boolean	`true`, `false`	No
vbond_as_stun_server_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
vmanage_connection_preference	Integer	min: `0`, max: `8`	No
vmanage_connection_preference_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No

next_hops (sdwan.feature_profiles.transport_profiles.wan_vpn.ipv4_static_routes)

Name	Type	Constraint	Mandatory
address	IP		No
address_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
administrative_distance	Integer	min: `1`, max: `255`	No
administrative_distance_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No

next_hops (sdwan.feature_profiles.transport_profiles.wan_vpn.ipv6_static_routes)

Name	Type	Constraint	Mandatory
address	IP		No
address_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No
administrative_distance	Integer	min: `1`, max: `255`	No
administrative_distance_variable	String	Regex: `^[./\[\]a-zA-Z0-9_-]{1,64}$`	No

Examples

Example-1: This example demonstrates how to configure a WAN VPN feature under a transport profile. It configures the static host mapping for the “vbond.local” FQDN and maps it to two IP addresses. It also specifies the IPv4 primary and secondary addresses as variables (these will need to be filled when deploying the configuration to a device that uses the configuration group with this profile). It defines a static default route with two next hops configured as variables. Additionally, it enables enhanced ECMP keying and the Traffic Engineering (TE) service.

sdwan:
  feature_profiles:
    transport_profiles:
      - name: transport
        description: this is a test transport profile
        wan_vpn:
          name: wan_vpn
          description: VPN 0 configuration
          host_mappings:
            - hostname: vbond.local
              ips:
                - 10.0.0.1
                - 10.0.0.2
          ipv4_primary_dns_address_variable: vpn0_dns_primary
          ipv4_secondary_dns_address_variable: vpn0_dns_secondary
          enhance_ecmp_keying: true
          ipv4_static_routes:
            - network_address: 0.0.0.0
              subnet_mask: 0.0.0.0
              next_hops:
                - address_variable: vpn0_ipv4_default_route_nexthop1_ip
                - address_variable: vpn0_ipv4_default_route_nexthop2_ip
          services:
            - te