Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
VENKAT_S_P
Collaborator

VTI creation in console

Is there a way to create a point to point interface manually in console instead of using the "Get interface" every time when have VTI (route based VPN) configured from CLI.

0 Kudos
4 Replies
PhoneBoy
Admin
Admin

While R80.10 definitely has improved CLI/API support from past versions, there are some functions that are still done with the older OPSEC CPMI.

This includes many functions related to gateway objects, including such functions as "Get Interfaces," which can only be done via SmartConsole.

We plan to resolve those limitations in future versions. 

0 Kudos
VENKAT_S_P
Collaborator

Understood, Thanks for the reply Dameon.

0 Kudos
Ofir_Shikolski
Employee Alumnus
Employee Alumnus

I would explorer the option to use these 2 API commands (I yet did not had the opportunity to check it )

1. run-script

use the clish syntax to add VTI:

something like that :

clish -sic "add vpn tunnel 20 type numbered local 10.10.10.1 remote 20.20.20.1 peer MyPeer"

Network Management 

2. set simple-gateway to define the interfaces

Please see this section with the API documentation :

interfacesList: Object v
Parameter nameValueDescription
uid
Required
stringObject unique identifier.
or
name
Required
stringObject name.
anti-spoofingbooleanN/A
anti-spoofing-settingsObject vN/A
ip-addressstringIPv4 or IPv6 address. If both addresses are required use ipv4-address and ipv6-address fields explicitly.
or
ipv4-addressstringIPv4 address.
or
ipv6-addressstringIPv6 address.
network-maskstringIPv4 or IPv6 network mask. If both masks are required use ipv4-network-mask and ipv6-network-mask fields explicitly. Instead of providing mask itself it is possible to specify IPv4 or IPv6 mask length in mask-length field. If both masks length are required use ipv4-mask-length and ipv6-mask-length fields explicitly.
or
ipv4-network-maskstringIPv4 network address.
or
ipv6-network-maskstringIPv6 network address.
or
mask-lengthstringIPv4 or IPv6 network mask length.
or
ipv4-mask-lengthstringIPv4 network mask length.
or
ipv6-mask-lengthstringIPv6 network mask length.
new-namestringNew name of the object.
security-zonebooleanN/A
security-zone-settingsObject vN/A
tagsObjectCollection of tag identifiers.
topologystring
Valid values: automatic, external, internal
N/A
topology-settingsObject vN/A

More

v
Network interfaces. When a gateway is updated with a new interfaces, the existing interfaces are removed
0 Kudos
VENKAT_S_P
Collaborator

I am not talking about the API stuffs. I use unnumbered vti with cluster env. Dameon seems to be right, still we do not have a pt-to-pt from the manual selection.  

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events