def add_network_to_vpn_tunnel(self, name, local_network_name=None, peer_network=None):
vpn_service = self.get_vpn_service()
if vpn_service is None or vpn_service.Endpoint is None:
return False
for tunnel in vpn_service.Tunnel:
if tunnel.get_Name() == name:
if local_network_name is not None:
interfaces = self.get_interfaces('internal')
gateway_interface = None
for interface in interfaces:
if local_network_name == interface.get_Name():
gateway_interface = interface
break
local_subnet = IpsecVpnSubnetType()
local_subnet.set_Name(gateway_interface.get_Name())
local_subnet.set_Gateway(gateway_interface.get_SubnetParticipation()[0].get_Gateway())
local_subnet.set_Netmask(gateway_interface.get_SubnetParticipation()[0].get_Netmask())
tunnel.add_LocalSubnet(local_subnet)
if peer_network is not None:
peer_subnet = IpsecVpnSubnetType()
peer_subnet.set_Name(peer_network)
pn = IPNetwork(peer_network)
peer_subnet.set_Gateway(str(pn.ip))
peer_subnet.set_Netmask(str(pn.netmask))
tunnel.add_PeerSubnet(peer_subnet)
return True
return False
def add_vpn_tunnel(self, name, local_ip, local_network_name, peer_ip, peer_network, secret):
vpn_service = self.get_vpn_service()
if vpn_service is None:
vpn_service = self.add_vpn_service()
peer = IpsecVpnThirdPartyPeerType(PeerId=peer_ip)
peer.original_tagname_ = 'IpsecVpnThirdPartyPeer'
interfaces = self.get_interfaces('internal')
gateway_interface = None
for interface in interfaces:
if local_network_name == interface.get_Name():
gateway_interface = interface
break
assert gateway_interface
local_subnet = IpsecVpnSubnetType()
local_subnet.set_Name(gateway_interface.get_Name())
local_subnet.set_Gateway(gateway_interface.get_SubnetParticipation()[0].get_Gateway())
local_subnet.set_Netmask(gateway_interface.get_SubnetParticipation()[0].get_Netmask())
peer_subnet = IpsecVpnSubnetType()
peer_subnet.set_Name(peer_network)
pn = IPNetwork(peer_network)
peer_subnet.set_Gateway(str(pn.ip))
peer_subnet.set_Netmask(str(pn.netmask))
tunnel = GatewayIpsecVpnTunnelType(
Name=name, Description='',
LocalIpAddress=local_ip, LocalId=local_ip,
PeerIpAddress=peer_ip, PeerId=peer_ip,
SharedSecret=secret, SharedSecretEncrypted=False,
EncryptionProtocol='AES256', Mtu=1500,
IsEnabled=True)
tunnel.set_IpsecVpnPeer(peer)
tunnel.add_LocalSubnet(local_subnet)
tunnel.add_PeerSubnet(peer_subnet)
vpn_service.add_Tunnel(tunnel)
