lboka/doc-exports
1
0
Fork 0
forked from docs/doc-exports
Code Pull Requests Activity
doc-exports/docs/vpn/api-ref/en_topic_0093011510.html
gtema 6b71b4a1fa Initial import of the VPN API document 
Reviewed-by: Hasko, Vladimir <vladimir.hasko@t-systems.com>
Co-authored-by: gtema <artem.goncharov@gmail.com>
Co-committed-by: gtema <artem.goncharov@gmail.com>
2022-12-07 13:22:09 +00:00

26 KiB
Raw Blame History

Creating an IKE Policy

Function

This interface is used to create an IKE policy.

URI

POST /v2.0/vpn/ikepolicies

Request Message

Table 1 describes the request parameters.

Table 1 Request parameters

Parameter

Type

Mandatory

Description

name

String

No

Specifies the IKE policy name.

auth_algorithm

String

No

Specifies the authentication hash algorithm. The value can be md5, sha1, sha2-256, sha2-384, or sha2-512.

description

String

No

Provides supplementary information about the IKE policy.

encryption_algorithm

String

No

Specifies the encryption algorithm. The value can be 3des, aes-128, aes-192, or aes-256. The default value is aes-128.

ike_version

String

No

Specifies the IKE version. The value can be v1 or v2. The default value is v1.

lifetime

Object

No

Specifies the lifetime object of SA.

pfs

String

No

Specifies the PFS. The value can be group1, group2, group5, group14, group15, group16, group19, group20, group21, or disable.

The default value is group5.

phase1_negotiation_mode

String

No

Specifies the IKE mode The default value is main.

tenant_id

String

No

Specifies the project ID.

value

String

No

Specifies the lifetime value of the SA. The default unit is seconds. The default value is 3600.

units

String

No

Specifies the lifecycle unit. The default value is seconds.

ikepolicy

Object

Yes

Specifies the IKE policy object.
  1. The project_id parameter is not supported.
  2. The value of tenant_id can contain a maximum of 255 characters.
  3. The value of name can contain 1 to 64 characters.
  4. The value of description can contain a maximum of 255 characters.
  5. The value of auth_algorithm can only be md5, sha1, sha2-256, sha2-384, or sha2-512.
  6. The value of encryption_algorithm can only be 3des, aes-128, aes-192, or aes-256.
  7. The value of phase1_negotiation_mode can only be main and aggressive.
  8. The value of units can only be in seconds.
  9. The value of value can only be an integer ranging from 60 to 604,800.
  10. The value of ike_version can only be v1 or v2.

Response Message

Table 2 describes the response parameters.

Table 2 Response parameters

Parameter

Type

Description

auth_algorithm

String

Specifies the authentication hash algorithm. The value can be md5, sha1, sha2-256, sha2-384, or sha2-512.

description

String

Provides supplementary information about the IKE policy.

encryption_algorithm

String

Specifies the encryption algorithm. The value can be 3des, aes-128, aes-192, or aes-256. The default value is aes-128.

lifetime

Object

Specifies the lifetime object of SA.

name

String

Specifies the IKE policy name.

pfs

String

Specifies the PFS. The value can be group1, group2, group5, group14, group15, group16, group19, group20, group21, or disable.

The default value is group5.

phase1_negotiation_mode

String

Specifies the IKE mode The default value is main.

tenant_id

String

Specifies the project ID.

ikepolicy

Object

Specifies the IKE policy object.

value

Integer

Specifies the lifetime value of the SA. The default unit is seconds. The default value is 3600.

units

String

Specifies the lifecycle unit. The default value is seconds.

id

String

Specifies the IKE policy ID.

ike_version

String

Specifies the IKE version. The value can be v1 or v2. The default value is v1.

Example

  • Example Request
    POST /v2.0/vpn/ikepolicies
{
  "ikepolicy" : {
    "phase1_negotiation_mode" : "main",
    "auth_algorithm" : "sha1",
    "encryption_algorithm" : "aes-128",
    "pfs" : "group5",
    "lifetime" : {
      "units" : "seconds",
      "value" : 7200
    },
    "ike_version" : "v1",
    "name" : "ikepolicy1"
  }
}
  • Example Response
    {
  "ikepolicy" : {
    "name" : "ikepolicy1",
    "tenant_id" : "ccb81365fe36411a9011e90491fe1330",
    "auth_algorithm" : "sha1",
    "encryption_algorithm" : "aes-128",
    "pfs" : "group5",
    "phase1_negotiation_mode" : "main",
    "lifetime" : {
      "units" : "seconds",
      "value" : 7200
    },
    "ike_version" : "v1",
    "id" : "5522aff7-1b3c-48dd-9c3c-b50f016b73db",
    "description" : ""
  }
}

Returned Values

For details, see section Common Returned Values.

Parent topic: IKE Policy Management