vpruthi/doc-exports
1
0
Fork 0
forked from docs/doc-exports
Code Pull Requests Activity
doc-exports/docs/vpn/api-ref/en_topic_0093011492.html
gtema 6b71b4a1fa Initial import of the VPN API document 
Reviewed-by: Hasko, Vladimir <vladimir.hasko@t-systems.com>
Co-authored-by: gtema <artem.goncharov@gmail.com>
Co-committed-by: gtema <artem.goncharov@gmail.com>
2022-12-07 13:22:09 +00:00

429 lines
36 KiB
HTML
Raw Blame History

<a name="en_topic_0093011492"></a><a name="en_topic_0093011492"></a>
<h1 class="topictitle1">Creating an IPsec VPN Connection</h1>
<div id="body8522594"><div class="section" id="en_topic_0093011492__section36453319"><h4 class="sectiontitle"><strong id="en_topic_0093011492__b842352706112523">Function</strong></h4><p id="en_topic_0093011492__p19241481">This interface is used to create an IPsec VPN connection.</p>
</div>
<div class="section" id="en_topic_0093011492__ole_link140"><h4 class="sectiontitle">URI</h4><p id="en_topic_0093011492__p141203670">POST /v2.0/vpn/ipsec-site-connections</p>
</div>
<div class="section" id="en_topic_0093011492__section66468500"><h4 class="sectiontitle">Request Message</h4><p id="en_topic_0093011492__p134776551774"><a href="#en_topic_0093011492__table64761989">Table 1</a> lists the request parameters for creating an IPsec site connection.</p>
<div class="tablenoborder"><a name="en_topic_0093011492__table64761989"></a><a name="table64761989"></a><table cellpadding="4" cellspacing="0" summary="" id="en_topic_0093011492__table64761989" frame="border" border="1" rules="all"><caption><b>Table 1 </b>Request parameters</caption><thead align="left"><tr id="en_topic_0093011492__row3648444"><th align="left" class="cellrowborder" valign="top" width="25.507449255074494%" id="mcps1.3.3.3.2.5.1.1"><p id="en_topic_0093011492__p27088563">Parameter</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="14.288571142885711%" id="mcps1.3.3.3.2.5.1.2"><p id="en_topic_0093011492__p46690023">Type</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="14.288571142885711%" id="mcps1.3.3.3.2.5.1.3"><p id="en_topic_0093011492__p23795519">Mandatory</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="45.91540845915409%" id="mcps1.3.3.3.2.5.1.4"><p id="en_topic_0093011492__p48388900">Description</p>
</th>
</tr>
</thead>
<tbody><tr id="en_topic_0093011492__row27186813"><td class="cellrowborder" valign="top" width="25.507449255074494%" headers="mcps1.3.3.3.2.5.1.1 "><p id="en_topic_0093011492__p54648243">dpd</p>
</td>
<td class="cellrowborder" valign="top" width="14.288571142885711%" headers="mcps1.3.3.3.2.5.1.2 "><p id="en_topic_0093011492__p64431533">Object</p>
</td>
<td class="cellrowborder" valign="top" width="14.288571142885711%" headers="mcps1.3.3.3.2.5.1.3 "><p id="en_topic_0093011492__p51571667">No</p>
</td>
<td class="cellrowborder" valign="top" width="45.91540845915409%" headers="mcps1.3.3.3.2.5.1.4 "><p id="en_topic_0093011492__p16555535">Specifies the DPD protocol control.</p>
</td>
</tr>
<tr id="en_topic_0093011492__row51369462"><td class="cellrowborder" valign="top" width="25.507449255074494%" headers="mcps1.3.3.3.2.5.1.1 "><p id="en_topic_0093011492__p176855">local_id</p>
</td>
<td class="cellrowborder" valign="top" width="14.288571142885711%" headers="mcps1.3.3.3.2.5.1.2 "><p id="en_topic_0093011492__p14325289">String</p>
</td>
<td class="cellrowborder" valign="top" width="14.288571142885711%" headers="mcps1.3.3.3.2.5.1.3 "><p id="en_topic_0093011492__p19497747">No</p>
</td>
<td class="cellrowborder" valign="top" width="45.91540845915409%" headers="mcps1.3.3.3.2.5.1.4 "><p id="en_topic_0093011492__p35813694">Specifies the ID of the external gateway address of a virtual router.</p>
</td>
</tr>
<tr id="en_topic_0093011492__row53887795"><td class="cellrowborder" valign="top" width="25.507449255074494%" headers="mcps1.3.3.3.2.5.1.1 "><p id="en_topic_0093011492__p2835298">psk</p>
</td>
<td class="cellrowborder" valign="top" width="14.288571142885711%" headers="mcps1.3.3.3.2.5.1.2 "><p id="en_topic_0093011492__p28332581">String</p>
</td>
<td class="cellrowborder" valign="top" width="14.288571142885711%" headers="mcps1.3.3.3.2.5.1.3 "><p id="en_topic_0093011492__p13237733">Yes</p>
</td>
<td class="cellrowborder" valign="top" width="45.91540845915409%" headers="mcps1.3.3.3.2.5.1.4 "><p id="en_topic_0093011492__p65623433">Specifies the pre-shared key.</p>
</td>
</tr>
<tr id="en_topic_0093011492__row53739988"><td class="cellrowborder" valign="top" width="25.507449255074494%" headers="mcps1.3.3.3.2.5.1.1 "><p id="en_topic_0093011492__p57971786">initiator</p>
</td>
<td class="cellrowborder" valign="top" width="14.288571142885711%" headers="mcps1.3.3.3.2.5.1.2 "><p id="en_topic_0093011492__p65203096">String</p>
</td>
<td class="cellrowborder" valign="top" width="14.288571142885711%" headers="mcps1.3.3.3.2.5.1.3 "><p id="en_topic_0093011492__p46959463">No</p>
</td>
<td class="cellrowborder" valign="top" width="45.91540845915409%" headers="mcps1.3.3.3.2.5.1.4 "><p id="en_topic_0093011492__p45620191">Specifies whether this VPN can only respond to connections or both respond to and initiate connections.</p>
</td>
</tr>
<tr id="en_topic_0093011492__row7928537"><td class="cellrowborder" valign="top" width="25.507449255074494%" headers="mcps1.3.3.3.2.5.1.1 "><p id="en_topic_0093011492__p38231776">ipsecpolicy_id</p>
</td>
<td class="cellrowborder" valign="top" width="14.288571142885711%" headers="mcps1.3.3.3.2.5.1.2 "><p id="en_topic_0093011492__p9766180">String</p>
</td>
<td class="cellrowborder" valign="top" width="14.288571142885711%" headers="mcps1.3.3.3.2.5.1.3 "><p id="en_topic_0093011492__p52863116">Yes</p>
</td>
<td class="cellrowborder" valign="top" width="45.91540845915409%" headers="mcps1.3.3.3.2.5.1.4 "><p id="en_topic_0093011492__p54054017">Specifies the IPsec policy ID.</p>
</td>
</tr>
<tr id="en_topic_0093011492__row16724107"><td class="cellrowborder" valign="top" width="25.507449255074494%" headers="mcps1.3.3.3.2.5.1.1 "><p id="en_topic_0093011492__p12475454">admin_state_up</p>
</td>
<td class="cellrowborder" valign="top" width="14.288571142885711%" headers="mcps1.3.3.3.2.5.1.2 "><p id="en_topic_0093011492__p3878833">Boolean</p>
</td>
<td class="cellrowborder" valign="top" width="14.288571142885711%" headers="mcps1.3.3.3.2.5.1.3 "><p id="en_topic_0093011492__p45750028">No</p>
</td>
<td class="cellrowborder" valign="top" width="45.91540845915409%" headers="mcps1.3.3.3.2.5.1.4 "><p id="en_topic_0093011492__p14764792">Specifies the administrative status. The value can be <strong id="en_topic_0093011492__b842352706221557_1">true</strong> or <strong id="en_topic_0093011492__b84235270622160_1">false</strong>.</p>
</td>
</tr>
<tr id="en_topic_0093011492__row65774268"><td class="cellrowborder" valign="top" width="25.507449255074494%" headers="mcps1.3.3.3.2.5.1.1 "><p id="en_topic_0093011492__p26115459">mtu</p>
</td>
<td class="cellrowborder" valign="top" width="14.288571142885711%" headers="mcps1.3.3.3.2.5.1.2 "><p id="en_topic_0093011492__p34977455">Integer</p>
</td>
<td class="cellrowborder" valign="top" width="14.288571142885711%" headers="mcps1.3.3.3.2.5.1.3 "><p id="en_topic_0093011492__p14601640">No</p>
</td>
<td class="cellrowborder" valign="top" width="45.91540845915409%" headers="mcps1.3.3.3.2.5.1.4 "><p id="en_topic_0093011492__p41882197">Specifies the maximum transmission unit to address fragmentation.</p>
</td>
</tr>
<tr id="en_topic_0093011492__row41395459"><td class="cellrowborder" valign="top" width="25.507449255074494%" headers="mcps1.3.3.3.2.5.1.1 "><p id="en_topic_0093011492__p64697882">peer_ep_group_id</p>
</td>
<td class="cellrowborder" valign="top" width="14.288571142885711%" headers="mcps1.3.3.3.2.5.1.2 "><p id="en_topic_0093011492__p6037081">String</p>
</td>
<td class="cellrowborder" valign="top" width="14.288571142885711%" headers="mcps1.3.3.3.2.5.1.3 "><p id="en_topic_0093011492__p19241577">Yes</p>
</td>
<td class="cellrowborder" valign="top" width="45.91540845915409%" headers="mcps1.3.3.3.2.5.1.4 "><p id="en_topic_0093011492__p15063922">Specifies the endpoint group ID (tenant CIDR blocks).</p>
</td>
</tr>
<tr id="en_topic_0093011492__row1357571"><td class="cellrowborder" valign="top" width="25.507449255074494%" headers="mcps1.3.3.3.2.5.1.1 "><p id="en_topic_0093011492__p42854387">ikepolicy_id</p>
</td>
<td class="cellrowborder" valign="top" width="14.288571142885711%" headers="mcps1.3.3.3.2.5.1.2 "><p id="en_topic_0093011492__p48653295">String</p>
</td>
<td class="cellrowborder" valign="top" width="14.288571142885711%" headers="mcps1.3.3.3.2.5.1.3 "><p id="en_topic_0093011492__p48602848">Yes</p>
</td>
<td class="cellrowborder" valign="top" width="45.91540845915409%" headers="mcps1.3.3.3.2.5.1.4 "><p id="en_topic_0093011492__p44516654">Specifies the IKE policy ID.</p>
</td>
</tr>
<tr id="en_topic_0093011492__row65105571"><td class="cellrowborder" valign="top" width="25.507449255074494%" headers="mcps1.3.3.3.2.5.1.1 "><p id="en_topic_0093011492__p39059911">vpnservice_id</p>
</td>
<td class="cellrowborder" valign="top" width="14.288571142885711%" headers="mcps1.3.3.3.2.5.1.2 "><p id="en_topic_0093011492__p9736186">String</p>
</td>
<td class="cellrowborder" valign="top" width="14.288571142885711%" headers="mcps1.3.3.3.2.5.1.3 "><p id="en_topic_0093011492__p50433639">Yes</p>
</td>
<td class="cellrowborder" valign="top" width="45.91540845915409%" headers="mcps1.3.3.3.2.5.1.4 "><p id="en_topic_0093011492__p58592948">Specifies the VPN service ID.</p>
</td>
</tr>
<tr id="en_topic_0093011492__row57574486"><td class="cellrowborder" valign="top" width="25.507449255074494%" headers="mcps1.3.3.3.2.5.1.1 "><p id="en_topic_0093011492__p33021783">local_ep_group_id</p>
</td>
<td class="cellrowborder" valign="top" width="14.288571142885711%" headers="mcps1.3.3.3.2.5.1.2 "><p id="en_topic_0093011492__p57518732">String</p>
</td>
<td class="cellrowborder" valign="top" width="14.288571142885711%" headers="mcps1.3.3.3.2.5.1.3 "><p id="en_topic_0093011492__p28505693">Yes</p>
</td>
<td class="cellrowborder" valign="top" width="45.91540845915409%" headers="mcps1.3.3.3.2.5.1.4 "><p id="en_topic_0093011492__p27259828">Specifies the endpoint group ID (VPC subnets).</p>
</td>
</tr>
<tr id="en_topic_0093011492__row44011860"><td class="cellrowborder" valign="top" width="25.507449255074494%" headers="mcps1.3.3.3.2.5.1.1 "><p id="en_topic_0093011492__p8190892">peer_address</p>
</td>
<td class="cellrowborder" valign="top" width="14.288571142885711%" headers="mcps1.3.3.3.2.5.1.2 "><p id="en_topic_0093011492__p59482492">String</p>
</td>
<td class="cellrowborder" valign="top" width="14.288571142885711%" headers="mcps1.3.3.3.2.5.1.3 "><p id="en_topic_0093011492__p53352557">Yes</p>
</td>
<td class="cellrowborder" valign="top" width="45.91540845915409%" headers="mcps1.3.3.3.2.5.1.4 "><p id="en_topic_0093011492__p26589862">Specifies the remote gateway address.</p>
</td>
</tr>
<tr id="en_topic_0093011492__row37982174"><td class="cellrowborder" valign="top" width="25.507449255074494%" headers="mcps1.3.3.3.2.5.1.1 "><p id="en_topic_0093011492__p56657239">peer_id</p>
</td>
<td class="cellrowborder" valign="top" width="14.288571142885711%" headers="mcps1.3.3.3.2.5.1.2 "><p id="en_topic_0093011492__p25833645">String</p>
</td>
<td class="cellrowborder" valign="top" width="14.288571142885711%" headers="mcps1.3.3.3.2.5.1.3 "><p id="en_topic_0093011492__p12150471">Yes</p>
</td>
<td class="cellrowborder" valign="top" width="45.91540845915409%" headers="mcps1.3.3.3.2.5.1.4 "><p id="en_topic_0093011492__p44664077">Specifies the remote gateway ID.</p>
</td>
</tr>
<tr id="en_topic_0093011492__row66432381"><td class="cellrowborder" valign="top" width="25.507449255074494%" headers="mcps1.3.3.3.2.5.1.1 "><p id="en_topic_0093011492__p12313777">name</p>
</td>
<td class="cellrowborder" valign="top" width="14.288571142885711%" headers="mcps1.3.3.3.2.5.1.2 "><p id="en_topic_0093011492__p57891910">String</p>
</td>
<td class="cellrowborder" valign="top" width="14.288571142885711%" headers="mcps1.3.3.3.2.5.1.3 "><p id="en_topic_0093011492__p58733156">No</p>
</td>
<td class="cellrowborder" valign="top" width="45.91540845915409%" headers="mcps1.3.3.3.2.5.1.4 "><p id="en_topic_0093011492__p59765170">Specifies the IPsec VPN connection name.</p>
</td>
</tr>
<tr id="en_topic_0093011492__row1015618"><td class="cellrowborder" valign="top" width="25.507449255074494%" headers="mcps1.3.3.3.2.5.1.1 "><p id="en_topic_0093011492__p15156252">description</p>
</td>
<td class="cellrowborder" valign="top" width="14.288571142885711%" headers="mcps1.3.3.3.2.5.1.2 "><p id="en_topic_0093011492__p19696890">String</p>
</td>
<td class="cellrowborder" valign="top" width="14.288571142885711%" headers="mcps1.3.3.3.2.5.1.3 "><p id="en_topic_0093011492__p51944261">No</p>
</td>
<td class="cellrowborder" valign="top" width="45.91540845915409%" headers="mcps1.3.3.3.2.5.1.4 "><p id="en_topic_0093011492__p46735588">Provides supplementary information about the IPsec VPN connection.</p>
</td>
</tr>
<tr id="en_topic_0093011492__row51151019"><td class="cellrowborder" valign="top" width="25.507449255074494%" headers="mcps1.3.3.3.2.5.1.1 "><p id="en_topic_0093011492__p49591885">auth_mode</p>
</td>
<td class="cellrowborder" valign="top" width="14.288571142885711%" headers="mcps1.3.3.3.2.5.1.2 "><p id="en_topic_0093011492__p57519772">String</p>
</td>
<td class="cellrowborder" valign="top" width="14.288571142885711%" headers="mcps1.3.3.3.2.5.1.3 "><p id="en_topic_0093011492__p28589951">No</p>
</td>
<td class="cellrowborder" valign="top" width="45.91540845915409%" headers="mcps1.3.3.3.2.5.1.4 "><p id="en_topic_0093011492__p34084703">Specifies the authentication mode. The default value is <strong id="en_topic_0093011492__b84235270616111_1">psk</strong>.</p>
</td>
</tr>
<tr id="en_topic_0093011492__row38326873"><td class="cellrowborder" valign="top" width="25.507449255074494%" headers="mcps1.3.3.3.2.5.1.1 "><p id="en_topic_0093011492__p17468990">peer_cidrs</p>
</td>
<td class="cellrowborder" valign="top" width="14.288571142885711%" headers="mcps1.3.3.3.2.5.1.2 "><p id="en_topic_0093011492__p5702100">List&lt;String&gt;</p>
</td>
<td class="cellrowborder" valign="top" width="14.288571142885711%" headers="mcps1.3.3.3.2.5.1.3 "><p id="en_topic_0093011492__p59216962">No</p>
</td>
<td class="cellrowborder" valign="top" width="45.91540845915409%" headers="mcps1.3.3.3.2.5.1.4 "><p id="en_topic_0093011492__p31844657">(Deprecated) Specifies the tenant's CIDR blocks. The value is in the form of <em id="en_topic_0093011492__i842352697222235_1">&lt;net_address &gt; / &lt; prefix &gt;</em>.</p>
</td>
</tr>
<tr id="en_topic_0093011492__row18166465"><td class="cellrowborder" valign="top" width="25.507449255074494%" headers="mcps1.3.3.3.2.5.1.1 "><p id="en_topic_0093011492__p62197523">tenant_id</p>
</td>
<td class="cellrowborder" valign="top" width="14.288571142885711%" headers="mcps1.3.3.3.2.5.1.2 "><p id="en_topic_0093011492__p4834618">String</p>
</td>
<td class="cellrowborder" valign="top" width="14.288571142885711%" headers="mcps1.3.3.3.2.5.1.3 "><p id="en_topic_0093011492__p56059806">No</p>
</td>
<td class="cellrowborder" valign="top" width="45.91540845915409%" headers="mcps1.3.3.3.2.5.1.4 "><p id="en_topic_0093011492__p44550438">Specifies the project ID.</p>
</td>
</tr>
</tbody>
</table>
</div>
<div class="note" id="en_topic_0093011492__note6919102610114"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><ol id="en_topic_0093011492__ol627383571117"><li class="msonormalcxspfirst" id="en_topic_0093011492__li1827333516111">The <strong id="en_topic_0093011492__b84235270685257">project_id</strong>, <strong id="en_topic_0093011492__b8423527068531">peer_id</strong>, <strong id="en_topic_0093011492__b8423527068537">dpd</strong>, and <strong id="en_topic_0093011492__b84235270685314">local_id</strong> parameters are not supported.</li><li class="msonormalcxspmiddle" id="en_topic_0093011492__li128810356110">The value of <strong id="en_topic_0093011492__b120501305120950_1">tenant_id</strong> can contain a maximum of 255 characters.</li><li class="msonormalcxspmiddle" id="en_topic_0093011492__li0288113541111">The value of <strong id="en_topic_0093011492__b842352706144933">name</strong> can contain 1 to 64 characters.</li><li class="msonormalcxspmiddle" id="en_topic_0093011492__li82965357116">The value of <strong id="en_topic_0093011492__b84235270685724">description</strong> can contain a maximum of 255 characters. This parameter has been used by internal components, and you are not allowed to configure the parameter.</li><li class="msonormalcxspmiddle" id="en_topic_0093011492__li4296123512116">The value of <strong id="en_topic_0093011492__b120501305120950_3">peer_address</strong> can contain a maximum of 250 characters.</li><li class="msonormalcxspmiddle" id="en_topic_0093011492__li10304153571116">The value of <strong id="en_topic_0093011492__b31088999520100">peer_id</strong> can contain a maximum of 250 characters and is unconfigurable.</li><li class="msonormalcxspmiddle" id="en_topic_0093011492__li19304193561113">The <strong id="en_topic_0093011492__b84235270691911">route_mode</strong> parameter cannot be configured. The default value is <strong id="en_topic_0093011492__b84235270691930">static</strong>.</li><li class="msonormalcxspmiddle" id="en_topic_0093011492__li16304193511112">The value of <strong id="en_topic_0093011492__b84235270691942">mtu</strong> can only be <strong id="en_topic_0093011492__b84235270691950">1500</strong>.</li><li class="msonormalcxspmiddle" id="en_topic_0093011492__li1312153551119">The value of <strong id="en_topic_0093011492__b8423527069203">initiator</strong> can only be <strong id="en_topic_0093011492__b84235270692013">bi-directional</strong>.</li><li class="msonormalcxspmiddle" id="en_topic_0093011492__li17312113520112">The value of <strong id="en_topic_0093011492__b84235270692027">auth_mode</strong> can only be <strong id="en_topic_0093011492__b84235270692043">psk</strong>.</li><li class="msonormalcxspmiddle" id="en_topic_0093011492__li131223531116">The value of <strong id="en_topic_0093011492__b842352706203227">admin_state_up</strong> can only be <strong id="en_topic_0093011492__b842352706203236">true</strong>.</li><li class="msonormalcxsplast" id="en_topic_0093011492__li183205352115">A PSK can contain 6 to 128 characters. Spaces and question marks (?) are not allowed in a PSK. The PSK cannot contain only asterisks (*).</li><li id="en_topic_0093011492__li15320133510118">To enable two IPsec connections to work in active/standby mode, the <strong id="en_topic_0093011492__b842352706183729">local_ep_group_id</strong> and <strong id="en_topic_0093011492__b842352706183737">peer_ep_group_id</strong> parameters of the active and standby connections must be set to the same value. If the parameter values are different and the <strong id="en_topic_0093011492__b19710185818451">local_ep_group</strong> and <strong id="en_topic_0093011492__b17605812144614">peer_ep_group</strong> values are different, the connection cannot work in active/standby mode.</li></ol>
</div></div>
</div>
<div class="section" id="en_topic_0093011492__section61345590"><h4 class="sectiontitle">Response Message</h4><p id="en_topic_0093011492__p1757891016128"><a href="#en_topic_0093011492__table60218927">Table 2</a> describes the response parameters.</p>
<div class="tablenoborder"><a name="en_topic_0093011492__table60218927"></a><a name="table60218927"></a><table cellpadding="4" cellspacing="0" summary="" id="en_topic_0093011492__table60218927" frame="border" border="1" rules="all"><caption><b>Table 2 </b>Response parameters</caption><thead align="left"><tr id="en_topic_0093011492__row60011123"><th align="left" class="cellrowborder" valign="top" width="29.76%" id="mcps1.3.4.3.2.4.1.1"><p id="en_topic_0093011492__p29062812">Parameter</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="16.67%" id="mcps1.3.4.3.2.4.1.2"><p id="en_topic_0093011492__p5277541">Type</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="53.57000000000001%" id="mcps1.3.4.3.2.4.1.3"><p id="en_topic_0093011492__p64881656">Description</p>
</th>
</tr>
</thead>
<tbody><tr id="en_topic_0093011492__row38551324"><td class="cellrowborder" valign="top" width="29.76%" headers="mcps1.3.4.3.2.4.1.1 "><p id="en_topic_0093011492__p35649520">interval</p>
</td>
<td class="cellrowborder" valign="top" width="16.67%" headers="mcps1.3.4.3.2.4.1.2 "><p id="en_topic_0093011492__p1930001">Integer</p>
</td>
<td class="cellrowborder" valign="top" width="53.57000000000001%" headers="mcps1.3.4.3.2.4.1.3 "><p id="en_topic_0093011492__p46270551">Specifies the DPD interval in seconds. The default value is <strong id="en_topic_0093011492__b460615530142328">30</strong>.</p>
</td>
</tr>
<tr id="en_topic_0093011492__row13781782"><td class="cellrowborder" valign="top" width="29.76%" headers="mcps1.3.4.3.2.4.1.1 "><p id="en_topic_0093011492__p42582590">dpd</p>
</td>
<td class="cellrowborder" valign="top" width="16.67%" headers="mcps1.3.4.3.2.4.1.2 "><p id="en_topic_0093011492__p26637750">Object</p>
</td>
<td class="cellrowborder" valign="top" width="53.57000000000001%" headers="mcps1.3.4.3.2.4.1.3 "><p id="en_topic_0093011492__p18797239">Specifies the DPD protocol control.</p>
</td>
</tr>
<tr id="en_topic_0093011492__row34957427"><td class="cellrowborder" valign="top" width="29.76%" headers="mcps1.3.4.3.2.4.1.1 "><p id="en_topic_0093011492__p12979352">psk</p>
</td>
<td class="cellrowborder" valign="top" width="16.67%" headers="mcps1.3.4.3.2.4.1.2 "><p id="en_topic_0093011492__p44694577">String</p>
</td>
<td class="cellrowborder" valign="top" width="53.57000000000001%" headers="mcps1.3.4.3.2.4.1.3 "><p id="en_topic_0093011492__p42495969">Specifies the pre-shared key.</p>
</td>
</tr>
<tr id="en_topic_0093011492__row46919403"><td class="cellrowborder" valign="top" width="29.76%" headers="mcps1.3.4.3.2.4.1.1 "><p id="en_topic_0093011492__p42375303">initiator</p>
</td>
<td class="cellrowborder" valign="top" width="16.67%" headers="mcps1.3.4.3.2.4.1.2 "><p id="en_topic_0093011492__p9847515">String</p>
</td>
<td class="cellrowborder" valign="top" width="53.57000000000001%" headers="mcps1.3.4.3.2.4.1.3 "><p id="en_topic_0093011492__p50824398">Specifies whether this VPN can only respond to connections or both respond to and initiate connections.</p>
</td>
</tr>
<tr id="en_topic_0093011492__row54766399"><td class="cellrowborder" valign="top" width="29.76%" headers="mcps1.3.4.3.2.4.1.1 "><p id="en_topic_0093011492__p6893340">ipsecpolicy_id</p>
</td>
<td class="cellrowborder" valign="top" width="16.67%" headers="mcps1.3.4.3.2.4.1.2 "><p id="en_topic_0093011492__p21489686">String</p>
</td>
<td class="cellrowborder" valign="top" width="53.57000000000001%" headers="mcps1.3.4.3.2.4.1.3 "><p id="en_topic_0093011492__p65217919">Specifies the IPsec policy ID.</p>
</td>
</tr>
<tr id="en_topic_0093011492__row50090360"><td class="cellrowborder" valign="top" width="29.76%" headers="mcps1.3.4.3.2.4.1.1 "><p id="en_topic_0093011492__p30787377">admin_state_up</p>
</td>
<td class="cellrowborder" valign="top" width="16.67%" headers="mcps1.3.4.3.2.4.1.2 "><p id="en_topic_0093011492__p10749578">Boolean</p>
</td>
<td class="cellrowborder" valign="top" width="53.57000000000001%" headers="mcps1.3.4.3.2.4.1.3 "><p id="en_topic_0093011492__p63674173">Specifies the administrative status. The value can be <strong id="en_topic_0093011492__b842352706221557_3">true</strong> or <strong id="en_topic_0093011492__b84235270622160_3">false</strong>.</p>
</td>
</tr>
<tr id="en_topic_0093011492__row36196647"><td class="cellrowborder" valign="top" width="29.76%" headers="mcps1.3.4.3.2.4.1.1 "><p id="en_topic_0093011492__p46247333">mtu</p>
</td>
<td class="cellrowborder" valign="top" width="16.67%" headers="mcps1.3.4.3.2.4.1.2 "><p id="en_topic_0093011492__p55046503">Integer</p>
</td>
<td class="cellrowborder" valign="top" width="53.57000000000001%" headers="mcps1.3.4.3.2.4.1.3 "><p id="en_topic_0093011492__p47314137">Specifies the maximum transmission unit to address fragmentation.</p>
</td>
</tr>
<tr id="en_topic_0093011492__row23174054"><td class="cellrowborder" valign="top" width="29.76%" headers="mcps1.3.4.3.2.4.1.1 "><p id="en_topic_0093011492__p65159075">peer_ep_group_id</p>
</td>
<td class="cellrowborder" valign="top" width="16.67%" headers="mcps1.3.4.3.2.4.1.2 "><p id="en_topic_0093011492__p43393704">String</p>
</td>
<td class="cellrowborder" valign="top" width="53.57000000000001%" headers="mcps1.3.4.3.2.4.1.3 "><p id="en_topic_0093011492__p30295276">Specifies the endpoint group ID (tenant CIDR blocks).</p>
</td>
</tr>
<tr id="en_topic_0093011492__row4222036"><td class="cellrowborder" valign="top" width="29.76%" headers="mcps1.3.4.3.2.4.1.1 "><p id="en_topic_0093011492__p6440667">ikepolicy_id</p>
</td>
<td class="cellrowborder" valign="top" width="16.67%" headers="mcps1.3.4.3.2.4.1.2 "><p id="en_topic_0093011492__p51931981">String</p>
</td>
<td class="cellrowborder" valign="top" width="53.57000000000001%" headers="mcps1.3.4.3.2.4.1.3 "><p id="en_topic_0093011492__p14029336">Specifies the IKE policy ID.</p>
</td>
</tr>
<tr id="en_topic_0093011492__row59155164"><td class="cellrowborder" valign="top" width="29.76%" headers="mcps1.3.4.3.2.4.1.1 "><p id="en_topic_0093011492__p26838981">vpnservice_id</p>
</td>
<td class="cellrowborder" valign="top" width="16.67%" headers="mcps1.3.4.3.2.4.1.2 "><p id="en_topic_0093011492__p26473887">String</p>
</td>
<td class="cellrowborder" valign="top" width="53.57000000000001%" headers="mcps1.3.4.3.2.4.1.3 "><p id="en_topic_0093011492__p17438021">Specifies the VPN service ID.</p>
</td>
</tr>
<tr id="en_topic_0093011492__row22724462"><td class="cellrowborder" valign="top" width="29.76%" headers="mcps1.3.4.3.2.4.1.1 "><p id="en_topic_0093011492__p28742116">local_ep_group_id</p>
</td>
<td class="cellrowborder" valign="top" width="16.67%" headers="mcps1.3.4.3.2.4.1.2 "><p id="en_topic_0093011492__p46410096">String</p>
</td>
<td class="cellrowborder" valign="top" width="53.57000000000001%" headers="mcps1.3.4.3.2.4.1.3 "><p id="en_topic_0093011492__p23724515">Specifies the endpoint group ID (VPC subnets).</p>
</td>
</tr>
<tr id="en_topic_0093011492__row12194051"><td class="cellrowborder" valign="top" width="29.76%" headers="mcps1.3.4.3.2.4.1.1 "><p id="en_topic_0093011492__p48194049">peer_address</p>
</td>
<td class="cellrowborder" valign="top" width="16.67%" headers="mcps1.3.4.3.2.4.1.2 "><p id="en_topic_0093011492__p11403863">String</p>
</td>
<td class="cellrowborder" valign="top" width="53.57000000000001%" headers="mcps1.3.4.3.2.4.1.3 "><p id="en_topic_0093011492__p61473837">Specifies the remote gateway address.</p>
</td>
</tr>
<tr id="en_topic_0093011492__row16393628"><td class="cellrowborder" valign="top" width="29.76%" headers="mcps1.3.4.3.2.4.1.1 "><p id="en_topic_0093011492__p52815467">peer_id</p>
</td>
<td class="cellrowborder" valign="top" width="16.67%" headers="mcps1.3.4.3.2.4.1.2 "><p id="en_topic_0093011492__p50194423">String</p>
</td>
<td class="cellrowborder" valign="top" width="53.57000000000001%" headers="mcps1.3.4.3.2.4.1.3 "><p id="en_topic_0093011492__p22413667">Specifies the remote gateway ID.</p>
</td>
</tr>
<tr id="en_topic_0093011492__row396418"><td class="cellrowborder" valign="top" width="29.76%" headers="mcps1.3.4.3.2.4.1.1 "><p id="en_topic_0093011492__p32109884">name</p>
</td>
<td class="cellrowborder" valign="top" width="16.67%" headers="mcps1.3.4.3.2.4.1.2 "><p id="en_topic_0093011492__p50763831">String</p>
</td>
<td class="cellrowborder" valign="top" width="53.57000000000001%" headers="mcps1.3.4.3.2.4.1.3 "><p id="en_topic_0093011492__p207374">Specifies the IPsec VPN connection name.</p>
</td>
</tr>
<tr id="en_topic_0093011492__row1866374"><td class="cellrowborder" valign="top" width="29.76%" headers="mcps1.3.4.3.2.4.1.1 "><p id="en_topic_0093011492__p16958614">description</p>
</td>
<td class="cellrowborder" valign="top" width="16.67%" headers="mcps1.3.4.3.2.4.1.2 "><p id="en_topic_0093011492__p31470474">String</p>
</td>
<td class="cellrowborder" valign="top" width="53.57000000000001%" headers="mcps1.3.4.3.2.4.1.3 "><p id="en_topic_0093011492__p50916928">Provides supplementary information about the IPsec VPN connection.</p>
</td>
</tr>
<tr id="en_topic_0093011492__row918101"><td class="cellrowborder" valign="top" width="29.76%" headers="mcps1.3.4.3.2.4.1.1 "><p id="en_topic_0093011492__p7257357">auth_mode</p>
</td>
<td class="cellrowborder" valign="top" width="16.67%" headers="mcps1.3.4.3.2.4.1.2 "><p id="en_topic_0093011492__p50975058">String</p>
</td>
<td class="cellrowborder" valign="top" width="53.57000000000001%" headers="mcps1.3.4.3.2.4.1.3 "><p id="en_topic_0093011492__p43888289">Specifies the authentication mode. The default value is <strong id="en_topic_0093011492__b84235270616111_3">psk</strong>.</p>
</td>
</tr>
<tr id="en_topic_0093011492__row59450282"><td class="cellrowborder" valign="top" width="29.76%" headers="mcps1.3.4.3.2.4.1.1 "><p id="en_topic_0093011492__p50743509">id</p>
</td>
<td class="cellrowborder" valign="top" width="16.67%" headers="mcps1.3.4.3.2.4.1.2 "><p id="en_topic_0093011492__p16583569">String</p>
</td>
<td class="cellrowborder" valign="top" width="53.57000000000001%" headers="mcps1.3.4.3.2.4.1.3 "><p id="en_topic_0093011492__p21330650">Specifies the IPsec VPN connection ID.</p>
</td>
</tr>
<tr id="en_topic_0093011492__row57758128"><td class="cellrowborder" valign="top" width="29.76%" headers="mcps1.3.4.3.2.4.1.1 "><p id="en_topic_0093011492__p47896825">route_mode</p>
</td>
<td class="cellrowborder" valign="top" width="16.67%" headers="mcps1.3.4.3.2.4.1.2 "><p id="en_topic_0093011492__p54437622">String</p>
</td>
<td class="cellrowborder" valign="top" width="53.57000000000001%" headers="mcps1.3.4.3.2.4.1.3 "><p id="en_topic_0093011492__p11868462">Specifies the route advertising mode. The default value is <strong id="en_topic_0093011492__b409160175141644">static</strong>.</p>
</td>
</tr>
<tr id="en_topic_0093011492__row39707298"><td class="cellrowborder" valign="top" width="29.76%" headers="mcps1.3.4.3.2.4.1.1 "><p id="en_topic_0093011492__p62174594">status</p>
</td>
<td class="cellrowborder" valign="top" width="16.67%" headers="mcps1.3.4.3.2.4.1.2 "><p id="en_topic_0093011492__p2977371">String</p>
</td>
<td class="cellrowborder" valign="top" width="53.57000000000001%" headers="mcps1.3.4.3.2.4.1.3 "><p id="en_topic_0093011492__p5852437">Specifies the IPsec VPN connection status. The value can be <strong id="en_topic_0093011492__b842352706164927">ACTIVE</strong>, <strong id="en_topic_0093011492__b842352706164931">DOWN</strong>, <strong id="en_topic_0093011492__b842352706164935">BUILD</strong>, <strong id="en_topic_0093011492__b842352706164939">ERROR</strong>, <strong id="en_topic_0093011492__b842352706164943">PENDING_CREATE</strong>, <strong id="en_topic_0093011492__b842352706164948">PENDING_UPDATE</strong>, or <strong id="en_topic_0093011492__b84235270616508">PENDING_DELETE</strong>.</p>
</td>
</tr>
<tr id="en_topic_0093011492__row52671936"><td class="cellrowborder" valign="top" width="29.76%" headers="mcps1.3.4.3.2.4.1.1 "><p id="en_topic_0093011492__p38568449">peer_cidrs</p>
</td>
<td class="cellrowborder" valign="top" width="16.67%" headers="mcps1.3.4.3.2.4.1.2 "><p id="en_topic_0093011492__p37036703">List</p>
</td>
<td class="cellrowborder" valign="top" width="53.57000000000001%" headers="mcps1.3.4.3.2.4.1.3 "><p id="en_topic_0093011492__p63724816">(Deprecated) Specifies the tenant's CIDR blocks. The value is in the form of <em id="en_topic_0093011492__i842352697222235_3">&lt;net_address &gt; / &lt; prefix &gt;</em>.</p>
</td>
</tr>
<tr id="en_topic_0093011492__row36652435"><td class="cellrowborder" valign="top" width="29.76%" headers="mcps1.3.4.3.2.4.1.1 "><p id="en_topic_0093011492__p16057296">tenant_id</p>
</td>
<td class="cellrowborder" valign="top" width="16.67%" headers="mcps1.3.4.3.2.4.1.2 "><p id="en_topic_0093011492__p25572589">String</p>
</td>
<td class="cellrowborder" valign="top" width="53.57000000000001%" headers="mcps1.3.4.3.2.4.1.3 "><p id="en_topic_0093011492__p9598184">Specifies the project ID.</p>
</td>
</tr>
<tr id="en_topic_0093011492__row19274797"><td class="cellrowborder" valign="top" width="29.76%" headers="mcps1.3.4.3.2.4.1.1 "><p id="en_topic_0093011492__p17754702">timeout</p>
</td>
<td class="cellrowborder" valign="top" width="16.67%" headers="mcps1.3.4.3.2.4.1.2 "><p id="en_topic_0093011492__p28844789">Integer</p>
</td>
<td class="cellrowborder" valign="top" width="53.57000000000001%" headers="mcps1.3.4.3.2.4.1.3 "><p id="en_topic_0093011492__p3664366">Specifies the DPD timeout. The default value is 120 seconds.</p>
</td>
</tr>
<tr id="en_topic_0093011492__row32979301"><td class="cellrowborder" valign="top" width="29.76%" headers="mcps1.3.4.3.2.4.1.1 "><p id="en_topic_0093011492__p54077734">action</p>
</td>
<td class="cellrowborder" valign="top" width="16.67%" headers="mcps1.3.4.3.2.4.1.2 "><p id="en_topic_0093011492__p18220335">String</p>
</td>
<td class="cellrowborder" valign="top" width="53.57000000000001%" headers="mcps1.3.4.3.2.4.1.3 "><p id="en_topic_0093011492__p22737212">Specifies the DPD action. The value can be <strong id="en_topic_0093011492__b842352706165431">clear</strong>, <strong id="en_topic_0093011492__b842352706165434">hold</strong>, <strong id="en_topic_0093011492__b842352706165439">restart</strong>, <strong id="en_topic_0093011492__b842352706165443">disabled</strong>, or <strong id="en_topic_0093011492__b842352706165447">restart-by-peer</strong>. The default value is <strong id="en_topic_0093011492__b842352706201018">hold</strong>.</p>
</td>
</tr>
<tr id="en_topic_0093011492__row176301621514"><td class="cellrowborder" valign="top" width="29.76%" headers="mcps1.3.4.3.2.4.1.1 "><p id="en_topic_0093011492__p4619410115112">created_at</p>
</td>
<td class="cellrowborder" valign="top" width="16.67%" headers="mcps1.3.4.3.2.4.1.2 "><p id="en_topic_0093011492__p1863112125111">String</p>
</td>
<td class="cellrowborder" valign="top" width="53.57000000000001%" headers="mcps1.3.4.3.2.4.1.3 "><p id="en_topic_0093011492__p8631142135117">Specifies the time when the IPsec connection was created.</p>
</td>
</tr>
</tbody>
</table>
</div>
</div>
<div class="section" id="en_topic_0093011492__section15239399"><h4 class="sectiontitle">Example</h4><ul id="en_topic_0093011492__ul18791144011211"><li id="en_topic_0093011492__li197911409122">Example Request<pre class="screen" id="en_topic_0093011492__screen157989247441">POST /v2.0/vpn/ipsec-site-connections
{
"ipsec_site_connection" : {
"psk" : "secret",
"initiator" : "bi-directional",
"ipsecpolicy_id" : "e6e23d0c-9519-4d52-8ea4-5b1f96d857b1",
"admin_state_up" : true,
"mtu" : 1500,
"peer_ep_group_id" : "9ad5a7e0-6dac-41b4-b20d-a7b8645fddf1",
"ikepolicy_id" : "9b00d6b0-6c93-4ca5-9747-b8ade7bb514f",
"vpnservice_id" : "5c561d9d-eaea-45f6-ae3e-08d1a7080828",
"local_ep_group_id" : "3e1815dd-e212-43d0-8f13-b494fa553e68",
"peer_address" : "172.24.4.233",
"peer_id" : "172.24.4.233",
"name" : "vpnconnection1"
}
}</pre>
</li></ul>
</div>
<ul id="en_topic_0093011492__ul187993506128"><li id="en_topic_0093011492__li0799155016120">Example Response<pre class="screen" id="en_topic_0093011492__screen71032291313">{
"ipsec_site_connection" : {
"status" : "PENDING_CREATE",
"psk" : "secret",
"initiator" : "bi-directional",
"name" : "vpnconnection1",
"admin_state_up" : true,
"tenant_id" : "10039663455a446d8ba2cbb058b0f578",
"auth_mode" : "psk",
"peer_cidrs" : [ ],
"mtu" : 1500,
"peer_ep_group_id" : "9ad5a7e0-6dac-41b4-b20d-a7b8645fddf1",
"ikepolicy_id" : "9b00d6b0-6c93-4ca5-9747-b8ade7bb514f",
"vpnservice_id" : "5c561d9d-eaea-45f6-ae3e-08d1a7080828",
"dpd" : {
"action" : "hold",
"interval" : 30,
"timeout" : 120
},
"route_mode" : "static",
"vpnservice_id": "4754261f-f8c5-4799-a365-78b2e682e38a",
"ipsecpolicy_id" : "e6e23d0c-9519-4d52-8ea4-5b1f96d857b1",
"local_ep_group_id" : "3e1815dd-e212-43d0-8f13-b494fa553e68",
"peer_address" : "172.24.4.233",
"created_at": "2018-11-03 14:24:33.749714",
"peer_id" : "172.24.4.233",
"id" : "851f280f-5639-4ea3-81aa-e298525ab74b",
"description" : ""
}
}</pre>
</li></ul>
<div class="section" id="en_topic_0093011492__section26431778"><h4 class="sectiontitle">Returned Values</h4><p id="en_topic_0093011492__p19515943486">For details, see section <a href="en_topic_0093011522.html">Common Returned Values</a>.</p>
</div>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="en_topic_0093011491.html">IPsec Connection Management</a></div>
</div>
</div>
View Git Blame Copy Permalink