NSX Autonomous Edge REST API
TransportTunnel (type)
{
"additionalProperties": false,
"description": "For client, L2VPN Session Transport Tunnel uses a peer code which has all the information to create the transport tunnel.",
"id": "TransportTunnel",
"properties": {
"certificate_id": {
"description": "Site certificate identifier.",
"pattern": "^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$",
"required": false,
"title": "Certificate Id",
"type": "string"
},
"connection_initiation_mode": {
"default": "INITIATOR",
"description": "Connection initiation mode used by local endpoint to establish ike connection with peer endpoint. INITIATOR - In this mode local endpoint initiates tunnel setup and will also respond to incoming tunnel setup requests from peer gateway. RESPOND_ONLY - In this mode, local endpoint shall only respond to incoming tunnel setup requests. It shall not initiate the tunnel setup. ON_DEMAND - In this mode local endpoint will initiate tunnel creation once first packet matching the policy rule is received and will also respond to incoming initiation request.",
"enum": [
"INITIATOR",
"RESPOND_ONLY",
"ON_DEMAND"
],
"title": "Connection initiation mode",
"type": "string"
},
"display_name": {
"description": "Name for transport tunnel.",
"required": false,
"title": "Name for transport tunnel",
"type": "string"
},
"ipsec_session_id": {
"description": "Transport tunnel id. When service is in client mode, this is read only.",
"readonly": true,
"required": false,
"title": "Transport tunnel id",
"type": "string"
},
"local_address": {
"$ref": "IPv4Address",
"description": "IPv4 Address of local endpoint. This is required when service is in client mode.",
"required": false,
"title": "IPv4 Address of local endpoint"
},
"local_vti_ip": {
"$ref": "IPv4CIDRBlock",
"description": "VTI used by the RouteBased IPsecVPN session.",
"required": false,
"title": "Local VTI interface"
},
"multipath": {
"default": false,
"description": "Enables the IPSec packets to be routed via multiple paths.",
"required": false,
"title": "Mutipath flag",
"type": "boolean"
},
"peer_address": {
"$ref": "IPv4Address",
"description": "IPv4 Address of Peer endpoint on remote site. This is required when service is in client mode.",
"required": false,
"title": "IPv4 Address of Peer endpoint"
},
"peer_certificate": {
"description": "PEM encoded certificate of Peer endpoint.",
"readonly": false,
"required": false,
"sensitive": true,
"title": "Peer endpoint certificate",
"type": "string"
},
"peer_code": {
"description": "Peer code represents a base64 encoded string which has all the configuration for tunnel. E.g. local/peer ids and protocol, encryption algorithm, etc. Peer code also contains PSK; be careful when sharing or storing it. This is required when service is in client mode.",
"required": false,
"sensitive": true,
"title": "Peer code for the transport tunnel",
"type": "string"
},
"peer_id": {
"description": "IPv4 Address/FQDN/DN of Peer endpoint on remote site.",
"required": false,
"title": "ID of Peer endpoint",
"type": "string"
},
"psk": {
"description": "IPSec Pre-shared key. Maximum length of this field is 128 characters. Its required input in PSK authentication mode.",
"maximum": 128,
"minimum": 1,
"required": false,
"sensitive": true,
"title": "Pre-shared key",
"type": "string"
},
"trust_ca_ids": {
"description": "Certificate authority (CA) identifier list to verify peer certificates.",
"items": {
"type": "string"
},
"required": false,
"title": "Certificate authority (CA) identifiers",
"type": "array"
},
"trust_crl_ids": {
"description": "Certificate revocation list (CRL) identifier list of peer certificates.",
"items": {
"type": "string"
},
"required": false,
"title": "Certificate revocation list (CRL) Identifiers",
"type": "array"
}
},
"title": "L2VPN Session Transport Tunnel",
"type": "object"
}