InlineIPSecVPNTunnelProfile1

InlineIPSecVPNTunnelProfile1
InlineIPSecVPNTunnelProfile1
JSON Example 
{
    "encapsulation_mode": "string",
    "transform_protocol": "string",
    "digest_algorithms": [
        "string"
    ],
    "encryption_algorithms": [
        "string"
    ],
    "enable_perfect_forward_secrecy": false,
    "dh_groups": [
        "string"
    ],
    "df_policy": "string",
    "sa_life_time": 0
}
string
encapsulation_mode
Optional

Encapsulation Mode to be used for encryption of packet. Tunnel mode protects internal routing information by encrypting IP header of original packet.

string
transform_protocol
Optional

IPSec transform specifies IPSec security protocol.

array of string
digest_algorithms
Optional

Algorithm to be used for message digest. Default digest algorithm is implicitly covered by default encryption algorithm "AES_GCM_128".

Possible values are : SHA1, SHA2_256, SHA2_384, SHA2_512,
array of string
encryption_algorithms
Optional

Encryption algorithm to encrypt/decrypt the messages exchanged between IPSec VPN initiator and responder during tunnel negotiation. Default is AES_GCM_128.

Possible values are : AES_128, AES_256, AES_GCM_128, AES_GCM_192, AES_GCM_256, NO_ENCRYPTION_AUTH_AES_GMAC_128, NO_ENCRYPTION_AUTH_AES_GMAC_192, NO_ENCRYPTION_AUTH_AES_GMAC_256, NO_ENCRYPTION,
boolean
enable_perfect_forward_secrecy
Optional

If true, perfect forward secrecy (PFS) is enabled.

array of string
dh_groups
Optional

Diffie-Hellman group to be used if PFS is enabled. Default is GROUP14.

Possible values are : GROUP2, GROUP5, GROUP14, GROUP15, GROUP16,
string
df_policy
Optional

Defragmentation policy helps to handle defragmentation bit present in the inner packet. COPY copies the defragmentation bit from the inner IP packet into the outer packet. CLEAR ignores the defragmentation bit present in the inner packet.

Possible values are : COPY, CLEAR,
integer As int64 As int64
sa_life_time
Optional

SA life time specifies the expiry time of security association. Default is 3600 seconds.

Used By