NSX-T Data Center REST API

IPSecVPNPolicyRule (type)

{
  "additionalProperties": false,
  "description": "For policy-based IPsec VPNs, a security policy specifies as its action the VPN tunnel to be used for transit traffic that meets the policy's match criteria.",
  "extends": {
    "$ref": "EmbeddedResource"
  },
  "id": "IPSecVPNPolicyRule",
  "module_id": "IPSecVPN",
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
      "items": {
        "$ref": "ResourceLink"
      },
      "readonly": true,
      "title": "References related to this resource",
      "type": "array"
    },
    "_owner": {
      "$ref": "OwnerResourceLink",
      "readonly": true,
      "title": "Owner of this resource"
    },
    "_revision": {
      "computed": true,
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
      "title": "Generation of this resource config",
      "type": "int"
    },
    "_schema": {
      "readonly": true,
      "title": "Schema for this resource",
      "type": "string"
    },
    "_self": {
      "$ref": "SelfResourceLink",
      "readonly": true,
      "title": "Link to this resource"
    },
    "action": {
      "default": "PROTECT",
      "description": "PROTECT - Protect rules are defined per policy based IPSec VPN session. BYPASS - Bypass rules are defined per IPSec VPN service and affects all policy based IPSec VPN sessions. Bypass rules are prioritized over protect rules.",
      "enum": [
        "PROTECT",
        "BYPASS"
      ],
      "readonly": true,
      "title": "Action to be applied",
      "type": "string"
    },
    "description": {
      "can_sort": true,
      "maxLength": 1024,
      "title": "Description of this resource",
      "type": "string"
    },
    "destinations": {
      "description": "List of peer subnets.",
      "items": {
        "$ref": "IPSecVPNPolicySubnet"
      },
      "maxItems": 128,
      "required": false,
      "title": "Destination list",
      "type": "array"
    },
    "display_name": {
      "can_sort": true,
      "description": "Defaults to ID if not set",
      "maxLength": 255,
      "title": "Identifier to use when displaying entity in logs or GUI",
      "type": "string"
    },
    "enabled": {
      "default": true,
      "description": "A flag to enable/disable the policy rule.",
      "title": "Enabled flag",
      "type": "boolean"
    },
    "id": {
      "description": "Unique policy id.",
      "title": "Unique policy id",
      "type": "string"
    },
    "logged": {
      "default": false,
      "description": "A flag to enable/disable the logging for the policy rule.",
      "title": "Logging flag",
      "type": "boolean"
    },
    "resource_type": {
      "description": "The type of this resource.",
      "readonly": false,
      "type": "string"
    },
    "sources": {
      "description": "List of local subnets.",
      "items": {
        "$ref": "IPSecVPNPolicySubnet"
      },
      "maxItems": 128,
      "required": false,
      "title": "Source list",
      "type": "array"
    }
  },
  "title": "IPSec VPN policy rules",
  "type": "object"
}