InlineIPSecVpnTunnelProfile1
InlineIPSecVpnTunnelProfile1
JSON Example
{
"df_policy": "string",
"dh_groups": [
"string"
],
"digest_algorithms": [
"string"
],
"enable_perfect_forward_secrecy": false,
"encryption_algorithms": [
"string"
],
"sa_life_time": 0
}string
df_policy
Optional
Defragmentation policy helps to handle defragmentation bit present in the inner packet. COPY copies the defragmentation bit from the inner IP packet into the outer packet. CLEAR ignores the defragmentation bit present in the inner packet.
Possible values are : COPY, CLEAR,
array of string
dh_groups
Optional
Diffie-Hellman group to be used if PFS is enabled. Default is GROUP14.
Possible values are : GROUP2, GROUP5, GROUP14, GROUP15, GROUP16, GROUP19, GROUP20, GROUP21,
array of string
digest_algorithms
Optional
Algorithm to be used for message digest. Default digest algorithm is implicitly covered by default encryption algorithm "AES_GCM_128".
Possible values are : SHA1, SHA2_256, SHA2_384, SHA2_512,
boolean
enable_perfect_forward_secrecy
Optional
If true, perfect forward secrecy (PFS) is enabled.
array of string
encryption_algorithms
Optional
Encryption algorithm to encrypt/decrypt the messages exchanged between IPSec VPN initiator and responder during tunnel negotiation. Default is AES_GCM_128.
Possible values are : AES_128, AES_256, AES_GCM_128, AES_GCM_192, AES_GCM_256, NO_ENCRYPTION_AUTH_AES_GMAC_128, NO_ENCRYPTION_AUTH_AES_GMAC_192, NO_ENCRYPTION_AUTH_AES_GMAC_256, NO_ENCRYPTION,
integer As int64 As int64
sa_life_time
Optional
SA life time specifies the expiry time of security association. Default is 3600 seconds.