Create Ip Sec Vpn Tunnel

Create Ip Sec Vpn Tunnel

Creates an IPSec tunnel on the Edge Gateway.

Request
URI
POST
https://{api_host}/cloudapi/1.0.0/edgeGateways/{gatewayId}/ipsec/tunnels
COPY
Path Parameters
string
gatewayId
Required

gatewayId

string
gatewayId
Required

gatewayId


Request Body
GatewayIpSecVpnTunnel of type(s) application/json
Optional
{
    "id": "string",
    "name": "string",
    "description": "string",
    "active": false,
    "localEndpoint": {
        "localId": "string",
        "localAddress": "string",
        "localNetworks": [
            "string"
        ]
    },
    "remoteEndpoint": {
        "remoteId": "string",
        "remoteAddress": "string",
        "remoteNetworks": [
            "string"
        ]
    },
    "authenticationMode": "string",
    "preSharedKey": "string",
    "certificateRef": {
        "name": "string",
        "id": "string"
    },
    "caCertificateRef": {
        "name": "string",
        "id": "string"
    },
    "connectorInitiationMode": "string",
    "securityType": "string",
    "logging": false,
    "version": {
        "version": 0
    }
}
string
id
Optional

The unique id of this IPSec VPN tunnel. On updates, the id is required for the tunnel, while for create a new id will be generated.

string
name
Required

Name for the tunnel.

string
description
Optional

description

boolean
active
Optional

Described whether the tunnel is active or not. The default is true.

localEndpoint
Required

localEndpoint

remoteEndpoint
Required

remoteEndpoint

string
authenticationMode
Optional

The authentication mode this IPSec tunnel will use to authenticate with the peer endpoint. The default is a pre-shared key (PSK).

  • PSK - A known key is shared between each site before the tunnel is established.
  • CERTIFICATE - Incoming connections are required to present an identifying digital certificate, which VCD verifies has been signed by a trusted certificate authority.
string
preSharedKey
Optional

This is the Pre-shared key used for authentication.

certificateRef
Optional

certificateRef

caCertificateRef
Optional

caCertificateRef

string
connectorInitiationMode
Optional

This is the mode used by the local endpoint to establish an IKE Connection with the remote site. The default is INITIATOR. Below are valid values.

  • INITIATOR
  • RESPOND_ONLY
  • ON_DEMAND
string
securityType
Optional

This is the security type used for the IPSec Tunnel. If nothing is specified, this will be set to 'DEFAULT' in which the default settings in NSX will be used. For custom settings, one should use the connectionProperties endpoint to specify custom settings. The security type will then appropriately reflect itself as 'CUSTOM'.

boolean
logging
Optional

Whether logging for the tunnel is active or not. The default is false.

version
Optional

version

Authentication
This operation uses the following authentication methods.
Responses
202

The request have been accepted and the task to monitor the request is in the Location header.

Operation doesn't return any data structure

400

Invalid configuration.

Returns Error of type(s) */*;version=38.1
{
    "minorErrorCode": "string",
    "message": "string",
    "stackTrace": "string"
}
string
minorErrorCode
Required

minorErrorCode

string
message
Required

message

string
stackTrace
Optional

stackTrace


404

The specified resource was not found

Returns Error of type(s) */*;version=38.1
{
    "minorErrorCode": "string",
    "message": "string",
    "stackTrace": "string"
}
string
minorErrorCode
Required

minorErrorCode

string
message
Required

message

string
stackTrace
Optional

stackTrace