GatewayIpSecVpnTunnel
Specifies the IPSec VPN tunnel configuration.
{
"id": "string",
"name": "string",
"description": "string",
"active": false,
"localEndpoint": {
"localId": "string",
"localAddress": "string",
"localNetworks": [
"string"
]
},
"remoteEndpoint": {
"remoteId": "string",
"remoteAddress": "string",
"remoteNetworks": [
"string"
]
},
"authenticationMode": "string",
"preSharedKey": "string",
"certificateRef": {
"name": "string",
"id": "string"
},
"caCertificateRef": {
"name": "string",
"id": "string"
},
"connectorInitiationMode": "string",
"securityType": "string",
"logging": false,
"version": {
"version": 0
}
}
The unique id of this IPSec VPN tunnel. On updates, the id is required for the tunnel, while for create a new id will be generated.
Name for the tunnel.
description
Described whether the tunnel is active or not. The default is true.
The authentication mode this IPSec tunnel will use to authenticate with the peer endpoint. The default is a pre-shared key (PSK).
- PSK - A known key is shared between each site before the tunnel is established.
- CERTIFICATE - Incoming connections are required to present an identifying digital certificate, which VCD verifies has been signed by a trusted certificate authority.
This is the Pre-shared key used for authentication.
This is the mode used by the local endpoint to establish an IKE Connection with the remote site. The default is INITIATOR. Below are valid values.
INITIATOR
RESPOND_ONLY
ON_DEMAND
This is the security type used for the IPSec Tunnel. If nothing is specified, this will be set to 'DEFAULT' in which the default settings in NSX will be used. For custom settings, one should use the connectionProperties endpoint to specify custom settings. The security type will then appropriately reflect itself as 'CUSTOM'.
Whether logging for the tunnel is active or not. The default is false.