Auto Configure Ip Sec Vpn Tunnel

Auto Configure Ip Sec Vpn Tunnel

Auto-configure a route-based IPsec VPN tunnel on the Provider Gateway based on the specified IP Space, remote and local endpoints, preshared key, and VTIs. VCD will create an uplink to the provided IP space, create a new route-based IPsec VPN tunnel with the provided inputs, enable the IPsec route redistribution service on the autogenerated VCD route redistribution rule (if existing), and autogenerate BGP prefix lists, route maps, and neighbors based on the created uplink and remote VTIs. Auto-configuring multiple times with the same IP space will overwrite the existing autoconfigured IPsec VPN tunnel and BGP components with the new inputs. Changes to the corresponding IP Space's scope will also be reflected in the autoconfigured Prefix List networks.

Request
URI
POST
https://{api_host}/cloudapi/1.0.0/externalNetworks/{externalNetworkId}/providerGatewayServices/ipsec/tunnels/autoConfigure
COPY
Path Parameters
string
externalNetworkId
Required

externalNetworkId

string
externalNetworkId
Required

externalNetworkId

Request Body
GatewayIpSecVpnAutoConfigProperties of type(s) application/json
Required 
{
    "ipSpaceRef": {
        "name": "string",
        "id": "string"
    },
    "name": "string",
    "remoteEndpoint": "10.22.1.100",
    "localEndpoint": "12.0.3.2",
    "preSharedKey": "string",
    "localTunnelInterfaces": [
        "string"
    ],
    "remoteTunnelIpAddresses": [
        "string"
    ],
    "bgpNeighborRemoteAsNumber": "65546, 1.10",
    "bgpNeighborLocalAsNumber": "65546, 1.10"
}
EntityReference
ipSpaceRef
Required

Entity reference used to describe VCD entities

string
name
Required

Name of the new route-based IPsec VPN tunnel to auto-configure.

string
remoteEndpoint
Required

IP address of the remote endpoint on the remote site. This is the Public IP address of the remote device terminating the VPN tunnel.

string
localEndpoint
Required

The IP address for the endpoint. For a gateway using an IP Space, the IP must be allocated if it falls within the IP Space.

string
preSharedKey
Required

This is the pre-shared key used for authentication.

array of string
localTunnelInterfaces
Required

Virtual Tunnel Interfaces (VTI), the local interface that the tunnel traffic is routed through. The list can be a single IPv4 CIDR, a single IPv6 CIDR, or one of each. The local VTIs must be in the same subnet as the remote VTIs.

array of string
remoteTunnelIpAddresses
Required

IP addresses of the remote tunnel VTIs. The list can be a single IPv4 address, a single IPv6 address, or one of each. IP addresses must be in the same subnet as the local VTIs. BGP neighbors will be autoconfigured with the provided IP addresses.

string
bgpNeighborRemoteAsNumber
Required

The remote AS number for the autoconfigured BGP neighbor in ASPLAIN or ASDOT format.

string
bgpNeighborLocalAsNumber
Required

The local AS number override for the autoconfigured BGP neighbor in ASPLAIN or ASDOT format.

Authentication
This operation uses the following authentication methods.
Responses
202

The request have been accepted and the task to monitor the request is in the Location header.

Operation doesn't return any data structure

Availability
Added in 39.0
On This Page
Provider Gateway Ip Sec Vpn Tunnels Operations
POST
Auto Configure Ip Sec Vpn Tunnel
POST
Create Ip Sec Vpn Tunnel
DELETE
Delete Ip Sec Vpn Tunnel
GET
Get Ip Sec Vpn Tunnel
GET
Get Ip Sec Vpn Tunnel Allowed Security Types
GET
Get Ip Sec Vpn Tunnel Connection Properties
GET
Get Ip Sec Vpn Tunnel Default Connection Properties
GET
Get Ip Sec Vpn Tunnel Preset Connection Properties
GET
Get Ip Sec Vpn Tunnels
GET
Get Ip Sec Vpn Tunnel Statistics
GET
Get Ip Sec Vpn Tunnel Status
PUT
Update Ip Sec Vpn Tunnel
PUT
Update Ip Sec Vpn Tunnel Connection Properties