Listing IPsec connections
GET /v2.0/vpn/ipsec-site-connections
List all IPsec connections.
Request
Parameters
Name | In | Type | Description |
---|---|---|---|
fields (Optional) |
query | string | The fields that you want the server to return. If no fields query parameter is specified, the networking API returns all attributes allowed by the policy settings. By using the fields parameter, the API returns only the requested set of attributes. The fields parameter can be specified multiple times. For example, if you specify fields=id&fields=name in the request URL, only the id and name attributes will be returned. |
Example
# curl -ks -H 'Content-Type: application/json' -H 'X-Auth-Token: gAAAAA<...>' \ https://<node_IP_addr>:9696/v2.0/vpn/ipsec-site-connections
Response
Parameters
Name | In | Type | Description |
---|---|---|---|
auth_mode (Optional) |
body | string | The authentication mode. A valid value is psk , which is the default. |
ikepolicy_id
|
body | string | The ID of the IKE policy. |
vpnservice_id
|
body | string | The ID of the VPN service. |
local_ep_group_id (Optional) |
body | string | The ID for the endpoint group that contains private subnets for the local side of the connection. You must specify this parameter with the peer_ep_group_id parameter. |
peer_address
|
body | string | The peer gateway public IPv4 or IPv6 address or FQDN. |
id (Optional) |
body | string | The ID of the IPsec site-to-site connection. |
route_mode (Optional) |
body | string | The route mode. A valid value is static , which is the default. |
ipsecpolicy_id
|
body | string | The ID of the IPsec policy. |
peer_id
|
body | string | The peer router identity for authentication. A valid value is an IPv4 address, IPv6 address, e-mail address, key ID, or FQDN. Typically, this value matches the peer_address value. |
status
|
body | string | Indicates whether the IPsec connection is currently operational. Values are ACTIVE , DOWN , BUILD , ERROR , PENDING_CREATE , PENDING_UPDATE , or PENDING_DELETE . |
psk
|
body | string | The pre-shared key. A valid value is any string. |
name (Optional) |
body | string | A human-readable name of the resource. Default is an empty string. |
description (Optional) |
body | string | A human-readable description for the resource. Default is an empty string. |
initiator (Optional) |
body | string | Indicates whether this VPN can only respond to connections or both respond to and initiate connections. A valid value is response-only or bi-directional . Default is bi-directional . |
admin_state_up
|
body | boolean | The administrative state of the resource, which is up (true ) or down (false ). |
tenant_id
|
body | string | The ID of the project. |
project_id
|
body | string | The ID of the project. |
interval (Optional) |
body | integer | The dead peer detection (DPD) interval, in seconds. A valid value is a positive integer. Default is 30. |
mtu
|
body | integer | The maximum transmission unit (MTU) value to address fragmentation. Minimum value is 68 for IPv4, and 1280 for IPv6. |
peer_ep_group_id (Optional) |
body | string | The ID for the endpoint group that contains private CIDRs in the form <net_address>/<prefix> for the peer side of the connection. You must specify this parameter with the local_ep_group_id parameter. |
dpd (Optional) |
body | object | A dictionary with dead peer detection (DPD) protocol controls. |
timeout
|
body | integer | The dead peer detection (DPD) timeout in seconds. A valid value is a positive integer that is greater than the DPD interval value. Default is 120. |
action
|
body | string | The dead peer detection (DPD) action. A valid value is clear , hold , restart , disabled , or restart-by-peer . Default value is hold . |
local_id (Optional) |
body | string | An ID to be used instead of the external IP address for a virtual router used in traffic between instances on different networks in east-west traffic. Most often, local ID would be domain name, email address, etc. If this is not configured then the external IP address will be used as the ID. |
Status codes
Success
Code | Reason |
---|---|
200 - OK
|
Request was successful. |
Error
Code | Reason |
---|---|
401 - Unauthorized
|
User must authenticate before making a request. |
403 - Forbidden
|
Policy does not allow current user to do this operation. |
Example
{ "ipsec_site_connections": [ { "id": "324dc68b-bdee-4a78-9d14-3484d8ee97a9", "tenant_id": "284a2547ea8445d1be0e68ef2d76672c", "name": "vpnconnection1", "description": "", "peer_address": "10.136.18.138", "peer_id": "10.136.18.138", "local_id": "", "route_mode": "static", "mtu": 1500, "auth_mode": "psk", "psk": "secret", "initiator": "bi-directional", "dpd": { "action": "hold", "interval": 30, "timeout": 120 }, "admin_state_up": true, "status": "DOWN", "vpnservice_id": "d6116b75-db78-4d07-9911-226b4655838a", "ikepolicy_id": "94edd562-8b10-4e96-98d7-7b8b99d3ca5d", "ipsecpolicy_id": "805ab779-e91c-42db-b6b9-591156d9634e", "peer_cidrs": [], "local_ep_group_id": "646938a8-322e-44b3-ac35-60deadcd4252", "peer_ep_group_id": "e3b89342-73ee-42b9-8ee9-fd91ec36aceb", "split_selector": false, "project_id": "284a2547ea8445d1be0e68ef2d76672c" } ] }