Listing IPsec policies
GET /v2.0/vpn/ipsecpolicies
List IPsec policies.
Request
Parameters
| Name | In | Type | Description |
|---|---|---|---|
| fields (Optional) | query | string | The fields that you want the server to return. If no fields query parameter is specified, the networking API returns all attributes allowed by the policy settings. By using the fields parameter, the API returns only the requested set of attributes. The fields parameter can be specified multiple times. For example, if you specify fields=id&fields=name in the request URL, only the id and name attributes will be returned. |
Example
# curl -ks -H 'Content-Type: application/json' -H 'X-Auth-Token: gAAAAA<...>' \ https://<node_IP_addr>:9696/v2.0/vpn/ipsecpolicies
Response
Parameters
| Name | In | Type | Description |
|---|---|---|---|
ipsecpolicies
|
body | array | A list of ipsecpolicy objects. |
name (Optional) |
body | string | A human-readable name of the resource. Default is an empty string. |
description (Optional) |
body | string | A human-readable description for the resource. Default is an empty string. |
tenant_id
|
body | string | The ID of the project. |
project_id
|
body | string | The ID of the project. |
auth_algorithm (Optional) |
body | string | The authentication hash algorithm. Valid values are sha1, sha256, sha384, sha512, aes-xcbc, and aes-cmac. The default is sha1. |
encapsulation_mode (Optional) |
body | string | The encapsulation mode. A valid value is tunnel or transport. Default is tunnel. |
encryption_algorithm (Optional) |
body | string | The encryption algorithm. Valid values are 3des, aes-128, aes-192, and aes-256. Additional values for AES CCM and GCM modes are defined (for example, aes-256-ccm-16, aes-256-gcm-16) for all combinations of key length 128, 192, 256 bits and ICV length 8, 12, 16 octets. Default is aes-128. |
pfs (Optional) |
body | string | Perfect forward secrecy (PFS). A valid value is Group2, Group5, Group14 to Group31. Default is Group5. |
value (Optional) |
body | integer | The lifetime value, as a positive integer. The lifetime consists of a unit and integer value. You can omit either the unit or value portion of the lifetime. Default unit is seconds and default value is 3600. |
transform_protocol (Optional) |
body | string | The transform protocol. A valid value is ESP, AH, or AH- ESP. Default is ESP. |
units (Optional) |
body | string | The units for the lifetime of the security association. The lifetime consists of a unit and integer value. You can omit either the unit or value portion of the lifetime. Default unit is seconds and default value is 3600. |
lifetime (Optional) |
body | object | The lifetime of the security association. The lifetime consists of a unit and integer value. You can omit either the unit or value portion of the lifetime. Default unit is seconds and default value is 3600. |
id
|
body | string | The ID of the IPsec policy. |
Status codes
Success
| Code | Reason |
|---|---|
200 - OK
|
Request was successful. |
Error
| Code | Reason |
|---|---|
401 - Unauthorized
|
User must authenticate before making a request. |
403 - Forbidden
|
Policy does not allow current user to do this operation. |
Example
{
"ipsecpolicies": [
{
"id": "805ab779-e91c-42db-b6b9-591156d9634e",
"tenant_id": "284a2547ea8445d1be0e68ef2d76672c",
"name": "ipsecpolicy1",
"description": "",
"transform_protocol": "esp",
"auth_algorithm": "sha1",
"encryption_algorithm": "aes-128",
"encapsulation_mode": "tunnel",
"lifetime": {
"units": "seconds",
"value": 7200
},
"pfs": "group5",
"project_id": "284a2547ea8445d1be0e68ef2d76672c"
}
]
}