Create IKE policy
Creates an IKE policy.
URI
/v2.0/vpn/ikepolicies
HTTP method
POST
Request parameter
| Key | Description | Type | Required/optional |
|---|---|---|---|
| phase1_negotiation_mode | IKE mode: main. (default: main) |
string | Optional |
| auth_algorithm | Authentication Hash algorithms: sha1. (default: sha1) |
string | Optional |
| encryption_algorithm | Encryption Algorithms: aes-128, aes-256, aes-192 (default: aes-128) |
string | Optional |
| pfs | Perfect Forward Secrecy: group2, group5, or group14. (default: group5) |
string | Optional |
| lifetime | Lifetime of the SA. Units in 'seconds'. The time should be from 60 seconds to 86400 seconds. Either units or value may be omitted. (default: {'units' : 'seconds', 'value' : 2000} ) |
dict | Optional |
| ike_version | Version: v1. (default: v1) |
string | Optional |
| name | Friendly name for the IKE policy. | string | Optional |
| description | Description of the IKE policy. | string | Optional |
| availability_zone | The Availability Zone name. If you do not specify this, the resource will be created in the default Availability Zone. |
xsd:string | Optional |
Example request
{
"ikepolicy": {
"phase1_negotiation_mode": "main",
"auth_algorithm": "sha1",
"encryption_algorithm": "aes-128",
"pfs": "group5",
"lifetime": {
"units": "seconds",
"value": 7200
},
"ike_version": "v1",
"name": "ikepolicy1",
"availability_zone": "AZ1"
}
}
Response status
| Status code | Description |
|---|---|
| 201 | Normal response codes |
| Unauthorized (401) | Error response codes |
| Bad Request (400) | Error response codes |
Response body (normal status)
{
"ikepolicy": {
"name": "ikepolicy1",
"tenant_id": "ccb81365fe36411a9011e90491fe1330",
"auth_algorithm": "sha1",
"encryption_algorithm": "aes-128",
"pfs": "group5",
"phase1_negotiation_mode": "main",
"lifetime": {
"units": "seconds",
"value": 7200
},
"ike_version": "v1",
"id": "5522aff7-1b3c-48dd-9c3c-b50f016b73db",
"description": "",
"availability_zone": "AZ1"
}
}
Description of response body (normal status)
| Item | Description |
|---|---|
| name | Friendly name for the IKE policy. |
| tenant_id | Unique identifier for owner of the VPN service. |
| auth_algorithm | Authentication Hash algorithms: sha1. |
| encryption_algorithm | Encryption Algorithms: aes-128, aes-256, aes-192. |
| pfs | Perfect Forward Secrecy: group2, group5, or group14. |
| phase1_negotiation_mode | IKE mode: main. |
| lifetime | Lifetime of the SA. Units in 'seconds'. Either units or value may be omitted. |
| ike_version | Version: v1. |
| id | Unique identifier for the IKE policy. |
| description | Description of the IKE policy. |
| availability_zone | The Availability Zone name. |