Create IPsec Policy

Creates an IPsec policy.

URI

/v2.0/vpn/ipsecpolicies

HTTP method

POST

Request parameter

Key Description Type Required/optional
name Friendly name for the IPsec policy. string Optional
transform_protocol Transform protocol used: esp.

(default: esp)

string Optional
auth_algorithm Authentication algorithm: sha1.

(default: sha1)

string Optional
encapsulation_mode Encapsulation mode: tunnel.

(default: tunnel)

string Optional
encryption_algorithm Encryption Algorithms: aes-128, aes-256, or aes-192.

(default: aes-128)

string Optional
pfs Perfect Forward Secrecy: group2, group5, or group14.

(default: group5)

string Optional
lifetime Lifetime of the SA. Units in 'seconds'. The time should be from 60 seconds to 86400 seconds. Either units or value may be omitted.

(default: {'units' : 'seconds', 'value' : 3600} )

dict Optional
description Description of the IPsec policy. string Optional
availability_zone The Availability Zone name.

If you do not specify this, the resource will be created in the default AZ.

xsd:string Optional

Example request


{
  "ipsecpolicy": {
    "name": "ipsecpolicy1",
    "transform_protocol": "esp",
    "auth_algorithm": "sha1",
    "encapsulation_mode": "tunnel",
    "encryption_algorithm": "aes-128",
    "pfs": "group5",
    "lifetime": {
      "units": "seconds",
      "value": 7200    },
    "availability_zone": "AZ1"
  }
}   
     

Response status

Status code Description
201 Normal response codes
Unauthorized (401) Error response codes
Bad Request (400) Error response codes

Response body (normal status)


{
  "ipsecpolicy": {
    "name": "ipsecpolicy1",
    "transform_protocol": "esp",
    "auth_algorithm": "sha1",
    "encapsulation_mode": "tunnel",
    "encryption_algorithm": "aes-128",
    "pfs": "group5",
    "tenant_id": "ccb81365fe36411a9011e90491fe1330",
    "lifetime": {
      "units": "seconds",
      "value": 7200
    },
    "id": "5291b189-fd84-46e5-84bd-78f40c05d69c",
    "description": "",
    "availability_zone": "AZ1"
  }
}
     

Description of response body (normal status)

Item Description
name Friendly name for the IPsec policy.
transform_protocol Transform protocol used: esp.
auth_algorithm Authentication algorithm: sha1.
encapsulation_mode Encapsulation mode: tunnel.
encryption_algorithm Encryption Algorithms: aes-128, aes-256, or aes-192.
pfs Perfect Forward Secrecy: group2, group5, or group14.
tenant_id Unique identifier for owner of the VPN service.
lifetime Lifetime of the SA. Units in 'seconds'. Either units or value may be omitted.
id Unique identifier for the IPsec policy.
description Description of the IPsec policy.
availability_zone The Availability Zone name.