Create IPsec Policy
Creates an IPsec policy.
URI
/v2.0/vpn/ipsecpolicies
HTTP method
POST
Request parameter
| Key | Description | Type | Required/optional |
|---|---|---|---|
| name | Friendly name for the IPsec policy. | string | Optional |
| transform_protocol | Transform protocol used: esp. (default: esp) |
string | Optional |
| auth_algorithm | Authentication algorithm: sha1. (default: sha1) |
string | Optional |
| encapsulation_mode | Encapsulation mode: tunnel. (default: tunnel) |
string | Optional |
| encryption_algorithm | Encryption Algorithms: aes-128, aes-256, or aes-192. (default: aes-128) |
string | Optional |
| pfs | Perfect Forward Secrecy: group2, group5, or group14. (default: group5) |
string | Optional |
| lifetime | Lifetime of the SA. Units in 'seconds'. The time should be from 60 seconds to 86400 seconds. Either units or value may be omitted. (default: {'units' : 'seconds', 'value' : 3600} ) |
dict | Optional |
| description | Description of the IPsec policy. | string | Optional |
| availability_zone | The Availability Zone name. If you do not specify this, the resource will be created in the default AZ. |
xsd:string | Optional |
Example request
{
"ipsecpolicy": {
"name": "ipsecpolicy1",
"transform_protocol": "esp",
"auth_algorithm": "sha1",
"encapsulation_mode": "tunnel",
"encryption_algorithm": "aes-128",
"pfs": "group5",
"lifetime": {
"units": "seconds",
"value": 7200 },
"availability_zone": "AZ1"
}
}
Response status
| Status code | Description |
|---|---|
| 201 | Normal response codes |
| Unauthorized (401) | Error response codes |
| Bad Request (400) | Error response codes |
Response body (normal status)
{
"ipsecpolicy": {
"name": "ipsecpolicy1",
"transform_protocol": "esp",
"auth_algorithm": "sha1",
"encapsulation_mode": "tunnel",
"encryption_algorithm": "aes-128",
"pfs": "group5",
"tenant_id": "ccb81365fe36411a9011e90491fe1330",
"lifetime": {
"units": "seconds",
"value": 7200
},
"id": "5291b189-fd84-46e5-84bd-78f40c05d69c",
"description": "",
"availability_zone": "AZ1"
}
}
Description of response body (normal status)
| Item | Description |
|---|---|
| name | Friendly name for the IPsec policy. |
| transform_protocol | Transform protocol used: esp. |
| auth_algorithm | Authentication algorithm: sha1. |
| encapsulation_mode | Encapsulation mode: tunnel. |
| encryption_algorithm | Encryption Algorithms: aes-128, aes-256, or aes-192. |
| pfs | Perfect Forward Secrecy: group2, group5, or group14. |
| tenant_id | Unique identifier for owner of the VPN service. |
| lifetime | Lifetime of the SA. Units in 'seconds'. Either units or value may be omitted. |
| id | Unique identifier for the IPsec policy. |
| description | Description of the IPsec policy. |
| availability_zone | The Availability Zone name. |