List IPsec site connections

Lists the IPsec site-to-site connections.

URI

/v2.0/vpn/ipsec-site-connections

HTTP method

GET

Response status

Status code Description
200 Normal response codes
Unauthorized (401) Error response codes
Forbidden (403) Error response codes

Response body (normal status)


{
  "ipsec_site_connections": [
    {
      "status": "PENDING_CREATE",
      "psk": "secret",
      "initiator": "bi-directional",
      "name": "vpnconnection1",
      "admin_state_up": true,
      "tenant_id": "ccb81365fe36411a9011e90491fe1330",
      "description": "",
      "auth_mode": "psk",
      "peer_cidrs": [
        "10.1.0.0/24"
      ],
      "mtu": 1500,
      "ikepolicy_id": "bf5612ac-15fb-460c-9b3d-6453da2fafa2",
      "dpd": {
        "action": "hold",
        "interval": 30,
        "timeout": 120
      },
      "route_mode": "static",
      "vpnservice_id": "c2f3178d-5530-4c4a-89fc-050ecd552636",
      "peer_address": "172.24.4.226",
      "peer_id": "172.24.4.226",
      "id": "cbc152a0-7e93-4f98-9f04-b085a4bf2511",
      "ipsecpolicy_id": "8ba867b2-67eb-4835-bb61-c226804a1584",
      "availability_zone": "AZ1"
    }
  ]
}

Description of response body (normal status)

Item Description
status Indicates whether VPN connection is currently operational. Possible values include: ACTIVE, DOWN, BUILD, ERROR, PENDING_CREATE, PENDING_UPDATE, or PENDING_DELETE.
psk Pre Shared Key: any string.
initiator Whether this VPN can only respond to connections or can initiate as well.
name Name for IPsec site-to-site connection.
admin_state_up Administrative state of VPN connection. If false (down), VPN connection does not forward packets.
tenant_id Unique identifier for owner of the VPN service.
description Description of the IPsec site-to-site connection.
auth_mode Authentication mode: psk.
peer_cidrs Peer private CIDRs.
mtu Maximum Transmission Unit to address fragmentation.
ikepolicy_id Unique identifier of IKE policy.
dpd Dead Peer Detection protocol controls. Action: hold or restart. Interval and timeout in seconds.
route_mode Route mode: static. This will be extended in the future.
vpnservice_id Unique identifier of VPN service.
peer_address Peer gateway public IPv4 address.
peer_id Peer router identity for authentication. Can be IPv4/IPv6 address, e-mail address, key id, or FQDN.
id Unique identifier for the IPsec site-to-site connection.
ipsecpolicy_id Unique identifier of IPsec policy.
availability_zone The Availability Zone name.

CAUTION:

If the status does not become ACTIVE after creating resources, even though the connection destination settings have been completed, check if the following parameters match the information of the connection destination.
  • IKE Policy
    • encryption_algorithm
    • pfs
    • lifetime
  • IPsec Policy
    • encryption_algorithm
    • pfs
    • lifetime
  • IPsec site connection
    • psk
    • peer_cidrs
    • peer_address
    • peer_id