Update IPsec site connection

Updates an IPsec site-to-site connection, provided status is not indicating a PENDING_* state.

URI

/v2.0/vpn/ipsec-site-connections/{connection-id}

HTTP method

PUT

Request parameter

Key Description Type Required/optional
psk Pre Shared Key: any string. string Optional
initiator Whether this VPN can only respond to connections or can initiate as well. Select bi-directional or response-only

(default: bi-directional)

string Optional
admin_state_up Administrative state of VPN connection. If false (down), VPN connection does not forward packets. bool Optional
peer_cidrs Peer private CIDRs. unique list of valid cidr in the form <net_address>/<prefix>. Only one cidr can be specifed. list Optional
dpd Dead Peer Detection protocol controls. Action: hold or restart. Interval and timeout in seconds.

(default: {'action' : 'hold', 'interval' : 30, 'timeout' : 120)

dict Optional
peer_address Peer gateway public IPv4 address. string Optional
peer_id Peer router identity for authentication. Can be IPv4/IPv6 address, e-mail address, key id, or FQDN. string Optional
name Name for IPsec site-to-site connection. string Optional
description Description of the IPsec site-to-site connection. string Optional

Example request


{
  "ipsec_site_connection": {
    "description": "to datacenter2"
  }
}
     

Response status

Status code Description
200 Normal response codes
Unauthorized (401) Error response codes
Bad Request (400) Error response codes
Not Found (404) Error response codes

Response body (normal status)


{
  "ipsec_site_connection": {
    "status": "DOWN",
    "psk": "secret",
    "initiator": "bi-directional",
    "name": "vpnconnection1",
    "admin_state_up": true,
    "tenant_id": "26de9cd6cae94c8cb9f79d660d628e1f",
    "description": " to datacenter2",
    "auth_mode": "psk",
    "peer_cidrs": [
      "10.2.0.0/24"
    ],
    "mtu": 1500,
    "ikepolicy_id": "771f081c-5ec8-4f9a-b041-015dfb7fbbe2",
    "dpd": {
      "action": "hold",
      "interval": 30,
      "timeout": 120
    },
    "route_mode": "static",
    "vpnservice_id": "41bfef97-af4e-4f6b-a5d3-4678859d2485",
    "peer_address": "172.24.4.233",
    "peer_id": "172.24.4.233",
    "id": "f7cf7305-f491-45f4-ad9c-8e7240fe3d72",
    "ipsecpolicy_id": "9958d4fe-3719-4e8c-84e7-9893895b76b4",
    "availability_zone": "AZ1"
  }
}
     

Description of response body (normal status)

Item Description
status Indicates whether VPN connection is currently operational. Possible values include: ACTIVE, DOWN, BUILD, ERROR, PENDING_CREATE, PENDING_UPDATE, or PENDING_DELETE.
psk Pre Shared Key: any string.
initiator Whether this VPN can only respond to connections or can initiate as well.
name Name for IPsec site-to-site connection.
admin_state_up Administrative state of VPN connection. If false (down), VPN connection does not forward packets.
tenant_id Unique identifier for owner of the VPN service.
description Description of the IPsec site-to-site connection.
auth_mode Authentication mode: psk.
peer_cidrs Peer private CIDRs.
mtu Maximum Transmission Unit to address fragmentation.
ikepolicy_id Unique identifier of IKE policy.
dpd Dead Peer Detection protocol controls. Action: hold or restart. Interval and timeout in seconds.
route_mode Route mode: static. This will be extended in the future.
vpnservice_id Unique identifier of VPN service.
peer_address Peer gateway public IPv4 address.
peer_id Peer router identity for authentication. Can be IPv4/IPv6 address, e-mail address, key id, or FQDN.
id Unique identifier for the IPsec site-to-site connection.
ipsecpolicy_id Unique identifier of IPsec policy.
availability_zone The Availability Zone name.

CAUTION:

If the status does not become ACTIVE after updating resources, even though the connection destination settings have been completed, check the items in the notes in "List IPsec site connections".