Update IPsec site connection
Updates an IPsec site-to-site connection, provided status is not indicating a PENDING_* state.
URI
/v2.0/vpn/ipsec-site-connections/{connection-id}
HTTP method
PUT
Request parameter
| Key | Description | Type | Required/optional |
|---|---|---|---|
| psk | Pre Shared Key: any string. | string | Optional |
| initiator | Whether this VPN can only respond to connections or can initiate as well. Select bi-directional or response-only (default: bi-directional) |
string | Optional |
| admin_state_up | Administrative state of VPN connection. If false (down), VPN connection does not forward packets. | bool | Optional |
| peer_cidrs | Peer private CIDRs. unique list of valid cidr in the form <net_address>/<prefix>. Only one cidr can be specifed. | list | Optional |
| dpd | Dead Peer Detection protocol controls. Action: hold or restart. Interval and timeout in seconds. (default: {'action' : 'hold', 'interval' : 30, 'timeout' : 120) |
dict | Optional |
| peer_address | Peer gateway public IPv4 address. | string | Optional |
| peer_id | Peer router identity for authentication. Can be IPv4/IPv6 address, e-mail address, key id, or FQDN. | string | Optional |
| name | Name for IPsec site-to-site connection. | string | Optional |
| description | Description of the IPsec site-to-site connection. | string | Optional |
Example request
{
"ipsec_site_connection": {
"description": "to datacenter2"
}
}
Response status
| Status code | Description |
|---|---|
| 200 | Normal response codes |
| Unauthorized (401) | Error response codes |
| Bad Request (400) | Error response codes |
| Not Found (404) | Error response codes |
Response body (normal status)
{
"ipsec_site_connection": {
"status": "DOWN",
"psk": "secret",
"initiator": "bi-directional",
"name": "vpnconnection1",
"admin_state_up": true,
"tenant_id": "26de9cd6cae94c8cb9f79d660d628e1f",
"description": " to datacenter2",
"auth_mode": "psk",
"peer_cidrs": [
"10.2.0.0/24"
],
"mtu": 1500,
"ikepolicy_id": "771f081c-5ec8-4f9a-b041-015dfb7fbbe2",
"dpd": {
"action": "hold",
"interval": 30,
"timeout": 120
},
"route_mode": "static",
"vpnservice_id": "41bfef97-af4e-4f6b-a5d3-4678859d2485",
"peer_address": "172.24.4.233",
"peer_id": "172.24.4.233",
"id": "f7cf7305-f491-45f4-ad9c-8e7240fe3d72",
"ipsecpolicy_id": "9958d4fe-3719-4e8c-84e7-9893895b76b4",
"availability_zone": "AZ1"
}
}
Description of response body (normal status)
| Item | Description |
|---|---|
| status | Indicates whether VPN connection is currently operational. Possible values include: ACTIVE, DOWN, BUILD, ERROR, PENDING_CREATE, PENDING_UPDATE, or PENDING_DELETE. |
| psk | Pre Shared Key: any string. |
| initiator | Whether this VPN can only respond to connections or can initiate as well. |
| name | Name for IPsec site-to-site connection. |
| admin_state_up | Administrative state of VPN connection. If false (down), VPN connection does not forward packets. |
| tenant_id | Unique identifier for owner of the VPN service. |
| description | Description of the IPsec site-to-site connection. |
| auth_mode | Authentication mode: psk. |
| peer_cidrs | Peer private CIDRs. |
| mtu | Maximum Transmission Unit to address fragmentation. |
| ikepolicy_id | Unique identifier of IKE policy. |
| dpd | Dead Peer Detection protocol controls. Action: hold or restart. Interval and timeout in seconds. |
| route_mode | Route mode: static. This will be extended in the future. |
| vpnservice_id | Unique identifier of VPN service. |
| peer_address | Peer gateway public IPv4 address. |
| peer_id | Peer router identity for authentication. Can be IPv4/IPv6 address, e-mail address, key id, or FQDN. |
| id | Unique identifier for the IPsec site-to-site connection. |
| ipsecpolicy_id | Unique identifier of IPsec policy. |
| availability_zone | The Availability Zone name. |
CAUTION:
If the status does not become ACTIVE after updating resources, even though the connection destination settings have been completed, check the items in the notes in "List IPsec site connections".