Create SSL VPN V2 Connection
Creates an SSL VPN V2 Connection.
URI
/v2.0/vpn/ssl-vpn-v2-connections
HTTP method
POST
Request parameter
| Key | Description | Type | Required/optional |
|---|---|---|---|
| name | Name of the SSL VPN V2 connection. (default: "") |
string | Optional |
| admin_state_up | Administrative state of the SSL VPN V2 connection. If false (down), SSL VPN V2 connection does not forward packets (default: true) |
bool | Optional |
| client_address_pool_cidrs | Client address pool subnets which will be used by SSL-VPN client.
When you make this resource redundant, specify two subnets. Otherwise, specify one Tip:
IP addresses in the client address pool are consumed based on the following formula. Amount of consumed IP addresses = The number of VPN clients x 4 + 8 (8 are consumed by the VPN server) Specify a subnet prefix value in the range of 16 - 29. However, when the prefix value is 29, the above formula will not be applied, and only one client can be connected. |
cidr list | Required |
| credential_id | UUID for VPNCredential Container on keymanagement. When you use client certificate offered by K5 to connect SSL-VPN, please omit this parameter. |
uuid-str | Optional |
| vpnservice_id | UUID for VPNService | uuid-str | Required |
| availability_zone | The Availability Zone name. If you do not specify this, the resource will be created in the default Availability Zone. (default: default Availability Zone selected) |
string | Optional |
| protocol | Communication protocol used by VPN connection: udp, tcp (default: "udp") |
string | Optional |
| security_groups | Security groups set to SSL VPN V2 Server. The number of security groups that can be registered is 6 or less. (default: The security group that allows all traffic is added.) |
uuid-str list | Optional |
| floatingips | Floating IPs associate to the port of SSL VPN V2 Server. When you make this resource redundant, specify two floating IPs. Otherwise, specify one. When you do not specify this parameter, the IP addresses of that port will be allocated by K5. |
uuid-str list | Optional |
Example request
{
"ssl_vpn_v2_connection": {
"name": "conn1",
"client_address_pool_cidrs": ["10.8.0.0/24", "10.8.1.0/24"],
"admin_state_up": true,
"credential_id": "434a9843-ecc0-4653-8f3a-e604d9d7aadc",
"vpnservice_id": "cc91b7af-8304-4aff-ad07-86bdbaae2e93",
"availability_zone": "AZ1",
"protocol": "tcp",
"floatingips": ["11bb315e-a0cb-4de3-acfc-00522e40722e", "53a14d86-4396-4f91-8c0d-ed934294269e"]
}
}
Response status
| Status code | Description |
|---|---|
| 201 | Normal response codes |
| Bad Request (400) | Error response codes |
| Unauthorized (401) | Error response codes |
Response body (normal status)
{
"ssl_vpn_v2_connection": {
"id": "76ee7216-5eef-470c-a7d2-ce4a7461b046",
"name": "conn1",
"status": "DOWN",
"client_address_pool_cidrs": ["10.8.0.0/24", "10.8.1.0/24"],
"credential_id": "434a9843-ecc0-4653-8f3a-e604d9d7aadc",
"admin_state_up": true,
"tenant_id": "1219ecaa01e0254dac4f08c9123aefcd",
"vpnservice_id": "cc91b7af-8304-4aff-ad07-86bdbaae2e93",
"availability_zone": "AZ1",
"protocol": "udp",
"security_groups": ["8060f6ab-e327-4e01-9ccd-f1432cfab2c9"],
"access_points": [
{
"external_address": "172.16.1.10",
"internal_gateway": "10.9.1.24",
"client_address_pool_cidr": "10.8.0.0/24",
"floatingip": "11bb315e-a0cb-4de3-acfc-00522e40722e"
},
{
"external_address": "172.16.1.11",
"internal_gateway": "10.9.1.25",
"client_address_pool_cidr": "10.8.1.0/24",
"floatingip": "53a14d86-4396-4f91-8c0d-ed934294269e"
}
]
}
}
Description of response body (normal status)
| Item | Description |
|---|---|
| tenant_id | Unique identifier for owner of the SSL VPN V2 connection. |
| name | Name of the SSL VPN V2 connection. |
| admin_state_up | Administrative state of the SSL VPN V2 connection. If false (down), port does not forward packets. |
| client_address_pool_cidr | The list of "client_address_pool_cidr". |
| credential_id | UUID for VPNCredential Container on keymanagement. When you did not specify this parameter when creating the resource, this value returns 'null'. |
| vpnservice_id | UUID for VPNService |
| id | UUID for SSL VPN V2 connection Object. |
| status | Indicates whether the SSL VPN V2 connection is currently operational. Possible values include: ACTIVE DOWN PENDING_CREATE PENDING_UPDATE PENDING_DELETE ERROR |
| availability_zone | The Availability Zone name |
| protocol | Communication protocol used by VPN connection: udp, tcp |
| security_groups | Security groups set to SSL VPN V2 Server. |
| access_points | Information for accessing SSL VPN V2 connection. This consists of "external_address", "internal_gateway", "client_address_pool_cidr" and "floatingip". |
| external_address | External IP address to connect to SSL VPN V2 Server from SSL-VPN clients. |
| internal_gateway | Gateway IP address to connect to remote SSL-VPN clients. |
| client_address_pool_cidr | Client address pool subnet which will be used by SSL-VPN client. |
| floatingip | Floating IP associates to the port of SSL VPN V2 Server. When you did not specify the parameter "floatingips" when creating the resource, this value returns 'null'. |