Creating an IKE Policy¶
Function¶
This API is used to create an IKE policy.
URI¶
POST /v2.0/vpn/ikepolicies
Request¶
Table 1 describes the request parameters.
Parameter | Type | Mandatory | Description |
|---|---|---|---|
name | String | No | Specifies the IKE policy name. The name can contain 1 to 64 characters. |
auth_algorithm | String | No | Specifies the authentication hash algorithm, which can be md5, sha1, sha2-256, sha2-384, or sha2-512. |
description | String | No | Provides supplementary information about the IKE policy. The description can contain up to 255 characters. |
encryption_algorithm | String | No | Specifies the encryption algorithm, which can be 3des, aes-128, aes-192, or aes-256. The default value is aes-128. |
ike_version | String | No | Specifies the IKE version, which can be v1 or v2. The default version is v2. |
lifetime | Object | No | Specifies the lifetime object of SA. |
pfs | String | No | Specifies the PFS, which can be group1, group2, group5, group14, group15, group16, group19, group20, group21, or disable. The default PFS is group5. |
phase1_negotiation_mode | String | No | Specifies the IKE mode, which is main by default. |
tenant_id | String | No | Specifies the project ID. The ID can contain up to 255 characters. |
value | String | No | Specifies the lifetime value of the SA, which is 3600 by default. The default unit is seconds. Supported range: 60 to 604800 |
units | String | No | Specifies the lifecycle unit, which is seconds by default. |
ikepolicy | Object | Yes | Specifies the IKE policy object. |
Note
Parameter project_id is not supported.
Response¶
Table 2 describes the response parameters.
Parameter | Type | Description |
|---|---|---|
auth_algorithm | String | Specifies the authentication hash algorithm, which can be md5, sha1, sha2-256, sha2-384, or sha2-512. |
description | String | Provides supplementary information about the IKE policy. |
encryption_algorithm | String | Specifies the encryption algorithm, which can be 3des, aes-128, aes-192, or aes-256. The default algorithm is aes-128. |
lifetime | Object | Specifies the lifetime object of SA. |
name | String | Specifies the IKE policy name. |
pfs | String | Specifies the PFS, which can be group1, group2, group5, group14, group15, group16, group19, group20, group21, or disable. The default PFS is group5. |
phase1_negotiation_mode | String | Specifies the IKE mode, which is main by default. |
tenant_id | String | Specifies the project ID. |
ikepolicy | Object | Specifies the IKE policy object. |
value | Integer | Specifies the lifetime value of the SA, which is 3600 by default. The default unit is seconds. |
units | String | Specifies the lifecycle unit, which is seconds by default. |
id | String | Specifies the IKE policy ID. |
ike_version | String | Specifies the IKE version, which can be v1 or v2. The default version is v2. |
Example¶
Example request
POST /v2.0/vpn/ikepolicies { "ikepolicy" : { "phase1_negotiation_mode" : "main", "auth_algorithm" : "sha1", "encryption_algorithm" : "aes-128", "pfs" : "group5", "lifetime" : { "units" : "seconds", "value" : 7200 }, "ike_version" : "v1", "name" : "ikepolicy1" } }Example response
{ "ikepolicy" : { "name" : "ikepolicy1", "tenant_id" : "ccb81365fe36411a9011e90491fe1330", "auth_algorithm" : "sha1", "encryption_algorithm" : "aes-128", "pfs" : "group5", "phase1_negotiation_mode" : "main", "lifetime" : { "units" : "seconds", "value" : 7200 }, "ike_version" : "v1", "id" : "5522aff7-1b3c-48dd-9c3c-b50f016b73db", "description" : "" } }
Returned Values¶
For details, see Common Returned Values.