Updating an IKE Policy¶
Function¶
This API is used to update an IKE policy.
Note
If the IKE policy is updated, the IPsec VPN connection also needs to be updated.
URI¶
PUT /v2.0/vpn/ikepolicies/{ikepolicy_id}
Parameter | Type | Mandatory | Description |
|---|---|---|---|
ikepolicy_id | String | Yes | Specifies the IKE policy ID. |
Request¶
Table 2 describes the request parameters.
Parameter | Type | Mandatory | Description |
|---|---|---|---|
auth_algorithm | String | No | Specifies the authentication hash algorithm, which can be md5, sha1, sha2-256, sha2-384, or sha2-512. |
description | String | No | Provides supplementary information about the IKE policy. The description can contain up to 255 characters. |
encryption_algorithm | String | No | Specifies the encryption algorithm, which can be 3des, aes-128, aes-192, or aes-256. The default algorithm is aes-128. |
ike_version | String | No | Specifies the IKE version, which can be v1 or v2. The default version is v2. |
ikepolicy | Object | Yes | Specifies the IKE policy object. |
lifetime | Object | No | Specifies the lifetime object of SA. |
name | String | No | Specifies the IKE policy name. The name can contain 1 to 64 characters. |
pfs | String | No | Specifies the PFS, which can be group1, group2, group5, group14, group15, group16, group19, group20, group21, or disable. The default PFS is group5. |
phase1_negotiation_mode | String | No | Specifies the IKE mode, which is main by default. |
value | Integer | No | Specifies the lifetime value of the SA, which is 3600 by default. The default unit is seconds. Supported range: 60 to 604800 |
units | String | No | Specifies the lifecycle unit, which is seconds by default. |
Response¶
Table 3 describes the response parameters.
Parameter | Type | Description |
|---|---|---|
auth_algorithm | String | Specifies the authentication hash algorithm, which can be md5, sha1, sha2-256, sha2-384, or sha2-512. |
description | String | Provides supplementary information about the IKE policy. |
encryption_algorithm | String | Specifies the encryption algorithm, which can be 3des, aes-128, aes-192, or aes-256. The default algorithm is aes-128. |
id | String | Specifies the IKE policy ID. |
ike_version | String | Specifies the IKE version, which can be v1 or v2. The default version is v2. |
lifetime | Object | Specifies the lifetime object of SA. |
name | String | Specifies the IKE policy name. |
pfs | String | Specifies the PFS, which can be group1, group2, group5, group14, group15, group16, group19, group20, group21, or disable. The default PFS is group5. |
phase1_negotiation_mode | String | Specifies the IKE mode, which is main by default. |
tenant_id | String | Specifies the project ID. |
ikepolicy | Object | Specifies the IKE policy object. |
value | Integer | Specifies the lifetime value of the SA, which is 3600 by default. The default unit is seconds. |
units | String | Specifies the lifetime value of the SA, which is 3600 by default. The default unit is seconds. |
Example¶
Example request
{ "ikepolicy" : { "encryption_algorithm" : "aes-256" } }
Example response
{ "ikepolicy" : { "name" : "ikepolicy1", "tenant_id" : "ccb81365fe36411a9011e90491fe1330", "auth_algorithm" : "sha1", "encryption_algorithm" : "aes-256", "pfs" : "group5", "phase1_negotiation_mode" : "main", "lifetime" : { "units" : "seconds", "value" : 3600 }, "ike_version" : "v1", "id" : "5522aff7-1b3c-48dd-9c3c-b50f016b73db", "description" : "" } }
Returned Values¶
For details, see Common Returned Values.