Querying IPsec Policies

Function

This API is used to query IPsec policies.

URI

GET /v2.0/vpn/ipsecpolicies

Request

Table 1 describes the request parameter.

Table 1 Request parameter

Parameter

Type

Mandatory

Description

fields

String

No

Controls which parameters are returned. If this parameter is not specified, all parameters will be returned.

Note

Parameter project_id is not supported.

Response

Table 2 describes the response parameters.

Table 2 Response parameters

Parameter

Type

Description

transform_protocol

String

Specifies the transform protocol used, which can be esp, ah, or ah-esp. The default protocol is esp.

tenant_id

String

Specifies the project ID.

id

String

Specifies the IPsec policy ID.

encapsulation_mode

String

Specifies the encapsulation mode. The default mode is tunnel.

pfs

String

Specifies the PFS, which can be group1, group2, group5, group14, group15, group16, group19, group20, group21, or disable.

The default PFS is group5.

disable indicates that PFS is disabled.

lifetime

Object

Specifies the lifetime object of SA.

name

String

Specifies the IPsec policy name.

auth_algorithm

String

Specifies the authentication hash algorithm, which can be md5, sha1, sha2-256, sha2-384, or sha2-512.

description

String

Provides supplementary information about the IPsec policy.

ipsecpolicies

List<Object>

Specifies the IPsec policy list.

encryption_algorithm

String

Specifies the encryption algorithm, which can be 3des, aes-128, aes-192, or aes-256. The default algorithm is aes-128.

value

Integer

Specifies the lifetime value of the SA, which is 3600 by default. The default unit is seconds.

units

String

Specifies the lifecycle unit, which is seconds by default.

Example

  • Example request

    GET /v2.0/vpn/ipsecpolicies
    
  • Example response

    {
      "ipsecpolicies" : [ {
        "name" : "ipsecpolicy1",
        "transform_protocol" : "esp",
        "auth_algorithm" : "sha1",
        "encapsulation_mode" : "tunnel",
        "encryption_algorithm" : "aes-128",
        "pfs" : "group14",
        "tenant_id" : "ccb81365fe36411a9011e90491fe1330",
        "lifetime" : {
          "units" : "seconds",
          "value" : 3600
        },
        "id" : "5291b189-fd84-46e5-84bd-78f40c05d69c",
        "description" : ""
      } ]
    }
    

Returned Values

For details, see Common Returned Values.