CreateIPsecConnection
API Request
URLs
POST zstack/v1/ipsecHeaders
Authorization: OAuth the-session-uuidBody
{
"params": {
"name": "Test-IPSec",
"l3NetworkUuid": "a4097ba23a7e38339029e1839bb415e1",
"peerAddress": "100.64.10.10",
"authMode": "psk",
"authKey": "auth",
"vipUuid": "cefa2f4e56ef33e496ccbb5879850f76",
"peerCidrs": [
"192.168.100.0/24"
],
"ikeAuthAlgorithm": "sha1",
"ikeEncryptionAlgorithm": "aes-128",
"ikeDhGroup": 2.0,
"policyAuthAlgorithm": "sha1",
"policyEncryptionAlgorithm": "aes-128",
"policyMode": "tunnel",
"transformProtocol": "esp"
},
"systemTags": [],
"userTags": []
}
Note: In the preceding sample, both systemTags and userTags are optional.
These two fields can be included in the body structure.Curl
Sample
curl -H "Content-Type: application/json;charset=UTF-8" \
-H "Authorization: OAuth b86c9016b4f24953a9edefb53ca0678c" \
-X POST -d '{"params":{"name":"Test-IPSec","l3NetworkUuid":"a4097ba23a7e38339029e1839bb415e1","peerAddress":"100.64.10.10","authMode":"psk","authKey":"auth","vipUuid":"cefa2f4e56ef33e496ccbb5879850f76","peerCidrs":["192.168.100.0/24"],"ikeAuthAlgorithm":"sha1","ikeEncryptionAlgorithm":"aes-128","ikeDhGroup":2.0,"policyAuthAlgorithm":"sha1","policyEncryptionAlgorithm":"aes-128","policyMode":"tunnel","transformProtocol":"esp"}}' \
http://localhost:8080/zstack/v1/ipsecRequest Parameters
| Name | Type | Location | Description | Optional Value | Starting Version |
|---|---|---|---|---|---|
| name | String | body (contained in the params structure) | The resource name. | 0.6 | |
| description | String | body (contained in the params structure) | Optional. The detailed description of the resource. | 0.6 | |
| l3NetworkUuid | String | body (contained in the params structure) | Optional. The L3 network UUID. | 2.3 | |
| peerAddress | String | body (contained in the params structure) | The peer IP address. | 0.6 | |
| authMode | String | body (contained in the params structure) | Optional. The authentication mode. |
|
0.6 |
| authKey | String | body (contained in the params structure) | The authentication key. | 0.6 | |
| vipUuid | String | body (contained in the params structure) | The VIP UUID. | 0.6 | |
| peerCidrs | List | body (contained in the params structure) | Optional. The peer CIDRs. | 2.3 | |
| ikeAuthAlgorithm | String | body (contained in the params structure) | Optional. The IKE authentication algorithm. |
|
0.6 |
| ikeEncryptionAlgorithm | String | body (contained in the params structure) | Optional. The IKE encryption algorithm. |
|
0.6 |
| ikeDhGroup | int | body (contained in the params structure) | Optional. The IKE perfect forward secrecy. | 0.6 | |
| policyAuthAlgorithm | String | body (contained in the params structure) | Optional. The ESP authentication algorithm. |
|
0.6 |
| policyEncryptionAlgorithm | String | body (contained in the params structure) | Optional. The ESP encryption algorithm. |
|
0.6 |
| pfs | String | body (contained in the params structure) | Optional. The perfect forward secrecy. |
|
0.6 |
| policyMode | String | body (contained in the params structure) | Optional. The policy mode. |
|
0.6 |
| transformProtocol | String | body (contained in the params structure) | Optional. The transform protocol. |
|
0.6 |
| resourceUuid | String | body (contained in the params structure) | Optional. The resource UUID. | 0.6 | |
| systemTags | List | body | Optional. The system tags. | 0.6 | |
| userTags | List | body | Optional. The user tags. | 0.6 |
API Response
Sample
Response
{
"inventory": {
"name": "Test-IPSec",
"peerAddress": "100.64.10.10",
"authKey": "auth",
"vipUuid": "f368016d45f73360a8a8cd3ecbf9efb3",
"peerCidrs": [
{
"uuid": "199b04405d1e3fef83fd67a7a1f77bb3",
"cidr": "192.168.100.0/24",
"connectionUuid": "6deaa1c0ffd43f8eb3ebe2e8e7e66811",
"createDate": "Nov 14, 2017 10:20:57 PM",
"lastOpDate": "Nov 14, 2017 10:20:57 PM"
}
],
"l3NetworkRefs": [
{}
]
}
}| Name | Type | Description | Starting Version |
|---|---|---|---|
| error | ErrorCode | The error code. If not null, the operation fails, or vice versa. For more information, see error. | 0.6 |
| inventory | IPsecConnectionInventory | See inventory. | 0.6 |
#error
| Name | Type | Description | Starting Version |
|---|---|---|---|
| code | String | The error code, which is a numbered or alphanumeric code that specifies an error. For example, SYS.1000, HOST.1001. | 0.6 |
| description | String | The brief description of the error. | 0.6 |
| details | String | The details about the error. | 0.6 |
| elaboration | String | The reserved field. Default value: null. | 0.6 |
| opaque | LinkedHashMap | The reserved field. Default value: null. | 0.6 |
| cause | ErrorCode | The root error, which is the associated root cause of the current error. If no root error exists, this parameter is null. | 0.6 |
#inventory
| Name | Type | Description | Starting Version |
|---|---|---|---|
| uuid | String | The resource UUID. | 0.6 |
| name | String | The resource name. | 0.6 |
| description | String | The detailed description of the resource. | 0.6 |
| peerAddress | String | 0.6 | |
| authMode | String | 0.6 | |
| authKey | String | 0.6 | |
| vipUuid | String | The VIP UUID. | 0.6 |
| ikeAuthAlgorithm | String | 0.6 | |
| ikeEncryptionAlgorithm | String | 0.6 | |
| ikeDhGroup | Integer | 0.6 | |
| policyAuthAlgorithm | String | 0.6 | |
| policyEncryptionAlgorithm | String | 0.6 | |
| pfs | String | 0.6 | |
| policyMode | String | 0.6 | |
| transformProtocol | String | 0.6 | |
| state | String | 0.6 | |
| status | String | 0.6 | |
| createDate | Timestamp | The creation date. | 0.6 |
| lastOpDate | Timestamp | The last operation date. | 0.6 |
| peerCidrs | List | See peerCidrs. | 0.6 |
| l3NetworkRefs | List | See l3NetworkRefs. | 2.3 |
#peerCidrs
| Name | Type | Description | Starting Version |
|---|---|---|---|
| uuid | String | The resource UUID. | 0.6 |
| cidr | String | 0.6 | |
| connectionUuid | String | 0.6 | |
| createDate | Timestamp | The creation date. | 0.6 |
| lastOpDate | Timestamp | The last operation date. | 0.6 |
#l3NetworkRefs
| Name | Type | Description | Starting Version |
|---|---|---|---|
| uuid | String | The resource UUID. | 2.3 |
| connectionUuid | String | 2.3 | |
| l3NetworkUuid | String | The L3 network UUID. | 2.3 |
| createDate | Timestamp | The creation date. | 2.3 |
| lastOpDate | Timestamp | The last operation date. | 2.3 |
SDK Sample
Java
SDK
CreateIPsecConnectionAction action = new CreateIPsecConnectionAction();
action.name = "Test-IPSec";
action.l3NetworkUuid = "a4097ba23a7e38339029e1839bb415e1";
action.peerAddress = "100.64.10.10";
action.authMode = "psk";
action.authKey = "auth";
action.vipUuid = "cefa2f4e56ef33e496ccbb5879850f76";
action.peerCidrs = asList("192.168.100.0/24");
action.ikeAuthAlgorithm = "sha1";
action.ikeEncryptionAlgorithm = "aes-128";
action.ikeDhGroup = 2.0;
action.policyAuthAlgorithm = "sha1";
action.policyEncryptionAlgorithm = "aes-128";
action.policyMode = "tunnel";
action.transformProtocol = "esp";
action.sessionId = "b86c9016b4f24953a9edefb53ca0678c";
CreateIPsecConnectionAction.Result res = action.call();Python
SDK
CreateIPsecConnectionAction action = CreateIPsecConnectionAction()
action.name = "Test-IPSec"
action.l3NetworkUuid = "a4097ba23a7e38339029e1839bb415e1"
action.peerAddress = "100.64.10.10"
action.authMode = "psk"
action.authKey = "auth"
action.vipUuid = "cefa2f4e56ef33e496ccbb5879850f76"
action.peerCidrs = [192.168.100.0/24]
action.ikeAuthAlgorithm = "sha1"
action.ikeEncryptionAlgorithm = "aes-128"
action.ikeDhGroup = 2.0
action.policyAuthAlgorithm = "sha1"
action.policyEncryptionAlgorithm = "aes-128"
action.policyMode = "tunnel"
action.transformProtocol = "esp"
action.sessionId = "b86c9016b4f24953a9edefb53ca0678c"
CreateIPsecConnectionAction.Result res = action.call()