• Native OpenStack API

noa
  1. Help Center
  2. Native OpenStack API
  3. API Reference
  4. Neutron
  5. VPNaas
  6. Update IPSec policy

Update IPSec policy

Function Description

This interface is used to update policy settings in an IPSec policy.

Interface Format

Method

URI

Description

PUT

/v2.0/vpn/ipsecpolicies/{ipsecpolicy_id}

Updates policy settings in an IPSec policy.

Restrictions

  • The IPSec policy must be updated together with the IPSec connection.
  • The project_id attribute is not supported.
  • The name value must contain 1 to 64 characters.
  • The description value can contain a maximum of 255 characters.
  • The value of transform_protocol can be only espah, or ah-esp.
  • The value of auth_algorithm can be only md5sha1sha2-256sha2-384, or sha2-512.
  • The encapsulation_mode value can be tunnel or transport. This version supports only tunnel.
  • The value of units can be only seconds.
  • The value value is an interger greater than or equal to 0. In this version, it ranges from 60 to 604800.
  • The value of pfs can be group2group5, or group14.
  • The value of encryption_algorithm can be aes-192aes-256group2group5, or group14.

Request Parameter

Parameter

Type

Mandatory

Description

ipsecpolicy_id

String

No

Specifies the ID of the IPSec policy.

ipsecpolicy

Object

Yes

Specifies the IPSec policy object.

description

String

Yes

Specifies the description about an IPSec policy.

transform_protocol

String

No

Specifies the transmission protocol. A valid value can be espah, or ah-esp. The default value is esp.

auth_algorithm

String

No

Specifies the authentication hash algorithm. A valid value can be md5sha1sha2-256sha2-384, or sha2-512.

encapsulation_mode

String

No

Specifies the encapsulation mode. The default value is tunnel.

encryption_algorithm

String

No

Specifies the encryption algorithm. A valid value can be 3desaes-128aes-192, or aes-256. The default value is aes-128.

pfs

String

No

Specifies the PFS. A valid value can be Group2Group5, or Group14. The default value is Group5.

value

Integer

No

Specifies the lifetime value in seconds. The default value is 3600.

units

String

No

Specifies the unit for the lifetime of the security association. The default value is seconds.

lifetime

Object

No

Specifies the lifetime of the security association.

name

String

No

Specifies the name of the IPSec policy.

Response Parameter

Parameter

Type

Mandatory

Description

encryption_algorithm

String

No

Specifies the encryption algorithm. A valid value can be 3desaes-128aes-192, or aes-256. The default value is aes-128.

pfs

String

No

Specifies the PFS. A valid value can be Group2Group5, or Group14. The default value is Group5.

lifetime

Object

No

Specifies the lifetime of the security association.

name

String

Yes

Specifies the name of the IPSec policy.

transform_protocol

String

No

Specifies the transmission protocol. A valid value can be espah, or ah-esp. The default value is esp.

tenant_id

String

Yes

Specifies the ID of the tenant.

id

String

Yes

Specifies the ID of the IPSec policy.

encapsulation_mode

String

No

Specifies the encapsulation mode. The default value is tunnel.

auth_algorithm

String

No

Specifies the authentication hash algorithm. A valid value can be md5sha1sha2-256sha2-384, or sha2-512.

description

String

Yes

Specifies the description about an IPSec policy.

ipsecpolicies

List<Object>

Yes

Specifies the objects of the IPSec policy list.

ipsecpolicy

Object

Yes

Specifies the IPSec policy object.

project_id

String

Yes

Specifies the ID of the project.

value

Integer

No

Specifies the lifetime value in seconds. The default value is 3600.

units

String

No

Specifies the unit for the lifetime of the security association. The default value is seconds.

Request Example

PUT /v2.0/vpn/ipsecpolicies/{ipsecpolicy_id}
{
 "ipsecpolicy" : {
"pfs" : "group14"
 }
}

Response Example

None

Error Code

For details, see section Return Code Processing.