Updating an IPsec VPN Connection¶
Function¶
This interface is used to update an IPsec VPN connection.
URI¶
PUT /v2.0/vpn/ipsec-site-connections/{connection_id}
Parameter | Type | Mandatory | Description |
|---|---|---|---|
connection_id | String | Yes | Specifies the IPsec VPN connection ID. |
Request Message¶
Table 2 describes the request parameters.
Parameter | Type | Mandatory | Description |
|---|---|---|---|
ipsec_site_connection | Object | Yes | Specifies the IPsec VPN connection object. |
psk | String | No | Specifies the pre-shared key. |
initiator | String | No | Specifies whether this VPN can only respond to connections or both respond to and initiate connections. |
description | String | No | Specifies the IPsec policy ID. |
admin_state_up | Boolean | No | Specifies the administrative status. The value can be true or false. |
interval | Integer | No | Specifies the DPD interval in seconds. The default value is 30. |
peer_cidrs | List<String> | No | (Deprecated) Specifies the tenant's CIDR blocks. The value is in the form of <net_address > / < prefix >. |
mtu | Integer | No | Specifies the maximum transmission unit to address fragmentation. |
peer_ep_group_id | String | No | Specifies the endpoint group ID (tenant CIDR blocks). |
local_ep_group_id | String | No | Specifies the endpoint group ID (VPC subnets). |
dpd | Object | No | Specifies the DPD protocol control. |
timeout | Integer | No | Specifies the DPD timeout. The default value is 120 seconds. |
action | String | No | Specifies the DPD action. The value can be clear, hold, restart, disabled, or restart-by-peer. The default value is hold. |
peer_address | String | Yes | Specifies the remote gateway address. |
peer_id | String | Yes | Specifies the remote gateway ID. |
name | String | No | Specifies the IPsec VPN connection name. |
Note
The project_id, peer_id, dpd, and local_id parameters are not supported.
The connection_id parameter must be specified.
The value of name can contain 1 to 64 characters.
The value of description can contain a maximum of 255 characters. This parameter has been used by internal components, and you are not allowed to configure the parameter.
The value of peer_address can contain a maximum of 250 characters.
The value of peer_id can contain a maximum of 250 characters and is unconfigurable.
The value of mtu can only be 1500.
The value of initiator can only be bi-directional.
The value of admin_state_up can only be true.
A PSK can contain 6 to 128 characters. Spaces and question marks (?) are not allowed in a PSK. The PSK cannot contain only asterisks (*).
Response Message¶
Table 3 describes the response parameters.
Parameter | Type | Description |
|---|---|---|
status | String | Specifies the IPsec VPN connection status. The value can be ACTIVE, DOWN, BUILD, ERROR, PENDING_CREATE, PENDING_UPDATE, or PENDING_DELETE. |
psk | String | Specifies the pre-shared key. |
initiator | String | Specifies whether this VPN can only respond to connections or both respond to and initiate connections. |
name | String | Specifies the IPsec VPN connection name. |
admin_state_up | Boolean | Specifies the administrative status. The value can be true or false. |
tenant_id | String | Specifies the project ID. |
ipsecpolicy_id | String | Specifies the IPsec policy ID. |
auth_mode | String | Specifies the authentication mode. The default value is psk. |
peer_cidrs | String | (Deprecated) Specifies the tenant's CIDR blocks. The value is in the form of <net_address > / < prefix >. |
mtu | Integer | Specifies the maximum transmission unit to address fragmentation. |
peer_ep_group_id | String | Specifies the endpoint group ID (tenant CIDR blocks). |
ikepolicy_id | String | Specifies the IKE policy ID. |
dpd | Object | Specifies the DPD protocol control. |
route_mode | String | Specifies the route advertising mode. The default value is static. |
vpnservice_id | String | Specifies the VPN service ID. |
local_ep_group_id | String | Specifies the endpoint group ID (VPC subnets). |
peer_address | String | Specifies the remote gateway address. |
peer_id | String | Specifies the remote gateway ID. |
id | String | Specifies the IPsec VPN connection ID. |
description | String | Provides supplementary information about the IPsec VPN connection. |
ipsec_site_connection | Object | Specifies the IPsec VPN connection object. |
project_id | String | Specifies the project ID. |
interval | Integer | Specifies the DPD interval in seconds. The default value is 30. |
timeout | Integer | Specifies the DPD timeout. The default value is 120 seconds. |
action | String | Specifies the DPD action. The value can be clear, hold, restart, disabled, or restart-by-peer. The default value is hold. |
Example¶
Example Request
PUT /v2.0/vpn/ipsec-site-connections/{connection_id} { "ipsec_site_connection" : { "mtu" : 1200, } }Example Response
{ "ipsec_site_connection": { "status": "DOWN", "psk": "secret", "initiator": "bi-directional", "name": "vpnconnection1", "admin_state_up": true, "project_id": "10039663455a446d8ba2cbb058b0f578", "tenant_id": "10039663455a446d8ba2cbb058b0f578", "auth_mode": "psk", "peer_cidrs": [], "mtu": 1200, "peer_ep_group_id": "9ad5a7e0-6dac-41b4-b20d-a7b8645fddf1", "ikepolicy_id": "9b00d6b0-6c93-4ca5-9747-b8ade7bb514f", "vpnservice_id": "5c561d9d-eaea-45f6-ae3e-08d1a7080828", "dpd": { "action": "hold", "interval": 30, "timeout": 120 }, "route_mode": "static", "ipsecpolicy_id": "e6e23d0c-9519-4d52-8ea4-5b1f96d857b1", "local_ep_group_id": "3e1815dd-e212-43d0-8f13-b494fa553e68", "peer_address": "172.24.4.233", "peer_id": "172.24.4.233", "id": "851f280f-5639-4ea3-81aa-e298525ab74b", "description": "New description" } }
Returned Values¶
For details, see section Common Returned Values.