Updating an IPsec Policy¶
Function¶
This interface is used to update an IPsec policy.
Note
If the IPsec policy is updated, the IPsec VPN connection also needs to be updated.
URI¶
PUT /v2.0/vpn/ipsecpolicies/{ipsecpolicy_id}
Parameter | Type | Mandatory | Description |
|---|---|---|---|
ipsecpolicy_id | String | Yes | Specifies the IPsec policy ID. |
Request Message¶
Table 2 describes the request parameters.
Parameter | Type | Mandatory | Description |
|---|---|---|---|
ipsecpolicy | Object | Yes | Specifies the IPsec policy object. |
description | String | No | Provides supplementary information about the IPsec policy. |
transform_protocol | String | No | Specifies the transform protocol used. The value can be esp, ah, or ah-esp. The default value is esp. |
auth_algorithm | String | No | Specifies the authentication hash algorithm. The value can be md5, sha1, sha2-256, sha2-384, or sha2-512. |
encapsulation_mode | String | No | Specifies the encapsulation mode. The default value is tunnel. |
encryption_algorithm | String | No | Specifies the encryption algorithm. The value can be 3des, aes-128, aes-192, or aes-256. The default value is aes-128. |
pfs | String | No | Specifies the PFS. The value can be group1, group2, group5, group14, group15, group16, group19, group20, group21, or disable. The default value is group5. The value disable indicates that the PFS function is disabled. |
value | Integer | No | Specifies the lifetime value of the SA. The default unit is seconds. The default value is 3600. |
units | String | No | Specifies the lifecycle unit. The default value is seconds. |
lifetime | Object | No | Specifies the lifetime object of SA. |
name | String | No | Specifies the IPsec policy name. |
Note
The project_id parameter is not supported.
The value of name can contain 1 to 64 characters.
The value of description can contain a maximum of 255 characters.
The value of transform_protocol can only be esp, ah, or ah-esp.
The value of auth_algorithm can only be md5, sha1, sha2-256, sha2-384, or sha2-512.
The value of encapsulation_mode can only be tunnel.
The value of units can only be in seconds.
The value of value can only be an integer ranging from 60 to 604,800.
The value of encryption_algorithm can only be aes-192, aes-256, group2, group5, or group14.
Response Message¶
Table 3 describes the response parameters.
Parameter | Type | Description |
|---|---|---|
encryption_algorithm | String | Specifies the encryption algorithm. The value can be 3des, aes-128, aes-192, or aes-256. The default value is aes-128. |
pfs | String | Specifies the PFS. The value can be group1, group2, group5, group14, group15, group16, group19, group20, group21, or disable. The default value is group5. The value disable indicates that the PFS function is disabled. |
lifetime | Object | Specifies the lifetime object of SA. |
name | String | Specifies the IPsec policy name. |
transform_protocol | String | Specifies the transform protocol used. The value can be esp, ah, or ah-esp. The default value is esp. |
tenant_id | String | Specifies the project ID. |
id | String | Specifies the IPsec policy ID. |
encapsulation_mode | String | Specifies the encapsulation mode. The default value is tunnel. |
auth_algorithm | String | Specifies the authentication hash algorithm. The value can be md5, sha1, sha2-256, sha2-384, or sha2-512. |
description | String | Provides supplementary information about the IPsec policy. |
ipsecpolicy | Object | Specifies the IPsec policy object. |
value | Integer | Specifies the lifetime value of the SA. The default unit is seconds. The default value is 3600. |
units | String | Specifies the lifecycle unit. The default value is seconds. |
Example¶
Example Request
PUT /v2.0/vpn/ipsecpolicies/{ipsecpolicy_id}
{
"ipsecpolicy" : {
"pfs" : "group14"
}
}
Example Response
{ "ipsecpolicy": { "name": "ipsecpolicy1", "transform_protocol": "esp", "auth_algorithm": "sha1", "encapsulation_mode": "tunnel", "encryption_algorithm": "aes-128", "pfs": "group14", "project_id": "ccb81365fe36411a9011e90491fe1330", "tenant_id": "ccb81365fe36411a9011e90491fe1330", "lifetime": { "units": "seconds", "value": 3600 }, "id": "5291b189-fd84-46e5-84bd-78f40c05d69c", "description": "" } }
Returned Values¶
For details, see section Common Returned Values.