Management Plane API > Networking > VPN

Associated URIs:

API Description API Path

Get IPSec dead peer detection (DPD) profile list result


Get paginated list of all dead peer detection (DPD) profiles.
GET /api/v1/vpn/ipsec/dpd-profiles

Create dead peer detection (DPD) profile


Create dead peer detection (DPD) profile. Any change in profile affects all sessions consuming this profile.
POST /api/v1/vpn/ipsec/dpd-profiles

Delete dead peer detection (DPD) profile


Delete dead peer detection (DPD) profile.
DELETE /api/v1/vpn/ipsec/dpd-profiles/<ipsec-vpn-dpd-profile-id>

Get IPSec dead peer detection (DPD) profile


Get IPSec dead peer detection (DPD) profile.
GET /api/v1/vpn/ipsec/dpd-profiles/<ipsec-vpn-dpd-profile-id>

Edit IPSec dead peer detection (DPD) profile


Edit IPSec dead peer detection (DPD) profile.
PUT /api/v1/vpn/ipsec/dpd-profiles/<ipsec-vpn-dpd-profile-id>

List IKE profiles


Get paginated list of all IKE Profiles.
GET /api/v1/vpn/ipsec/ike-profiles

Create custom internet key exchange (IKE) Profile


Create custom internet key exchange (IKE) Profile. IKE Profile is a reusable profile that captures IKE and phase one negotiation parameters. System will be pre provisioned with system owned non editable default IKE profile and suggested set of profiles that can be used for peering with popular remote peers like AWS VPN. User can create custom profiles as needed. Any change in profile affects all sessions consuming this profile.
POST /api/v1/vpn/ipsec/ike-profiles

Delete custom IKE Profile


Delete custom IKE Profile. Profile can not be deleted if profile has references to it.
DELETE /api/v1/vpn/ipsec/ike-profiles/<ipsec-vpn-ike-profile-id>

Get IKE Profile


Get custom IKE Profile, given the particular id.
GET /api/v1/vpn/ipsec/ike-profiles/<ipsec-vpn-ike-profile-id>

Edit custom IKE Profile


Edit custom IKE Profile. System owned profiles are non editable.
PUT /api/v1/vpn/ipsec/ike-profiles/<ipsec-vpn-ike-profile-id>

Get IPSec local endpoint list result


Get paginated list of all local endpoints.
GET /api/v1/vpn/ipsec/local-endpoints

Create custom local endpoint


Create custom IPSec local endpoint.
POST /api/v1/vpn/ipsec/local-endpoints

Delete custom IPSec local endpoint


Delete custom IPSec local endpoint.
DELETE /api/v1/vpn/ipsec/local-endpoints/<ipsec-vpn-local-endpoint-id>

Get custom IPSec local endpoint


Get custom IPSec local endpoint.
GET /api/v1/vpn/ipsec/local-endpoints/<ipsec-vpn-local-endpoint-id>

Edit custom IPSec local endpoint


Edit custom IPSec local endpoint.
PUT /api/v1/vpn/ipsec/local-endpoints/<ipsec-vpn-local-endpoint-id>

Get IPSecVPNPeerEndpoint List Result


Get paginated list of all peer endpoint.
GET /api/v1/vpn/ipsec/peer-endpoints

Create custom peer endpoint


Create custom IPSec peer endpoint.
POST /api/v1/vpn/ipsec/peer-endpoints

Delete custom IPSec VPN peer endpoint


Delete custom IPSec VPN peer endpoint. All references are strong references and dependent peer endpoints can not be deleted if being referenced.
DELETE /api/v1/vpn/ipsec/peer-endpoints/<ipsec-vpn-peer-endpoint-id>

Get IPSec VPN peer endpoint


Get custom IPSec VPN peer endpoint.
GET /api/v1/vpn/ipsec/peer-endpoints/<ipsec-vpn-peer-endpoint-id>

Get IPSec VPN peer endpoint with PSK


Get custom IPSec VPN peer endpoint with PSK.
GET /api/v1/vpn/ipsec/peer-endpoints/<ipsec-vpn-peer-endpoint-id>?action=show-sensitive-data

Edit custom IPSecPeerEndpoint


Edit custom IPSec peer endpoint. System owned endpoints are non editable.
PUT /api/v1/vpn/ipsec/peer-endpoints/<ipsec-vpn-peer-endpoint-id>

Get IPSec VPN service list result


Get paginated list of all IPSec VPN services.
GET /api/v1/vpn/ipsec/services

Create VPN service


Create VPN service for given logical router.
POST /api/v1/vpn/ipsec/services

Delete IPSec VPN service


Delete IPSec VPN service for given router.
DELETE /api/v1/vpn/ipsec/services/<ipsec-vpn-service-id>

Get IPSec VPN service


Get IPSec VPN service for given logical router.
GET /api/v1/vpn/ipsec/services/<ipsec-vpn-service-id>

Edit IPSec VPN service


Edit IPSec VPN service for given logical router.
PUT /api/v1/vpn/ipsec/services/<ipsec-vpn-service-id>

Get IPSec VPN session list result


Get paginated list of all IPSec VPN sessions.
GET /api/v1/vpn/ipsec/sessions

Create new VPN session


Create new VPN session.
POST /api/v1/vpn/ipsec/sessions

Delete IPSec VPN session


Delete IPSec VPN session.
DELETE /api/v1/vpn/ipsec/sessions/<ipsec-vpn-session-id>

Fetch IPSec VPN session


Fetch IPSec VPN session.
GET /api/v1/vpn/ipsec/sessions/<ipsec-vpn-session-id>

Edit IPSec VPN session


Edit IPSec VPN session.
PUT /api/v1/vpn/ipsec/sessions/<ipsec-vpn-session-id>

Get VPN configuration for the peer site


API to download VPN configuration for the peer site. The configuration contains pre-shared key and secret; be careful when sharing or storing it.
GET /api/v1/vpn/ipsec/sessions/<ipsec-vpn-session-id>/peer-config

Get the Realized State of a IPSec VPN Session


Return realized state information of a ipsec vpn session.
Any configuration update that affects the ipsec vpn session can use this API
to get its realized state by passing a request_id returned by the
configuration change operation. e.g. Update configuration of ipsec vpn session,
service, endpoints, profiles, etc.
It will return a service disabled error, if the ipsec vpn service associated
with the session is disabled.
GET /api/v1/vpn/ipsec/sessions/<ipsec-vpn-session-id>/state

Get IPSec VPN session statistics


Get statistics of a vpn session across all tunnels and IKE session. Query parameter "source=realtime" is the only supported source.
GET /api/v1/vpn/ipsec/sessions/<session-id>/statistics

Reset the statistics of the given VPN session


Reset the statistics of the given VPN session.
POST /api/v1/vpn/ipsec/sessions/<session-id>/statistics?action=reset

Get IPSec VPN IKE session status


List status of IPSec session. Query parameter source supports both realtime and cached mode.
GET /api/v1/vpn/ipsec/sessions/<session-id>/status

VPN session summary


VPN session summary gets summary per vpn sessions and IKE session. Query parameter source supports only cached mode.
GET /api/v1/vpn/ipsec/sessions/summary

Get IPSecTunnelProfile List Result


Get paginated list of all IPSecTunnelProfiles.
GET /api/v1/vpn/ipsec/tunnel-profiles

Create custom IPSec tunnel profile


Create custom IPSec tunnel profile. IPSec tunnel profile is a reusable profile that captures phase two negotiation parameters and tunnel properties. System will be provisioned with system owned non editable default IPSec tunnel profile. Any change in profile affects all sessions consuming this profile.
POST /api/v1/vpn/ipsec/tunnel-profiles

Delete custom IPSecTunnelProfile


Delete custom IPSec Tunnel Profile.
DELETE /api/v1/vpn/ipsec/tunnel-profiles/<ipsec-vpn-tunnel-profile-id>

Get IPSec tunnel profile


Get custom IPSec Tunnel Profile.
GET /api/v1/vpn/ipsec/tunnel-profiles/<ipsec-vpn-tunnel-profile-id>

Edit custom IPSecTunnelProfile


Edit custom IPSec Tunnel Profile. System owned profiles are non editable.
PUT /api/v1/vpn/ipsec/tunnel-profiles/<ipsec-vpn-tunnel-profile-id>

Get all L2VPN services


Get paginated list of all L2VPN services
GET /api/v1/vpn/l2vpn/services

Create L2VPN service


Create L2VPN service for a given logical router
POST /api/v1/vpn/l2vpn/services

Delete a L2VPN service


Delete a specific L2VPN service. If there are any L2VpnSessions on this L2VpnService, those needs to be deleted first.
DELETE /api/v1/vpn/l2vpn/services/<l2vpn-service-id>

Get L2VPN service


Get a specific L2VPN service
GET /api/v1/vpn/l2vpn/services/<l2vpn-service-id>

Edit a L2VPN service


Edit a specific L2VPN service
PUT /api/v1/vpn/l2vpn/services/<l2vpn-service-id>

Get all L2VPN sessions


Get paginated list of all L2VPN sessions
GET /api/v1/vpn/l2vpn/sessions

Create L2VPN session


Create L2VPN session and bind to a L2VPNService
POST /api/v1/vpn/l2vpn/sessions

Delete a L2VPN session


Delete a specific L2VPN session. If there are any logical switch ports attached to it, those needs to be deleted first.
DELETE /api/v1/vpn/l2vpn/sessions/<l2vpn-session-id>

Get a L2VPN session


Get a specific L2VPN session
GET /api/v1/vpn/l2vpn/sessions/<l2vpn-session-id>

Edit a L2VPN session


Edit a specific L2VPN session
PUT /api/v1/vpn/l2vpn/sessions/<l2vpn-session-id>

Get peer codes for the L2VpnSession


Get peer codes for the L2VPN session to program the remote side of the tunnel.
GET /api/v1/vpn/l2vpn/sessions/<l2vpn-session-id>/peer-codes

Get L2VPN session remote mac for logical switch


Get L2VPN session remote mac for logical switch.
GET /api/v1/vpn/l2vpn/sessions/<session-id>/remote-mac

Get L2VPN session statistics


Get statistics of a L2VPN session. Query parameter source=realtime is the only supported source.
GET /api/v1/vpn/l2vpn/sessions/<session-id>/statistics

Get L2VPN session status


Aggregated status of L2VPN session. Query parameter source=realtime|cached is supported.
GET /api/v1/vpn/l2vpn/sessions/<session-id>/status

Get status summary of all existing L2VPN sessions.


Load all the existing L2VPN sessions and return the status summary of all L2VPN sessions. Query parameter source supports only cached mode.
GET /api/v1/vpn/l2vpn/sessions/summary

Cumulative statistics for one IKE service instance


Cumulative statistics for one IKE service instance. Query parameter source supports only cached mode.
GET /api/v1/vpn/services/<service-id>/summary