PolicyBasedIPSecVPNSession (type)

{
  "additionalProperties": false, 
  "description": "A Policy Based VPN requires to define protect rules that match local and peer subnets. IPSec security associations is negotiated for each pair of local and peer subnet.", 
  "extends": {
    "$ref": "IPSecVPNSession
  }, 
  "id": "PolicyBasedIPSecVPNSession", 
  "module_id": "IPSecVPN", 
  "polymorphic-type-descriptor": {
    "type-identifier": "PolicyBasedIPSecVPNSession"
  }, 
  "properties": {
    "_create_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of resource creation", 
      "readonly": true
    }, 
    "_create_user": {
      "description": "ID of the user who created this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_last_modified_time": {
      "$ref": "EpochMsTimestamp, 
      "can_sort": true, 
      "description": "Timestamp of last modification", 
      "readonly": true
    }, 
    "_last_modified_user": {
      "description": "ID of the user who last modified this resource", 
      "readonly": true, 
      "type": "string"
    }, 
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_protection": {
      "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed             to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed                 to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super                    user and can modify it, but only when providing                    the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this           entity.", 
      "readonly": true, 
      "title": "Indicates protection status of this resource", 
      "type": "string"
    }, 
    "_revision": {
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "_system_owned": {
      "description": "Indicates system owned resource", 
      "readonly": true, 
      "type": "boolean"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "enabled": {
      "default": true, 
      "description": "Enable/Disable IPSec VPN session.", 
      "title": "Enable/Disable IPSec VPN session", 
      "type": "boolean"
    }, 
    "id": {
      "can_sort": true, 
      "title": "Unique identifier of this resource", 
      "type": "string"
    }, 
    "ipsec_vpn_service_id": {
      "description": "Identifier of VPN Service linked with local endpoint.", 
      "readonly": true, 
      "title": "IPSec VPN service identifier", 
      "type": "string"
    }, 
    "local_endpoint_id": {
      "description": "Local endpoint identifier.", 
      "required": true, 
      "title": "Local endpoint identifier", 
      "type": "string"
    }, 
    "peer_endpoint_id": {
      "description": "Peer endpoint identifier.", 
      "required": true, 
      "title": "Peer endpoint identifier", 
      "type": "string"
    }, 
    "policy_rules": {
      "items": {
        "$ref": "IPSecVPNPolicyRule
      }, 
      "required": true, 
      "title": "Policy rules", 
      "type": "array"
    }, 
    "resource_type": {
      "$ref": "IPSecVPNSessionResourceType, 
      "required": true
    }, 
    "tags": {
      "items": {
        "$ref": "Tag
      }, 
      "maxItems": 30, 
      "title": "Opaque identifiers meaningful to the API user", 
      "type": "array"
    }, 
    "tcp_mss_clamping": {
      "$ref": "TcpMssClamping, 
      "required": false
    }
  }, 
  "search_dsl_name": [
    "policy based ip sec vpn session (manager)"
  ], 
  "title": "Policy based VPN session", 
  "type": "object"
}