IPSecVPNIKEProfile (schema)

Internet key exchange (IKE) profile

IKE Profile is a reusable profile that captures IKE phase one negotiation parameters. Any changes affects all IPSec VPN sessions consuming this profile.

Name Description Type Notes

_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable

_create_user ID of the user who created this resource string Readonly

_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable

_last_modified_user ID of the user who last modified this resource string Readonly

_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST. array of ResourceLink Readonly

_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly

_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. int

_schema Schema for this resource string Readonly

_self Link to this resource SelfResourceLink Readonly

_system_owned Indicates system owned resource boolean Readonly

description Description of this resource string Maximum length: 1024
Sortable

dh_groups DH group

Diffie-Hellman group to be used if PFS is enabled. Default is GROUP14. array of DHGroup

digest_algorithms Algorithm for message hash

Algorithm to be used for message digest during Internet Key Exchange(IKE) negotiation. Default is SHA2_256. array of IKEDigestAlgorithm

display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set string Maximum length: 255
Sortable

encryption_algorithms Encryption algorithm for IKE

Encryption algorithm is used during Internet Key Exchange(IKE) negotiation. Default is AES_128. array of IKEEncryptionAlgorithm

id Unique identifier of this resource string Sortable

ike_version IKE version

IKE protocol version to be used. IKE-Flex will initiate IKE-V2 and responds to both IKE-V1 and IKE-V2. string Enum: IKE_V1, IKE_V2, IKE_FLEX
Default: "IKE_V2"

resource_type Must be set to the value IPSecVPNIKEProfile string

sa_life_time Security association (SA) life time

Life time for security association. Default is 86400 seconds (1 day). integer Minimum: 21600
Maximum: 31536000
Default: "86400"

tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

Name	Description	Type	Notes
_create_time	Timestamp of resource creation	EpochMsTimestamp	Readonly Sortable
_create_user	ID of the user who created this resource	string	Readonly
_last_modified_time	Timestamp of last modification	EpochMsTimestamp	Readonly Sortable
_last_modified_user	ID of the user who last modified this resource	string	Readonly
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_protection	Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.	string	Readonly
_revision	Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.	int
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
_system_owned	Indicates system owned resource	boolean	Readonly
description	Description of this resource	string	Maximum length: 1024 Sortable
dh_groups	DH group Diffie-Hellman group to be used if PFS is enabled. Default is GROUP14.	array of DHGroup
digest_algorithms	Algorithm for message hash Algorithm to be used for message digest during Internet Key Exchange(IKE) negotiation. Default is SHA2_256.	array of IKEDigestAlgorithm
display_name	Identifier to use when displaying entity in logs or GUI Defaults to ID if not set	string	Maximum length: 255 Sortable
encryption_algorithms	Encryption algorithm for IKE Encryption algorithm is used during Internet Key Exchange(IKE) negotiation. Default is AES_128.	array of IKEEncryptionAlgorithm
id	Unique identifier of this resource	string	Sortable
ike_version	IKE version IKE protocol version to be used. IKE-Flex will initiate IKE-V2 and responds to both IKE-V1 and IKE-V2.	string	Enum: IKE_V1, IKE_V2, IKE_FLEX Default: "IKE_V2"
resource_type	Must be set to the value IPSecVPNIKEProfile	string
sa_life_time	Security association (SA) life time Life time for security association. Default is 86400 seconds (1 day).	integer	Minimum: 21600 Maximum: 31536000 Default: "86400"
tags	Opaque identifiers meaningful to the API user	array of Tag	Maximum items: 30