IPSecVPNPolicyRule (schema)

IPSec VPN policy rules

For policy-based IPsec VPNs, a security policy specifies as its action the VPN tunnel to be used for transit traffic that meets the policy's match criteria.

Name Description Type Notes

_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST. array of ResourceLink Readonly

_owner Owner of this resource OwnerResourceLink Readonly

_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. int

_schema Schema for this resource string Readonly

_self Link to this resource SelfResourceLink Readonly

action Action to be applied

PROTECT - Protect rules are defined per policy based
IPSec VPN session.
BYPASS - Bypass rules are defined per IPSec VPN
service and affects all policy based IPSec VPN sessions.
Bypass rules are prioritized over protect rules.
string Readonly
Enum: PROTECT, BYPASS
Default: "PROTECT"

description Description of this resource string Maximum length: 1024
Sortable

destinations Destination list

List of peer subnets. array of IPSecVPNPolicySubnet Maximum items: 128

display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set string Maximum length: 255
Sortable

enabled Enabled flag

A flag to enable/disable the policy rule. boolean Default: "True"

id Unique policy id

Unique policy id. string

logged Logging flag

A flag to enable/disable the logging for the policy rule. boolean Default: "False"

resource_type Must be set to the value IPSecVPNPolicyRule string

sources Source list

List of local subnets. array of IPSecVPNPolicySubnet Maximum items: 128

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_owner	Owner of this resource	OwnerResourceLink	Readonly
_revision	Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.	int
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
action	Action to be applied PROTECT - Protect rules are defined per policy based IPSec VPN session. BYPASS - Bypass rules are defined per IPSec VPN service and affects all policy based IPSec VPN sessions. Bypass rules are prioritized over protect rules.	string	Readonly Enum: PROTECT, BYPASS Default: "PROTECT"
description	Description of this resource	string	Maximum length: 1024 Sortable
destinations	Destination list List of peer subnets.	array of IPSecVPNPolicySubnet	Maximum items: 128
display_name	Identifier to use when displaying entity in logs or GUI Defaults to ID if not set	string	Maximum length: 255 Sortable
enabled	Enabled flag A flag to enable/disable the policy rule.	boolean	Default: "True"
id	Unique policy id Unique policy id.	string
logged	Logging flag A flag to enable/disable the logging for the policy rule.	boolean	Default: "False"
resource_type	Must be set to the value IPSecVPNPolicyRule	string
sources	Source list List of local subnets.	array of IPSecVPNPolicySubnet	Maximum items: 128