This YANG module provides mappings of the CLI command structure to the underlying data-model elements for the Netgate router.
Copyright 2016-2019 Rubicon Communications, LLC.
Example URL
returns netgate.ipsec.IpsecConfig
netgate.ipsec.IpsecConfig
Internal error
package main import ( "fmt" "net/http" "io/ioutil" ) func main() { url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config" req, _ := http.NewRequest("GET", url, nil) res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := ioutil.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) }
Example URL
creates netgate.ipsec.IpsecConfig
netgate.ipsec.IpsecConfig to be added to list
tunnel | Array of objects (netgate.ipsec.ipsecconfig.Tunnel) IPsec tunnel configurations |
Object created
Internal error
Object already exists
Example URL
creates or updates netgate.ipsec.IpsecConfig
netgate.ipsec.IpsecConfig to be added or updated
netgate-ipsec:ipsec-config | object (netgate.ipsec.IpsecConfig) |
Object created
Object modified
Internal error
Example URL
removes netgate.ipsec.IpsecConfig
Object deleted
Internal error
package main import ( "fmt" "net/http" "io/ioutil" ) func main() { url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config" req, _ := http.NewRequest("DELETE", url, nil) res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := ioutil.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) }
Example URL
IPsec tunnel configurations
netgate.ipsec.ipsecconfig.Tunnel to be added to list
remote-type | string (netgate.ipsec.RemoteType) Enum: "gateway" "endpoint" |
tunnel-type | string (netgate.ipsec.TunnelType) Value: "interface" |
remote-addr | string IP address or hostname of remote tunnel peer. |
instance | integer <int64> Numeric identifier of tunnel |
local-addr | string IP address used locally to terminate tunnel. |
crypto | object (netgate.ipsec.ipsecconfig.tunnel.Crypto) |
Object created
Internal error
Object already exists
Example URL
IPsec tunnel configurations
instance required | integer <int64> Id of tunnel |
netgate.ipsec.ipsecconfig.Tunnel
Internal error
package main import ( "fmt" "net/http" "io/ioutil" ) func main() { url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel=%7Binstance%7D" req, _ := http.NewRequest("GET", url, nil) res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := ioutil.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) }
Example URL
IPsec tunnel configurations
instance required | integer <int64> Id of tunnel |
netgate.ipsec.ipsecconfig.Tunnel to be added to list
remote-type | string (netgate.ipsec.RemoteType) Enum: "gateway" "endpoint" |
tunnel-type | string (netgate.ipsec.TunnelType) Value: "interface" |
remote-addr | string IP address or hostname of remote tunnel peer. |
instance | integer <int64> Numeric identifier of tunnel |
local-addr | string IP address used locally to terminate tunnel. |
crypto | object (netgate.ipsec.ipsecconfig.tunnel.Crypto) |
Object created
Internal error
Object already exists
Example URL
IPsec tunnel configurations
instance required | integer <int64> Id of tunnel |
netgate.ipsec.ipsecconfig.Tunnel to be added or updated
netgate-ipsec:tunnel | object (netgate.ipsec.ipsecconfig.Tunnel) |
Object created
Object modified
Internal error
Example URL
IPsec tunnel configurations
instance required | integer <int64> Id of tunnel |
Object deleted
Internal error
package main import ( "fmt" "net/http" "io/ioutil" ) func main() { url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel=%7Binstance%7D" req, _ := http.NewRequest("DELETE", url, nil) res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := ioutil.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) }
Example URL
Tunnel cryptographic settings
instance required | integer <int64> Id of tunnel |
netgate.ipsec.ipsecconfig.tunnel.Crypto
Internal error
package main import ( "fmt" "net/http" "io/ioutil" ) func main() { url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel=%7Binstance%7D/netgate-ipsec:crypto" req, _ := http.NewRequest("GET", url, nil) res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := ioutil.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) }
Example URL
Tunnel cryptographic settings
instance required | integer <int64> Id of tunnel |
netgate.ipsec.ipsecconfig.tunnel.Crypto to be added to list
ike | object (netgate.ipsec.ipsecconfig.tunnel.crypto.Ike) |
manual | object (netgate.ipsec.ipsecconfig.tunnel.crypto.Manual) |
config-type | string (netgate.ipsec.ConfigType) Enum: "ike" "manual" |
Object created
Internal error
Object already exists
Example URL
Tunnel cryptographic settings
instance required | integer <int64> Id of tunnel |
netgate.ipsec.ipsecconfig.tunnel.Crypto to be added or updated
netgate-ipsec:crypto | object (netgate.ipsec.ipsecconfig.tunnel.Crypto) |
Object created
Object modified
Internal error
Example URL
Tunnel cryptographic settings
instance required | integer <int64> Id of tunnel |
Object deleted
Internal error
package main import ( "fmt" "net/http" "io/ioutil" ) func main() { url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel=%7Binstance%7D/netgate-ipsec:crypto" req, _ := http.NewRequest("DELETE", url, nil) res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := ioutil.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) }
Example URL
returns netgate.ipsec.ipsecconfig.tunnel.crypto.Ike
instance required | integer <int64> Id of tunnel |
netgate.ipsec.ipsecconfig.tunnel.crypto.Ike
Internal error
package main import ( "fmt" "net/http" "io/ioutil" ) func main() { url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel=%7Binstance%7D/netgate-ipsec:crypto/netgate-ipsec:ike" req, _ := http.NewRequest("GET", url, nil) res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := ioutil.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) }
Example URL
creates netgate.ipsec.ipsecconfig.tunnel.crypto.Ike
instance required | integer <int64> Id of tunnel |
netgate.ipsec.ipsecconfig.tunnel.crypto.Ike to be added to list
key-renewal | string (netgate.ipsec.KeyRenewalT) Enum: "reauth" "rekey" |
role | string (netgate.ipsec.Role) Enum: "initiator-only" "responder-only" "both" |
child-sa | Array of objects (netgate.ipsec.ipsecconfig.tunnel.crypto.ike.ChildSa) Child (phase 2) SA. |
identity | Array of objects (netgate.ipsec.ipsecconfig.tunnel.crypto.ike.Identity) The ID data for one peer in the SA |
lifetime | integer <int64> Default: 14400 Lifetime of IKE SA in seconds. |
proposals | Array of objects (netgate.ipsec.ipsecconfig.tunnel.crypto.ike.Proposals) Proposed parameters for IKE SA |
dpd-poll-interval | integer <int32> Seconds between DPD peer status checks. |
version | integer <int32> Default: 2 |
authentication | Array of objects (netgate.ipsec.ipsecconfig.tunnel.crypto.ike.Authentication) The auth data for an IKE peer |
Object created
Internal error
Object already exists
Example URL
creates or updates netgate.ipsec.ipsecconfig.tunnel.crypto.Ike
instance required | integer <int64> Id of tunnel |
netgate.ipsec.ipsecconfig.tunnel.crypto.Ike to be added or updated
netgate-ipsec:ike | object (netgate.ipsec.ipsecconfig.tunnel.crypto.Ike) |
Object created
Object modified
Internal error
Example URL
removes netgate.ipsec.ipsecconfig.tunnel.crypto.Ike
instance required | integer <int64> Id of tunnel |
Object deleted
Internal error
package main import ( "fmt" "net/http" "io/ioutil" ) func main() { url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel=%7Binstance%7D/netgate-ipsec:crypto/netgate-ipsec:ike" req, _ := http.NewRequest("DELETE", url, nil) res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := ioutil.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) }
Example URL
The auth data for an IKE peer
instance required | integer <int64> Id of tunnel |
netgate.ipsec.ipsecconfig.tunnel.crypto.ike.Authentication to be added to list
round | Array of objects (netgate.ipsec.ipsecconfig.tunnel.crypto.ike.authentication.Round) An authentication round for one peer. |
peer | string (netgate.ipsec.PeerPositionT) Enum: "remote" "local" |
Object created
Internal error
Object already exists
Example URL
The auth data for an IKE peer
instance required | integer <int64> Id of tunnel |
peer required | string Id of authentication |
netgate.ipsec.ipsecconfig.tunnel.crypto.ike.Authentication
Internal error
package main import ( "fmt" "net/http" "io/ioutil" ) func main() { url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel=%7Binstance%7D/netgate-ipsec:crypto/netgate-ipsec:ike/netgate-ipsec:authentication=%7Bpeer%7D" req, _ := http.NewRequest("GET", url, nil) res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := ioutil.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) }
Example URL
The auth data for an IKE peer
instance required | integer <int64> Id of tunnel |
peer required | string Id of authentication |
netgate.ipsec.ipsecconfig.tunnel.crypto.ike.Authentication to be added to list
round | Array of objects (netgate.ipsec.ipsecconfig.tunnel.crypto.ike.authentication.Round) An authentication round for one peer. |
peer | string (netgate.ipsec.PeerPositionT) Enum: "remote" "local" |
Object created
Internal error
Object already exists
Example URL
The auth data for an IKE peer
instance required | integer <int64> Id of tunnel |
peer required | string Id of authentication |
netgate.ipsec.ipsecconfig.tunnel.crypto.ike.Authentication to be added or updated
netgate-ipsec:authentication | object (netgate.ipsec.ipsecconfig.tunnel.crypto.ike.Authentication) |
Object created
Object modified
Internal error
Example URL
The auth data for an IKE peer
instance required | integer <int64> Id of tunnel |
peer required | string Id of authentication |
Object deleted
Internal error
package main import ( "fmt" "net/http" "io/ioutil" ) func main() { url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel=%7Binstance%7D/netgate-ipsec:crypto/netgate-ipsec:ike/netgate-ipsec:authentication=%7Bpeer%7D" req, _ := http.NewRequest("DELETE", url, nil) res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := ioutil.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) }
Example URL
An authentication round for one peer.
instance required | integer <int64> Id of tunnel |
peer required | string Id of authentication |
netgate.ipsec.ipsecconfig.tunnel.crypto.ike.authentication.Round to be added to list
number | integer <int32> Numeric field to order multiple authentications |
psk | string Pre Shared Key |
type | string (netgate.ipsec.AuthenticationMethodT) Value: "psk" |
Object created
Internal error
Object already exists
Example URL
An authentication round for one peer.
instance required | integer <int64> Id of tunnel |
peer required | string Id of authentication |
number required | integer <int32> Id of round |
netgate.ipsec.ipsecconfig.tunnel.crypto.ike.authentication.Round
Internal error
package main import ( "fmt" "net/http" "io/ioutil" ) func main() { url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel=%7Binstance%7D/netgate-ipsec:crypto/netgate-ipsec:ike/netgate-ipsec:authentication=%7Bpeer%7D/netgate-ipsec:round=%7Bnumber%7D" req, _ := http.NewRequest("GET", url, nil) res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := ioutil.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) }
Example URL
An authentication round for one peer.
instance required | integer <int64> Id of tunnel |
peer required | string Id of authentication |
number required | integer <int32> Id of round |
netgate.ipsec.ipsecconfig.tunnel.crypto.ike.authentication.Round to be added to list
number | integer <int32> Numeric field to order multiple authentications |
psk | string Pre Shared Key |
type | string (netgate.ipsec.AuthenticationMethodT) Value: "psk" |
Object created
Internal error
Object already exists
Example URL
An authentication round for one peer.
instance required | integer <int64> Id of tunnel |
peer required | string Id of authentication |
number required | integer <int32> Id of round |
netgate.ipsec.ipsecconfig.tunnel.crypto.ike.authentication.Round to be added or updated
netgate-ipsec:round | object (netgate.ipsec.ipsecconfig.tunnel.crypto.ike.authentication.Round) |
Object created
Object modified
Internal error
Example URL
An authentication round for one peer.
instance required | integer <int64> Id of tunnel |
peer required | string Id of authentication |
number required | integer <int32> Id of round |
Object deleted
Internal error
package main import ( "fmt" "net/http" "io/ioutil" ) func main() { url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel=%7Binstance%7D/netgate-ipsec:crypto/netgate-ipsec:ike/netgate-ipsec:authentication=%7Bpeer%7D/netgate-ipsec:round=%7Bnumber%7D" req, _ := http.NewRequest("DELETE", url, nil) res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := ioutil.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) }
Example URL
Child (phase 2) SA.
instance required | integer <int64> Id of tunnel |
netgate.ipsec.ipsecconfig.tunnel.crypto.ike.ChildSa to be added to list
proposal | Array of objects (netgate.ipsec.ipsecconfig.tunnel.crypto.ike.childsa.Proposal) |
mode | string (netgate.ipsec.Mode) Value: "tunnel" |
protocol | string (netgate.ipsec.Protocol) Value: "esp" |
lifetime | integer <int64> Default: 3600 The length of time in seconds until the child SA is no longer valid. |
name | string Name of the child SA |
traffic-selector | Array of objects (netgate.ipsec.ipsecconfig.tunnel.crypto.ike.childsa.TrafficSelector) Local and remote address ranges that match packets that should go over a policy-based IPsec tunnel. |
replay-window | integer <int64> Number of packets in replay window. Currently, 64 packets is the only supported value. Setting anything here will enable a 64 packet replay window. |
Object created
Internal error
Object already exists
Example URL
Child (phase 2) SA.
instance required | integer <int64> Id of tunnel |
name required | string Id of child-sa |
netgate.ipsec.ipsecconfig.tunnel.crypto.ike.ChildSa
Internal error
package main import ( "fmt" "net/http" "io/ioutil" ) func main() { url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel=%7Binstance%7D/netgate-ipsec:crypto/netgate-ipsec:ike/netgate-ipsec:child-sa=%7Bname%7D" req, _ := http.NewRequest("GET", url, nil) res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := ioutil.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) }
Example URL
Child (phase 2) SA.
instance required | integer <int64> Id of tunnel |
name required | string Id of child-sa |
netgate.ipsec.ipsecconfig.tunnel.crypto.ike.ChildSa to be added to list
proposal | Array of objects (netgate.ipsec.ipsecconfig.tunnel.crypto.ike.childsa.Proposal) |
mode | string (netgate.ipsec.Mode) Value: "tunnel" |
protocol | string (netgate.ipsec.Protocol) Value: "esp" |
lifetime | integer <int64> Default: 3600 The length of time in seconds until the child SA is no longer valid. |
name | string Name of the child SA |
traffic-selector | Array of objects (netgate.ipsec.ipsecconfig.tunnel.crypto.ike.childsa.TrafficSelector) Local and remote address ranges that match packets that should go over a policy-based IPsec tunnel. |
replay-window | integer <int64> Number of packets in replay window. Currently, 64 packets is the only supported value. Setting anything here will enable a 64 packet replay window. |
Object created
Internal error
Object already exists
Example URL
Child (phase 2) SA.
instance required | integer <int64> Id of tunnel |
name required | string Id of child-sa |
netgate.ipsec.ipsecconfig.tunnel.crypto.ike.ChildSa to be added or updated
netgate-ipsec:child-sa | object (netgate.ipsec.ipsecconfig.tunnel.crypto.ike.ChildSa) |
Object created
Object modified
Internal error
Example URL
Child (phase 2) SA.
instance required | integer <int64> Id of tunnel |
name required | string Id of child-sa |
Object deleted
Internal error
package main import ( "fmt" "net/http" "io/ioutil" ) func main() { url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel=%7Binstance%7D/netgate-ipsec:crypto/netgate-ipsec:ike/netgate-ipsec:child-sa=%7Bname%7D" req, _ := http.NewRequest("DELETE", url, nil) res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := ioutil.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) }
Example URL
creates netgate.ipsec.ipsecconfig.tunnel.crypto.ike.childsa.Proposal
instance required | integer <int64> Id of tunnel |
name required | string Id of child-sa |
netgate.ipsec.ipsecconfig.tunnel.crypto.ike.childsa.Proposal to be added to list
name | string |
sequence-number | string (netgate.ipsec.IpsecSeqNumberTypeT) Enum: "esn" "noesn" |
encryption-algorithm | string (netgate.ipsec.DataplaneEspEncryptionAlgorithmT) Enum: "aes128gcm16" "aes192gcm16" "aes256gcm16" "aes128" "aes192" "aes256" |
dh-group | string (netgate.ipsec.NgDiffieHellmanGroupT) Enum: "modp768" "modp1024" "modp1536" "modp2048" "modp3072" "modp4096" "modp6144" "modp8192" "ecp256" "ecp384" "ecp521" "modp1024s160" "modp2048s224" "modp2048s256" |
integrity-algorithm | string (netgate.ipsec.DataplaneEspIntegrityAlgorithmT) Enum: "md5" "sha1" "sha256" "sha384" "sha512" |
Object created
Internal error
Object already exists
Example URL
returns netgate.ipsec.ipsecconfig.tunnel.crypto.ike.childsa.Proposal
instance required | integer <int64> Id of tunnel |
name required | string Id of child-sa |
proposal-name required | string Id of proposal |
netgate.ipsec.ipsecconfig.tunnel.crypto.ike.childsa.Proposal
Internal error
package main import ( "fmt" "net/http" "io/ioutil" ) func main() { url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel=%7Binstance%7D/netgate-ipsec:crypto/netgate-ipsec:ike/netgate-ipsec:child-sa=%7Bname%7D/netgate-ipsec:proposal=%7Bproposal-name%7D" req, _ := http.NewRequest("GET", url, nil) res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := ioutil.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) }
Example URL
creates netgate.ipsec.ipsecconfig.tunnel.crypto.ike.childsa.Proposal
instance required | integer <int64> Id of tunnel |
name required | string Id of child-sa |
proposal-name required | string Id of proposal |
netgate.ipsec.ipsecconfig.tunnel.crypto.ike.childsa.Proposal to be added to list
name | string |
sequence-number | string (netgate.ipsec.IpsecSeqNumberTypeT) Enum: "esn" "noesn" |
encryption-algorithm | string (netgate.ipsec.DataplaneEspEncryptionAlgorithmT) Enum: "aes128gcm16" "aes192gcm16" "aes256gcm16" "aes128" "aes192" "aes256" |
dh-group | string (netgate.ipsec.NgDiffieHellmanGroupT) Enum: "modp768" "modp1024" "modp1536" "modp2048" "modp3072" "modp4096" "modp6144" "modp8192" "ecp256" "ecp384" "ecp521" "modp1024s160" "modp2048s224" "modp2048s256" |
integrity-algorithm | string (netgate.ipsec.DataplaneEspIntegrityAlgorithmT) Enum: "md5" "sha1" "sha256" "sha384" "sha512" |
Object created
Internal error
Object already exists
Example URL
creates or updates netgate.ipsec.ipsecconfig.tunnel.crypto.ike.childsa.Proposal
instance required | integer <int64> Id of tunnel |
name required | string Id of child-sa |
proposal-name required | string Id of proposal |
netgate.ipsec.ipsecconfig.tunnel.crypto.ike.childsa.Proposal to be added or updated
netgate-ipsec:proposal | object (netgate.ipsec.ipsecconfig.tunnel.crypto.ike.childsa.Proposal) |
Object created
Object modified
Internal error
Example URL
removes netgate.ipsec.ipsecconfig.tunnel.crypto.ike.childsa.Proposal
instance required | integer <int64> Id of tunnel |
name required | string Id of child-sa |
proposal-name required | string Id of proposal |
Object deleted
Internal error
package main import ( "fmt" "net/http" "io/ioutil" ) func main() { url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel=%7Binstance%7D/netgate-ipsec:crypto/netgate-ipsec:ike/netgate-ipsec:child-sa=%7Bname%7D/netgate-ipsec:proposal=%7Bproposal-name%7D" req, _ := http.NewRequest("DELETE", url, nil) res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := ioutil.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) }
Example URL
Local and remote address ranges that match packets that should go over a policy-based IPsec tunnel.
instance required | integer <int64> Id of tunnel |
name required | string Id of child-sa |
netgate.ipsec.ipsecconfig.tunnel.crypto.ike.childsa.TrafficSelector to be added to list
number | integer <int32> Numeric identifier for traffic selector. |
remote-net | string Remote network prefix. |
local-net | string Local network prefix. |
Object created
Internal error
Object already exists
Example URL
Local and remote address ranges that match packets that should go over a policy-based IPsec tunnel.
instance required | integer <int64> Id of tunnel |
name required | string Id of child-sa |
number required | integer <int32> Id of traffic-selector |
netgate.ipsec.ipsecconfig.tunnel.crypto.ike.childsa.TrafficSelector
Internal error
package main import ( "fmt" "net/http" "io/ioutil" ) func main() { url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel=%7Binstance%7D/netgate-ipsec:crypto/netgate-ipsec:ike/netgate-ipsec:child-sa=%7Bname%7D/netgate-ipsec:traffic-selector=%7Bnumber%7D" req, _ := http.NewRequest("GET", url, nil) res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := ioutil.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) }
Example URL
Local and remote address ranges that match packets that should go over a policy-based IPsec tunnel.
instance required | integer <int64> Id of tunnel |
name required | string Id of child-sa |
number required | integer <int32> Id of traffic-selector |
netgate.ipsec.ipsecconfig.tunnel.crypto.ike.childsa.TrafficSelector to be added to list
number | integer <int32> Numeric identifier for traffic selector. |
remote-net | string Remote network prefix. |
local-net | string Local network prefix. |
Object created
Internal error
Object already exists
Example URL
Local and remote address ranges that match packets that should go over a policy-based IPsec tunnel.
instance required | integer <int64> Id of tunnel |
name required | string Id of child-sa |
number required | integer <int32> Id of traffic-selector |
netgate.ipsec.ipsecconfig.tunnel.crypto.ike.childsa.TrafficSelector to be added or updated
netgate-ipsec:traffic-selector | object (netgate.ipsec.ipsecconfig.tunnel.crypto.ike.childsa.TrafficSelector) |
Object created
Object modified
Internal error
Example URL
Local and remote address ranges that match packets that should go over a policy-based IPsec tunnel.
instance required | integer <int64> Id of tunnel |
name required | string Id of child-sa |
number required | integer <int32> Id of traffic-selector |
Object deleted
Internal error
package main import ( "fmt" "net/http" "io/ioutil" ) func main() { url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel=%7Binstance%7D/netgate-ipsec:crypto/netgate-ipsec:ike/netgate-ipsec:child-sa=%7Bname%7D/netgate-ipsec:traffic-selector=%7Bnumber%7D" req, _ := http.NewRequest("DELETE", url, nil) res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := ioutil.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) }
Example URL
The ID data for one peer in the SA
instance required | integer <int64> Id of tunnel |
netgate.ipsec.ipsecconfig.tunnel.crypto.ike.Identity to be added to list
type | string (netgate.ipsec.IkeIdentityTypeT) Enum: "none" "email" "fqdn" "dn" "key-id" "address" |
value | string The ID of the peer. |
peer | string (netgate.ipsec.PeerPositionT) Enum: "remote" "local" |
Object created
Internal error
Object already exists
Example URL
The ID data for one peer in the SA
instance required | integer <int64> Id of tunnel |
peer required | string Id of identity |
netgate.ipsec.ipsecconfig.tunnel.crypto.ike.Identity
Internal error
package main import ( "fmt" "net/http" "io/ioutil" ) func main() { url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel=%7Binstance%7D/netgate-ipsec:crypto/netgate-ipsec:ike/netgate-ipsec:identity=%7Bpeer%7D" req, _ := http.NewRequest("GET", url, nil) res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := ioutil.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) }
Example URL
The ID data for one peer in the SA
instance required | integer <int64> Id of tunnel |
peer required | string Id of identity |
netgate.ipsec.ipsecconfig.tunnel.crypto.ike.Identity to be added to list
type | string (netgate.ipsec.IkeIdentityTypeT) Enum: "none" "email" "fqdn" "dn" "key-id" "address" |
value | string The ID of the peer. |
peer | string (netgate.ipsec.PeerPositionT) Enum: "remote" "local" |
Object created
Internal error
Object already exists
Example URL
The ID data for one peer in the SA
instance required | integer <int64> Id of tunnel |
peer required | string Id of identity |
netgate.ipsec.ipsecconfig.tunnel.crypto.ike.Identity to be added or updated
netgate-ipsec:identity | object (netgate.ipsec.ipsecconfig.tunnel.crypto.ike.Identity) |
Object created
Object modified
Internal error
Example URL
The ID data for one peer in the SA
instance required | integer <int64> Id of tunnel |
peer required | string Id of identity |
Object deleted
Internal error
package main import ( "fmt" "net/http" "io/ioutil" ) func main() { url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel=%7Binstance%7D/netgate-ipsec:crypto/netgate-ipsec:ike/netgate-ipsec:identity=%7Bpeer%7D" req, _ := http.NewRequest("DELETE", url, nil) res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := ioutil.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) }
Example URL
Proposed parameters for IKE SA
instance required | integer <int64> Id of tunnel |
netgate.ipsec.ipsecconfig.tunnel.crypto.ike.Proposals to be added to list
name | string IKE proposal name. |
encryption-algorithm | string (netgate.ipsec.NgIkeEncryptionAlgorithmT) Enum: "aes128" "aes192" "aes256" "aes128ctr" "aes192ctr" "aes256ctr" "aes128ccm8" "aes192ccm8" "aes256ccm8" "aes128ccm12" "aes192ccm12" "aes256ccm12" "aes128ccm16" "aes192ccm16" "aes256ccm16" "aes128gcm8" "aes192gcm8" "aes256gcm8" "aes128gcm12" "aes192gcm12" "aes256gcm12" "aes128gcm16" "aes192gcm16" "aes256gcm16" "camellia128" "camellia192" "camellia256" "camellia128ctr" "camellia192ctr" "camellia256ctr" "camellia128ccm8" "camellia192ccm8" "camellia256ccm8" "camellia128ccm12" "camellia192ccm12" "camellia256ccm12" "camellia128ccm16" "camellia192ccm16" "camellia256ccm16" "chacha20poly1305" |
prf | string (netgate.ipsec.NgPseudoRandomFunctionT) Enum: "prfmd5" "prfsha1" "prfaesxcbc" "prfsha256" "prfsha384" "prfsha512" "prfaescmac" |
dh-group | string (netgate.ipsec.NgDiffieHellmanGroupT) Enum: "modp768" "modp1024" "modp1536" "modp2048" "modp3072" "modp4096" "modp6144" "modp8192" "ecp256" "ecp384" "ecp521" "modp1024s160" "modp2048s224" "modp2048s256" |
integrity-algorithm | string (netgate.ipsec.NgIkeIntegrityAlgorithmT) Enum: "md5" "sha1" "aesxcbc" "aescmac" "sha256" "sha384" "sha512" |
Object created
Internal error
Object already exists
Example URL
Proposed parameters for IKE SA
instance required | integer <int64> Id of tunnel |
name required | string Id of proposals |
netgate.ipsec.ipsecconfig.tunnel.crypto.ike.Proposals
Internal error
package main import ( "fmt" "net/http" "io/ioutil" ) func main() { url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel=%7Binstance%7D/netgate-ipsec:crypto/netgate-ipsec:ike/netgate-ipsec:proposals=%7Bname%7D" req, _ := http.NewRequest("GET", url, nil) res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := ioutil.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) }
Example URL
Proposed parameters for IKE SA
instance required | integer <int64> Id of tunnel |
name required | string Id of proposals |
netgate.ipsec.ipsecconfig.tunnel.crypto.ike.Proposals to be added to list
name | string IKE proposal name. |
encryption-algorithm | string (netgate.ipsec.NgIkeEncryptionAlgorithmT) Enum: "aes128" "aes192" "aes256" "aes128ctr" "aes192ctr" "aes256ctr" "aes128ccm8" "aes192ccm8" "aes256ccm8" "aes128ccm12" "aes192ccm12" "aes256ccm12" "aes128ccm16" "aes192ccm16" "aes256ccm16" "aes128gcm8" "aes192gcm8" "aes256gcm8" "aes128gcm12" "aes192gcm12" "aes256gcm12" "aes128gcm16" "aes192gcm16" "aes256gcm16" "camellia128" "camellia192" "camellia256" "camellia128ctr" "camellia192ctr" "camellia256ctr" "camellia128ccm8" "camellia192ccm8" "camellia256ccm8" "camellia128ccm12" "camellia192ccm12" "camellia256ccm12" "camellia128ccm16" "camellia192ccm16" "camellia256ccm16" "chacha20poly1305" |
prf | string (netgate.ipsec.NgPseudoRandomFunctionT) Enum: "prfmd5" "prfsha1" "prfaesxcbc" "prfsha256" "prfsha384" "prfsha512" "prfaescmac" |
dh-group | string (netgate.ipsec.NgDiffieHellmanGroupT) Enum: "modp768" "modp1024" "modp1536" "modp2048" "modp3072" "modp4096" "modp6144" "modp8192" "ecp256" "ecp384" "ecp521" "modp1024s160" "modp2048s224" "modp2048s256" |
integrity-algorithm | string (netgate.ipsec.NgIkeIntegrityAlgorithmT) Enum: "md5" "sha1" "aesxcbc" "aescmac" "sha256" "sha384" "sha512" |
Object created
Internal error
Object already exists
Example URL
Proposed parameters for IKE SA
instance required | integer <int64> Id of tunnel |
name required | string Id of proposals |
netgate.ipsec.ipsecconfig.tunnel.crypto.ike.Proposals to be added or updated
netgate-ipsec:proposals | object (netgate.ipsec.ipsecconfig.tunnel.crypto.ike.Proposals) |
Object created
Object modified
Internal error
Example URL
Proposed parameters for IKE SA
instance required | integer <int64> Id of tunnel |
name required | string Id of proposals |
Object deleted
Internal error
package main import ( "fmt" "net/http" "io/ioutil" ) func main() { url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel=%7Binstance%7D/netgate-ipsec:crypto/netgate-ipsec:ike/netgate-ipsec:proposals=%7Bname%7D" req, _ := http.NewRequest("DELETE", url, nil) res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := ioutil.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) }
Example URL
returns netgate.ipsec.ipsecconfig.tunnel.crypto.Manual
instance required | integer <int64> Id of tunnel |
netgate.ipsec.ipsecconfig.tunnel.crypto.Manual
Internal error
package main import ( "fmt" "net/http" "io/ioutil" ) func main() { url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel=%7Binstance%7D/netgate-ipsec:crypto/netgate-ipsec:manual" req, _ := http.NewRequest("GET", url, nil) res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := ioutil.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) }
Example URL
creates netgate.ipsec.ipsecconfig.tunnel.crypto.Manual
instance required | integer <int64> Id of tunnel |
netgate.ipsec.ipsecconfig.tunnel.crypto.Manual to be added to list
protocol | string (netgate.ipsec.Protocol) Value: "esp" |
integrity | object (netgate.ipsec.ipsecconfig.tunnel.crypto.manual.Integrity) |
encryption | object (netgate.ipsec.ipsecconfig.tunnel.crypto.manual.Encryption) |
Object created
Internal error
Object already exists
Example URL
creates or updates netgate.ipsec.ipsecconfig.tunnel.crypto.Manual
instance required | integer <int64> Id of tunnel |
netgate.ipsec.ipsecconfig.tunnel.crypto.Manual to be added or updated
netgate-ipsec:manual | object (netgate.ipsec.ipsecconfig.tunnel.crypto.Manual) |
Object created
Object modified
Internal error
Example URL
removes netgate.ipsec.ipsecconfig.tunnel.crypto.Manual
instance required | integer <int64> Id of tunnel |
Object deleted
Internal error
package main import ( "fmt" "net/http" "io/ioutil" ) func main() { url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel=%7Binstance%7D/netgate-ipsec:crypto/netgate-ipsec:manual" req, _ := http.NewRequest("DELETE", url, nil) res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := ioutil.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) }
Example URL
returns netgate.ipsec.ipsecconfig.tunnel.crypto.manual.Encryption
instance required | integer <int64> Id of tunnel |
netgate.ipsec.ipsecconfig.tunnel.crypto.manual.Encryption
Internal error
package main import ( "fmt" "net/http" "io/ioutil" ) func main() { url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel=%7Binstance%7D/netgate-ipsec:crypto/netgate-ipsec:manual/netgate-ipsec:encryption" req, _ := http.NewRequest("GET", url, nil) res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := ioutil.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) }
Example URL
creates netgate.ipsec.ipsecconfig.tunnel.crypto.manual.Encryption
instance required | integer <int64> Id of tunnel |
netgate.ipsec.ipsecconfig.tunnel.crypto.manual.Encryption to be added to list
key | string |
algorithm | string (netgate.ipsec.DataplaneEspEncryptionAlgorithmT) Enum: "aes128gcm16" "aes192gcm16" "aes256gcm16" "aes128" "aes192" "aes256" |
Object created
Internal error
Object already exists
Example URL
creates or updates netgate.ipsec.ipsecconfig.tunnel.crypto.manual.Encryption
instance required | integer <int64> Id of tunnel |
netgate.ipsec.ipsecconfig.tunnel.crypto.manual.Encryption to be added or updated
netgate-ipsec:encryption | object (netgate.ipsec.ipsecconfig.tunnel.crypto.manual.Encryption) |
Object created
Object modified
Internal error
Example URL
removes netgate.ipsec.ipsecconfig.tunnel.crypto.manual.Encryption
instance required | integer <int64> Id of tunnel |
Object deleted
Internal error
package main import ( "fmt" "net/http" "io/ioutil" ) func main() { url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel=%7Binstance%7D/netgate-ipsec:crypto/netgate-ipsec:manual/netgate-ipsec:encryption" req, _ := http.NewRequest("DELETE", url, nil) res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := ioutil.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) }
Example URL
returns netgate.ipsec.ipsecconfig.tunnel.crypto.manual.Integrity
instance required | integer <int64> Id of tunnel |
netgate.ipsec.ipsecconfig.tunnel.crypto.manual.Integrity
Internal error
package main import ( "fmt" "net/http" "io/ioutil" ) func main() { url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel=%7Binstance%7D/netgate-ipsec:crypto/netgate-ipsec:manual/netgate-ipsec:integrity" req, _ := http.NewRequest("GET", url, nil) res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := ioutil.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) }
Example URL
creates netgate.ipsec.ipsecconfig.tunnel.crypto.manual.Integrity
instance required | integer <int64> Id of tunnel |
netgate.ipsec.ipsecconfig.tunnel.crypto.manual.Integrity to be added to list
key | string |
algorithm | string (netgate.ipsec.DataplaneEspIntegrityAlgorithmT) Enum: "md5" "sha1" "sha256" "sha384" "sha512" |
Object created
Internal error
Object already exists
Example URL
creates or updates netgate.ipsec.ipsecconfig.tunnel.crypto.manual.Integrity
instance required | integer <int64> Id of tunnel |
netgate.ipsec.ipsecconfig.tunnel.crypto.manual.Integrity to be added or updated
netgate-ipsec:integrity | object (netgate.ipsec.ipsecconfig.tunnel.crypto.manual.Integrity) |
Object created
Object modified
Internal error
Example URL
removes netgate.ipsec.ipsecconfig.tunnel.crypto.manual.Integrity
instance required | integer <int64> Id of tunnel |
Object deleted
Internal error
package main import ( "fmt" "net/http" "io/ioutil" ) func main() { url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel=%7Binstance%7D/netgate-ipsec:crypto/netgate-ipsec:manual/netgate-ipsec:integrity" req, _ := http.NewRequest("DELETE", url, nil) res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := ioutil.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) }
Example URL
Operational state data for IPsec.
netgate.ipsec.IpsecState
Internal error
package main import ( "fmt" "net/http" "io/ioutil" ) func main() { url := "http://hostname/restconf/data/netgate-ipsec:ipsec-state" req, _ := http.NewRequest("GET", url, nil) res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := ioutil.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) }
Example URL
IPsec tunnel
instance required | integer <int64> Id of tunnel |
netgate.ipsec.ipsecstate.Tunnel
Internal error
package main import ( "fmt" "net/http" "io/ioutil" ) func main() { url := "http://hostname/restconf/data/netgate-ipsec:ipsec-state/netgate-ipsec:tunnel=%7Binstance%7D" req, _ := http.NewRequest("GET", url, nil) res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := ioutil.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) }
Example URL
IKE SA
instance required | integer <int64> Id of tunnel |
ike-unique-id required | integer <int64> Id of ike-sa |
netgate.ipsec.ipsecstate.tunnel.IkeSa
Internal error
package main import ( "fmt" "net/http" "io/ioutil" ) func main() { url := "http://hostname/restconf/data/netgate-ipsec:ipsec-state/netgate-ipsec:tunnel=%7Binstance%7D/netgate-ipsec:ike-sa=%7Bike-unique-id%7D" req, _ := http.NewRequest("GET", url, nil) res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := ioutil.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) }
Example URL
Child SA
instance required | integer <int64> Id of tunnel |
ike-unique-id required | integer <int64> Id of ike-sa |
name required | string Id of child-sa |
netgate.ipsec.ipsecstate.tunnel.ikesa.ChildSa
Internal error
package main import ( "fmt" "net/http" "io/ioutil" ) func main() { url := "http://hostname/restconf/data/netgate-ipsec:ipsec-state/netgate-ipsec:tunnel=%7Binstance%7D/netgate-ipsec:ike-sa=%7Bike-unique-id%7D/netgate-ipsec:child-sa=%7Bname%7D" req, _ := http.NewRequest("GET", url, nil) res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := ioutil.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) }
Example URL
Child SA instance
instance required | integer <int64> Id of tunnel |
ike-unique-id required | integer <int64> Id of ike-sa |
name required | string Id of child-sa |
unique-id required | integer <int64> Id of sa |
netgate.ipsec.ipsecstate.tunnel.ikesa.childsa.Sa
Internal error
package main import ( "fmt" "net/http" "io/ioutil" ) func main() { url := "http://hostname/restconf/data/netgate-ipsec:ipsec-state/netgate-ipsec:tunnel=%7Binstance%7D/netgate-ipsec:ike-sa=%7Bike-unique-id%7D/netgate-ipsec:child-sa=%7Bname%7D/netgate-ipsec:sa=%7Bunique-id%7D" req, _ := http.NewRequest("GET", url, nil) res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := ioutil.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) }
Example URL
Cryptographic Parameters
instance required | integer <int64> Id of tunnel |
ike-unique-id required | integer <int64> Id of ike-sa |
name required | string Id of child-sa |
unique-id required | integer <int64> Id of sa |
netgate.ipsec.ipsecstate.tunnel.ikesa.childsa.sa.Crypto
Internal error
package main import ( "fmt" "net/http" "io/ioutil" ) func main() { url := "http://hostname/restconf/data/netgate-ipsec:ipsec-state/netgate-ipsec:tunnel=%7Binstance%7D/netgate-ipsec:ike-sa=%7Bike-unique-id%7D/netgate-ipsec:child-sa=%7Bname%7D/netgate-ipsec:sa=%7Bunique-id%7D/netgate-ipsec:crypto" req, _ := http.NewRequest("GET", url, nil) res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := ioutil.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) }
Example URL
SA status
instance required | integer <int64> Id of tunnel |
ike-unique-id required | integer <int64> Id of ike-sa |
name required | string Id of child-sa |
unique-id required | integer <int64> Id of sa |
netgate.ipsec.ipsecstate.tunnel.ikesa.childsa.sa.Status
Internal error
package main import ( "fmt" "net/http" "io/ioutil" ) func main() { url := "http://hostname/restconf/data/netgate-ipsec:ipsec-state/netgate-ipsec:tunnel=%7Binstance%7D/netgate-ipsec:ike-sa=%7Bike-unique-id%7D/netgate-ipsec:child-sa=%7Bname%7D/netgate-ipsec:sa=%7Bunique-id%7D/netgate-ipsec:status" req, _ := http.NewRequest("GET", url, nil) res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := ioutil.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) }
Example URL
Cryptographic Parameters
instance required | integer <int64> Id of tunnel |
ike-unique-id required | integer <int64> Id of ike-sa |
netgate.ipsec.ipsecstate.tunnel.ikesa.Crypto
Internal error
package main import ( "fmt" "net/http" "io/ioutil" ) func main() { url := "http://hostname/restconf/data/netgate-ipsec:ipsec-state/netgate-ipsec:tunnel=%7Binstance%7D/netgate-ipsec:ike-sa=%7Bike-unique-id%7D/netgate-ipsec:crypto" req, _ := http.NewRequest("GET", url, nil) res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := ioutil.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) }
Example URL
SA status
instance required | integer <int64> Id of tunnel |
ike-unique-id required | integer <int64> Id of ike-sa |
netgate.ipsec.ipsecstate.tunnel.ikesa.Status
Internal error
package main import ( "fmt" "net/http" "io/ioutil" ) func main() { url := "http://hostname/restconf/data/netgate-ipsec:ipsec-state/netgate-ipsec:tunnel=%7Binstance%7D/netgate-ipsec:ike-sa=%7Bike-unique-id%7D/netgate-ipsec:status" req, _ := http.NewRequest("GET", url, nil) res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := ioutil.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) }