netgate-ipsec API (19.02)

This YANG module provides mappings of the CLI command structure to the underlying data-model elements for the Netgate router.

ipsec-config

returns netgate.ipsec.IpsecConfig

get /data/netgate-ipsec:ipsec-config

Example URL

https://hostname/restconf/data/netgate-ipsec:ipsec-config

returns netgate.ipsec.IpsecConfig

Responses

200

netgate.ipsec.IpsecConfig

400

Internal error

Request samples

Go
javascript
Python
Shell

Copy

package main

import (
	"fmt"
	"net/http"
	"io/ioutil"
)

func main() {

	url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config"

	req, _ := http.NewRequest("GET", url, nil)

	res, _ := http.DefaultClient.Do(req)

	defer res.Body.Close()
	body, _ := ioutil.ReadAll(res.Body)

	fmt.Println(res)
	fmt.Println(string(body))

}

Response samples

Content type

application/yang-data+json

Copy

Expand all Collapse all

{

"netgate-ipsec:ipsec-config":
{
- "tunnel":
  [
  - {
    "remote-type": "gateway",
    "tunnel-type": "interface",
    "remote-addr": "string",
    "instance": 0,
    "local-addr": "string",
    "crypto":
    {
    "ike":
    {
    "key-renewal": "reauth",
    "role": "initiator-only",
    "child-sa":
    [
    {
    "proposal":
    [
    {
    "name": "string",
    "sequence-number": "esn",
    "encryption-algorithm": "aes128gcm16",
    "dh-group": "modp768",
    "integrity-algorithm": "md5"
    }
    ],
    "mode": "tunnel",
    "protocol": "esp",
    "lifetime": 3600,
    "name": "string",
    "traffic-selector":
    [
    {
    "number": 0,
    "remote-net": "string",
    "local-net": "string"
    }
    ],
    "replay-window": 0
    }
    ],
    "identity":
    [
    {
    "type": "none",
    "value": "string",
    "peer": "remote"
    }
    ],
    "lifetime": 14400,
    "proposals":
    [
    {
    "name": "string",
    "encryption-algorithm": "aes128",
    "prf": "prfmd5",
    "dh-group": "modp768",
    "integrity-algorithm": "md5"
    }
    ],
    "dpd-poll-interval": 0,
    "version": 2,
    "authentication":
    [
    {
    "round":
    [
    {
    "number": 0,
    "psk": "string",
    "type": "psk"
    }
    ],
    "peer": "remote"
    }
    ]
    },
    "manual":
    {
    "protocol": "esp",
    "integrity":
    {
    "key": "string",
    "algorithm": "md5"
    },
    "encryption":
    {
    "key": "string",
    "algorithm": "aes128gcm16"
    }
    },
    "config-type": "ike"
    }
    }
  ]
}

}

creates netgate.ipsec.IpsecConfig

post /data/netgate-ipsec:ipsec-config

Example URL

https://hostname/restconf/data/netgate-ipsec:ipsec-config

creates netgate.ipsec.IpsecConfig

Request Body schema: application/yang-data+json

netgate.ipsec.IpsecConfig to be added to list

tunnel

Array of objects (netgate.ipsec.ipsecconfig.Tunnel)

IPsec tunnel configurations

Responses

201

Object created

400

Internal error

409

Object already exists

Request samples

Payload
Go
javascript
Python
Shell

Content type

application/yang-data+json

Copy

Expand all Collapse all

{

"tunnel":
[
- {
  - "remote-type": "gateway",
  - "tunnel-type": "interface",
  - "remote-addr": "string",
  - "instance": 0,
  - "local-addr": "string",
  - "crypto":
    {
    "ike":
    {
    "key-renewal": "reauth",
    "role": "initiator-only",
    "child-sa":
    [
    {
    "proposal":
    [
    {
    "name": "string",
    "sequence-number": "esn",
    "encryption-algorithm": "aes128gcm16",
    "dh-group": "modp768",
    "integrity-algorithm": "md5"
    }
    ],
    "mode": "tunnel",
    "protocol": "esp",
    "lifetime": 3600,
    "name": "string",
    "traffic-selector":
    [
    {
    "number": 0,
    "remote-net": "string",
    "local-net": "string"
    }
    ],
    "replay-window": 0
    }
    ],
    "identity":
    [
    {
    "type": "none",
    "value": "string",
    "peer": "remote"
    }
    ],
    "lifetime": 14400,
    "proposals":
    [
    {
    "name": "string",
    "encryption-algorithm": "aes128",
    "prf": "prfmd5",
    "dh-group": "modp768",
    "integrity-algorithm": "md5"
    }
    ],
    "dpd-poll-interval": 0,
    "version": 2,
    "authentication":
    [
    {
    "round":
    [
    {
    "number": 0,
    "psk": "string",
    "type": "psk"
    }
    ],
    "peer": "remote"
    }
    ]
    },
    "manual":
    {
    "protocol": "esp",
    "integrity":
    {
    "key": "string",
    "algorithm": "md5"
    },
    "encryption":
    {
    "key": "string",
    "algorithm": "aes128gcm16"
    }
    },
    "config-type": "ike"
    }
  }
]

}

creates or updates netgate.ipsec.IpsecConfig

put /data/netgate-ipsec:ipsec-config

Example URL

https://hostname/restconf/data/netgate-ipsec:ipsec-config

creates or updates netgate.ipsec.IpsecConfig

Request Body schema: application/yang-data+json

netgate.ipsec.IpsecConfig to be added or updated

netgate-ipsec:ipsec-config

object (netgate.ipsec.IpsecConfig)

Responses

201

Object created

204

Object modified

400

Internal error

Request samples

Payload
Go
javascript
Python
Shell

Content type

application/yang-data+json

Copy

Expand all Collapse all

{

"netgate-ipsec:ipsec-config":
{
- "tunnel":
  [
  - {
    "remote-type": "gateway",
    "tunnel-type": "interface",
    "remote-addr": "string",
    "instance": 0,
    "local-addr": "string",
    "crypto":
    {
    "ike":
    {
    "key-renewal": "reauth",
    "role": "initiator-only",
    "child-sa":
    [
    {
    "proposal":
    [
    {
    "name": "string",
    "sequence-number": "esn",
    "encryption-algorithm": "aes128gcm16",
    "dh-group": "modp768",
    "integrity-algorithm": "md5"
    }
    ],
    "mode": "tunnel",
    "protocol": "esp",
    "lifetime": 3600,
    "name": "string",
    "traffic-selector":
    [
    {
    "number": 0,
    "remote-net": "string",
    "local-net": "string"
    }
    ],
    "replay-window": 0
    }
    ],
    "identity":
    [
    {
    "type": "none",
    "value": "string",
    "peer": "remote"
    }
    ],
    "lifetime": 14400,
    "proposals":
    [
    {
    "name": "string",
    "encryption-algorithm": "aes128",
    "prf": "prfmd5",
    "dh-group": "modp768",
    "integrity-algorithm": "md5"
    }
    ],
    "dpd-poll-interval": 0,
    "version": 2,
    "authentication":
    [
    {
    "round":
    [
    {
    "number": 0,
    "psk": "string",
    "type": "psk"
    }
    ],
    "peer": "remote"
    }
    ]
    },
    "manual":
    {
    "protocol": "esp",
    "integrity":
    {
    "key": "string",
    "algorithm": "md5"
    },
    "encryption":
    {
    "key": "string",
    "algorithm": "aes128gcm16"
    }
    },
    "config-type": "ike"
    }
    }
  ]
}

}

removes netgate.ipsec.IpsecConfig

delete /data/netgate-ipsec:ipsec-config

Example URL

https://hostname/restconf/data/netgate-ipsec:ipsec-config

removes netgate.ipsec.IpsecConfig

Responses

204

Object deleted

400

Internal error

Request samples

Go
javascript
Python
Shell

Copy

package main

import (
	"fmt"
	"net/http"
	"io/ioutil"
)

func main() {

	url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config"

	req, _ := http.NewRequest("DELETE", url, nil)

	res, _ := http.DefaultClient.Do(req)

	defer res.Body.Close()
	body, _ := ioutil.ReadAll(res.Body)

	fmt.Println(res)
	fmt.Println(string(body))

}

creates netgate.ipsec.ipsecconfig.Tunnel

post /data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel

Example URL

https://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel

IPsec tunnel configurations

Request Body schema: application/yang-data+json

netgate.ipsec.ipsecconfig.Tunnel to be added to list

remote-type	string (netgate.ipsec.RemoteType) Enum: "gateway" "endpoint"
tunnel-type	string (netgate.ipsec.TunnelType) Value: "interface"
remote-addr	string IP address or hostname of remote tunnel peer.
instance	integer <int64> Numeric identifier of tunnel
local-addr	string IP address used locally to terminate tunnel.
crypto	object (netgate.ipsec.ipsecconfig.tunnel.Crypto)

Responses

201

Object created

400

Internal error

409

Object already exists

Request samples

Payload
Go
javascript
Python
Shell

Content type

application/yang-data+json

Copy

Expand all Collapse all

{

"remote-type": "gateway",
"tunnel-type": "interface",
"remote-addr": "string",
"instance": 0,
"local-addr": "string",
"crypto":
{
- "ike":
  {
  - "key-renewal": "reauth",
  - "role": "initiator-only",
  - "child-sa":
    [
    {
    "proposal":
    [
    {
    "name": "string",
    "sequence-number": "esn",
    "encryption-algorithm": "aes128gcm16",
    "dh-group": "modp768",
    "integrity-algorithm": "md5"
    }
    ],
    "mode": "tunnel",
    "protocol": "esp",
    "lifetime": 3600,
    "name": "string",
    "traffic-selector":
    [
    {
    "number": 0,
    "remote-net": "string",
    "local-net": "string"
    }
    ],
    "replay-window": 0
    }
    ],
  - "identity":
    [
    {
    "type": "none",
    "value": "string",
    "peer": "remote"
    }
    ],
  - "lifetime": 14400,
  - "proposals":
    [
    {
    "name": "string",
    "encryption-algorithm": "aes128",
    "prf": "prfmd5",
    "dh-group": "modp768",
    "integrity-algorithm": "md5"
    }
    ],
  - "dpd-poll-interval": 0,
  - "version": 2,
  - "authentication":
    [
    {
    "round":
    [
    {
    "number": 0,
    "psk": "string",
    "type": "psk"
    }
    ],
    "peer": "remote"
    }
    ]
  },
- "manual":
  {
  - "protocol": "esp",
  - "integrity":
    {
    "key": "string",
    "algorithm": "md5"
    },
  - "encryption":
    {
    "key": "string",
    "algorithm": "aes128gcm16"
    }
  },
- "config-type": "ike"
}

}

returns netgate.ipsec.ipsecconfig.Tunnel

get /data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}

Example URL

https://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}

IPsec tunnel configurations

path Parameters

instance

required

integer <int64>

Id of tunnel

Responses

200

netgate.ipsec.ipsecconfig.Tunnel

400

Internal error

Request samples

Go
javascript
Python
Shell

Copy

package main

import (
	"fmt"
	"net/http"
	"io/ioutil"
)

func main() {

	url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel=%7Binstance%7D"

	req, _ := http.NewRequest("GET", url, nil)

	res, _ := http.DefaultClient.Do(req)

	defer res.Body.Close()
	body, _ := ioutil.ReadAll(res.Body)

	fmt.Println(res)
	fmt.Println(string(body))

}

Response samples

Content type

application/yang-data+json

Copy

Expand all Collapse all

{

"netgate-ipsec:tunnel":
{
- "remote-type": "gateway",
- "tunnel-type": "interface",
- "remote-addr": "string",
- "instance": 0,
- "local-addr": "string",
- "crypto":
  {
  - "ike":
    {
    "key-renewal": "reauth",
    "role": "initiator-only",
    "child-sa":
    [
    {
    "proposal":
    [
    {
    "name": "string",
    "sequence-number": "esn",
    "encryption-algorithm": "aes128gcm16",
    "dh-group": "modp768",
    "integrity-algorithm": "md5"
    }
    ],
    "mode": "tunnel",
    "protocol": "esp",
    "lifetime": 3600,
    "name": "string",
    "traffic-selector":
    [
    {
    "number": 0,
    "remote-net": "string",
    "local-net": "string"
    }
    ],
    "replay-window": 0
    }
    ],
    "identity":
    [
    {
    "type": "none",
    "value": "string",
    "peer": "remote"
    }
    ],
    "lifetime": 14400,
    "proposals":
    [
    {
    "name": "string",
    "encryption-algorithm": "aes128",
    "prf": "prfmd5",
    "dh-group": "modp768",
    "integrity-algorithm": "md5"
    }
    ],
    "dpd-poll-interval": 0,
    "version": 2,
    "authentication":
    [
    {
    "round":
    [
    {
    "number": 0,
    "psk": "string",
    "type": "psk"
    }
    ],
    "peer": "remote"
    }
    ]
    },
  - "manual":
    {
    "protocol": "esp",
    "integrity":
    {
    "key": "string",
    "algorithm": "md5"
    },
    "encryption":
    {
    "key": "string",
    "algorithm": "aes128gcm16"
    }
    },
  - "config-type": "ike"
  }
}

}

creates netgate.ipsec.ipsecconfig.Tunnel

post /data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}

Example URL

https://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}

IPsec tunnel configurations

path Parameters

instance

required

integer <int64>

Id of tunnel

Request Body schema: application/yang-data+json

netgate.ipsec.ipsecconfig.Tunnel to be added to list

remote-type	string (netgate.ipsec.RemoteType) Enum: "gateway" "endpoint"
tunnel-type	string (netgate.ipsec.TunnelType) Value: "interface"
remote-addr	string IP address or hostname of remote tunnel peer.
instance	integer <int64> Numeric identifier of tunnel
local-addr	string IP address used locally to terminate tunnel.
crypto	object (netgate.ipsec.ipsecconfig.tunnel.Crypto)

Responses

201

Object created

400

Internal error

409

Object already exists

Request samples

Payload
Go
javascript
Python
Shell

Content type

application/yang-data+json

Copy

Expand all Collapse all

{

"remote-type": "gateway",
"tunnel-type": "interface",
"remote-addr": "string",
"instance": 0,
"local-addr": "string",
"crypto":
{
- "ike":
  {
  - "key-renewal": "reauth",
  - "role": "initiator-only",
  - "child-sa":
    [
    {
    "proposal":
    [
    {
    "name": "string",
    "sequence-number": "esn",
    "encryption-algorithm": "aes128gcm16",
    "dh-group": "modp768",
    "integrity-algorithm": "md5"
    }
    ],
    "mode": "tunnel",
    "protocol": "esp",
    "lifetime": 3600,
    "name": "string",
    "traffic-selector":
    [
    {
    "number": 0,
    "remote-net": "string",
    "local-net": "string"
    }
    ],
    "replay-window": 0
    }
    ],
  - "identity":
    [
    {
    "type": "none",
    "value": "string",
    "peer": "remote"
    }
    ],
  - "lifetime": 14400,
  - "proposals":
    [
    {
    "name": "string",
    "encryption-algorithm": "aes128",
    "prf": "prfmd5",
    "dh-group": "modp768",
    "integrity-algorithm": "md5"
    }
    ],
  - "dpd-poll-interval": 0,
  - "version": 2,
  - "authentication":
    [
    {
    "round":
    [
    {
    "number": 0,
    "psk": "string",
    "type": "psk"
    }
    ],
    "peer": "remote"
    }
    ]
  },
- "manual":
  {
  - "protocol": "esp",
  - "integrity":
    {
    "key": "string",
    "algorithm": "md5"
    },
  - "encryption":
    {
    "key": "string",
    "algorithm": "aes128gcm16"
    }
  },
- "config-type": "ike"
}

}

creates or updates netgate.ipsec.ipsecconfig.Tunnel

put /data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}

Example URL

https://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}

IPsec tunnel configurations

path Parameters

instance

required

integer <int64>

Id of tunnel

Request Body schema: application/yang-data+json

netgate.ipsec.ipsecconfig.Tunnel to be added or updated

netgate-ipsec:tunnel

object (netgate.ipsec.ipsecconfig.Tunnel)

Responses

201

Object created

204

Object modified

400

Internal error

Request samples

Payload
Go
javascript
Python
Shell

Content type

application/yang-data+json

Copy

Expand all Collapse all

{

"netgate-ipsec:tunnel":
{
- "remote-type": "gateway",
- "tunnel-type": "interface",
- "remote-addr": "string",
- "instance": 0,
- "local-addr": "string",
- "crypto":
  {
  - "ike":
    {
    "key-renewal": "reauth",
    "role": "initiator-only",
    "child-sa":
    [
    {
    "proposal":
    [
    {
    "name": "string",
    "sequence-number": "esn",
    "encryption-algorithm": "aes128gcm16",
    "dh-group": "modp768",
    "integrity-algorithm": "md5"
    }
    ],
    "mode": "tunnel",
    "protocol": "esp",
    "lifetime": 3600,
    "name": "string",
    "traffic-selector":
    [
    {
    "number": 0,
    "remote-net": "string",
    "local-net": "string"
    }
    ],
    "replay-window": 0
    }
    ],
    "identity":
    [
    {
    "type": "none",
    "value": "string",
    "peer": "remote"
    }
    ],
    "lifetime": 14400,
    "proposals":
    [
    {
    "name": "string",
    "encryption-algorithm": "aes128",
    "prf": "prfmd5",
    "dh-group": "modp768",
    "integrity-algorithm": "md5"
    }
    ],
    "dpd-poll-interval": 0,
    "version": 2,
    "authentication":
    [
    {
    "round":
    [
    {
    "number": 0,
    "psk": "string",
    "type": "psk"
    }
    ],
    "peer": "remote"
    }
    ]
    },
  - "manual":
    {
    "protocol": "esp",
    "integrity":
    {
    "key": "string",
    "algorithm": "md5"
    },
    "encryption":
    {
    "key": "string",
    "algorithm": "aes128gcm16"
    }
    },
  - "config-type": "ike"
  }
}

}

removes netgate.ipsec.ipsecconfig.Tunnel

delete /data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}

Example URL

https://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}

IPsec tunnel configurations

path Parameters

instance

required

integer <int64>

Id of tunnel

Responses

204

Object deleted

400

Internal error

Request samples

Go
javascript
Python
Shell

Copy

package main

import (
	"fmt"
	"net/http"
	"io/ioutil"
)

func main() {

	url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel=%7Binstance%7D"

	req, _ := http.NewRequest("DELETE", url, nil)

	res, _ := http.DefaultClient.Do(req)

	defer res.Body.Close()
	body, _ := ioutil.ReadAll(res.Body)

	fmt.Println(res)
	fmt.Println(string(body))

}

returns netgate.ipsec.ipsecconfig.tunnel.Crypto

get /data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto

Example URL

https://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto

Tunnel cryptographic settings

path Parameters

instance

required

integer <int64>

Id of tunnel

Responses

200

netgate.ipsec.ipsecconfig.tunnel.Crypto

400

Internal error

Request samples

Go
javascript
Python
Shell

Copy

package main

import (
	"fmt"
	"net/http"
	"io/ioutil"
)

func main() {

	url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel=%7Binstance%7D/netgate-ipsec:crypto"

	req, _ := http.NewRequest("GET", url, nil)

	res, _ := http.DefaultClient.Do(req)

	defer res.Body.Close()
	body, _ := ioutil.ReadAll(res.Body)

	fmt.Println(res)
	fmt.Println(string(body))

}

Response samples

Content type

application/yang-data+json

Copy

Expand all Collapse all

{

"netgate-ipsec:crypto":
{
- "ike":
  {
  - "key-renewal": "reauth",
  - "role": "initiator-only",
  - "child-sa":
    [
    {
    "proposal":
    [
    {
    "name": "string",
    "sequence-number": "esn",
    "encryption-algorithm": "aes128gcm16",
    "dh-group": "modp768",
    "integrity-algorithm": "md5"
    }
    ],
    "mode": "tunnel",
    "protocol": "esp",
    "lifetime": 3600,
    "name": "string",
    "traffic-selector":
    [
    {
    "number": 0,
    "remote-net": "string",
    "local-net": "string"
    }
    ],
    "replay-window": 0
    }
    ],
  - "identity":
    [
    {
    "type": "none",
    "value": "string",
    "peer": "remote"
    }
    ],
  - "lifetime": 14400,
  - "proposals":
    [
    {
    "name": "string",
    "encryption-algorithm": "aes128",
    "prf": "prfmd5",
    "dh-group": "modp768",
    "integrity-algorithm": "md5"
    }
    ],
  - "dpd-poll-interval": 0,
  - "version": 2,
  - "authentication":
    [
    {
    "round":
    [
    {
    "number": 0,
    "psk": "string",
    "type": "psk"
    }
    ],
    "peer": "remote"
    }
    ]
  },
- "manual":
  {
  - "protocol": "esp",
  - "integrity":
    {
    "key": "string",
    "algorithm": "md5"
    },
  - "encryption":
    {
    "key": "string",
    "algorithm": "aes128gcm16"
    }
  },
- "config-type": "ike"
}

}

creates netgate.ipsec.ipsecconfig.tunnel.Crypto

post /data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto

Example URL

https://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto

Tunnel cryptographic settings

path Parameters

instance

required

integer <int64>

Id of tunnel

Request Body schema: application/yang-data+json

netgate.ipsec.ipsecconfig.tunnel.Crypto to be added to list

ike	object (netgate.ipsec.ipsecconfig.tunnel.crypto.Ike)
manual	object (netgate.ipsec.ipsecconfig.tunnel.crypto.Manual)
config-type	string (netgate.ipsec.ConfigType) Enum: "ike" "manual"

Responses

201

Object created

400

Internal error

409

Object already exists

Request samples

Payload
Go
javascript
Python
Shell

Content type

application/yang-data+json

Copy

Expand all Collapse all

{

"ike":
{
- "key-renewal": "reauth",
- "role": "initiator-only",
- "child-sa":
  [
  - {
    "proposal":
    [
    {
    "name": "string",
    "sequence-number": "esn",
    "encryption-algorithm": "aes128gcm16",
    "dh-group": "modp768",
    "integrity-algorithm": "md5"
    }
    ],
    "mode": "tunnel",
    "protocol": "esp",
    "lifetime": 3600,
    "name": "string",
    "traffic-selector":
    [
    {
    "number": 0,
    "remote-net": "string",
    "local-net": "string"
    }
    ],
    "replay-window": 0
    }
  ],
- "identity":
  [
  - {
    "type": "none",
    "value": "string",
    "peer": "remote"
    }
  ],
- "lifetime": 14400,
- "proposals":
  [
  - {
    "name": "string",
    "encryption-algorithm": "aes128",
    "prf": "prfmd5",
    "dh-group": "modp768",
    "integrity-algorithm": "md5"
    }
  ],
- "dpd-poll-interval": 0,
- "version": 2,
- "authentication":
  [
  - {
    "round":
    [
    {
    "number": 0,
    "psk": "string",
    "type": "psk"
    }
    ],
    "peer": "remote"
    }
  ]
},
"manual":
{
- "protocol": "esp",
- "integrity":
  {
  - "key": "string",
  - "algorithm": "md5"
  },
- "encryption":
  {
  - "key": "string",
  - "algorithm": "aes128gcm16"
  }
},
"config-type": "ike"

}

creates or updates netgate.ipsec.ipsecconfig.tunnel.Crypto

put /data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto

Example URL

https://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto

Tunnel cryptographic settings

path Parameters

instance

required

integer <int64>

Id of tunnel

Request Body schema: application/yang-data+json

netgate.ipsec.ipsecconfig.tunnel.Crypto to be added or updated

netgate-ipsec:crypto

object (netgate.ipsec.ipsecconfig.tunnel.Crypto)

Responses

201

Object created

204

Object modified

400

Internal error

Request samples

Payload
Go
javascript
Python
Shell

Content type

application/yang-data+json

Copy

Expand all Collapse all

{

"netgate-ipsec:crypto":
{
- "ike":
  {
  - "key-renewal": "reauth",
  - "role": "initiator-only",
  - "child-sa":
    [
    {
    "proposal":
    [
    {
    "name": "string",
    "sequence-number": "esn",
    "encryption-algorithm": "aes128gcm16",
    "dh-group": "modp768",
    "integrity-algorithm": "md5"
    }
    ],
    "mode": "tunnel",
    "protocol": "esp",
    "lifetime": 3600,
    "name": "string",
    "traffic-selector":
    [
    {
    "number": 0,
    "remote-net": "string",
    "local-net": "string"
    }
    ],
    "replay-window": 0
    }
    ],
  - "identity":
    [
    {
    "type": "none",
    "value": "string",
    "peer": "remote"
    }
    ],
  - "lifetime": 14400,
  - "proposals":
    [
    {
    "name": "string",
    "encryption-algorithm": "aes128",
    "prf": "prfmd5",
    "dh-group": "modp768",
    "integrity-algorithm": "md5"
    }
    ],
  - "dpd-poll-interval": 0,
  - "version": 2,
  - "authentication":
    [
    {
    "round":
    [
    {
    "number": 0,
    "psk": "string",
    "type": "psk"
    }
    ],
    "peer": "remote"
    }
    ]
  },
- "manual":
  {
  - "protocol": "esp",
  - "integrity":
    {
    "key": "string",
    "algorithm": "md5"
    },
  - "encryption":
    {
    "key": "string",
    "algorithm": "aes128gcm16"
    }
  },
- "config-type": "ike"
}

}

removes netgate.ipsec.ipsecconfig.tunnel.Crypto

delete /data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto

Example URL

https://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto

Tunnel cryptographic settings

path Parameters

instance

required

integer <int64>

Id of tunnel

Responses

204

Object deleted

400

Internal error

Request samples

Go
javascript
Python
Shell

Copy

package main

import (
	"fmt"
	"net/http"
	"io/ioutil"
)

func main() {

	url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel=%7Binstance%7D/netgate-ipsec:crypto"

	req, _ := http.NewRequest("DELETE", url, nil)

	res, _ := http.DefaultClient.Do(req)

	defer res.Body.Close()
	body, _ := ioutil.ReadAll(res.Body)

	fmt.Println(res)
	fmt.Println(string(body))

}

returns netgate.ipsec.ipsecconfig.tunnel.crypto.Ike

get /data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:ike

Example URL

https://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:ike

returns netgate.ipsec.ipsecconfig.tunnel.crypto.Ike

path Parameters

instance

required

integer <int64>

Id of tunnel

Responses

200

netgate.ipsec.ipsecconfig.tunnel.crypto.Ike

400

Internal error

Request samples

Go
javascript
Python
Shell

Copy

package main

import (
	"fmt"
	"net/http"
	"io/ioutil"
)

func main() {

	url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel=%7Binstance%7D/netgate-ipsec:crypto/netgate-ipsec:ike"

	req, _ := http.NewRequest("GET", url, nil)

	res, _ := http.DefaultClient.Do(req)

	defer res.Body.Close()
	body, _ := ioutil.ReadAll(res.Body)

	fmt.Println(res)
	fmt.Println(string(body))

}

Response samples

Content type

application/yang-data+json

Copy

Expand all Collapse all

{

"netgate-ipsec:ike":
{
- "key-renewal": "reauth",
- "role": "initiator-only",
- "child-sa":
  [
  - {
    "proposal":
    [
    {
    "name": "string",
    "sequence-number": "esn",
    "encryption-algorithm": "aes128gcm16",
    "dh-group": "modp768",
    "integrity-algorithm": "md5"
    }
    ],
    "mode": "tunnel",
    "protocol": "esp",
    "lifetime": 3600,
    "name": "string",
    "traffic-selector":
    [
    {
    "number": 0,
    "remote-net": "string",
    "local-net": "string"
    }
    ],
    "replay-window": 0
    }
  ],
- "identity":
  [
  - {
    "type": "none",
    "value": "string",
    "peer": "remote"
    }
  ],
- "lifetime": 14400,
- "proposals":
  [
  - {
    "name": "string",
    "encryption-algorithm": "aes128",
    "prf": "prfmd5",
    "dh-group": "modp768",
    "integrity-algorithm": "md5"
    }
  ],
- "dpd-poll-interval": 0,
- "version": 2,
- "authentication":
  [
  - {
    "round":
    [
    {
    "number": 0,
    "psk": "string",
    "type": "psk"
    }
    ],
    "peer": "remote"
    }
  ]
}

}

creates netgate.ipsec.ipsecconfig.tunnel.crypto.Ike

post /data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:ike

Example URL

https://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:ike

creates netgate.ipsec.ipsecconfig.tunnel.crypto.Ike

path Parameters

instance

required

integer <int64>

Id of tunnel

Request Body schema: application/yang-data+json

netgate.ipsec.ipsecconfig.tunnel.crypto.Ike to be added to list

key-renewal	string (netgate.ipsec.KeyRenewalT) Enum: "reauth" "rekey"
role	string (netgate.ipsec.Role) Enum: "initiator-only" "responder-only" "both"
child-sa	Array of objects (netgate.ipsec.ipsecconfig.tunnel.crypto.ike.ChildSa) Child (phase 2) SA.
identity	Array of objects (netgate.ipsec.ipsecconfig.tunnel.crypto.ike.Identity) The ID data for one peer in the SA
lifetime	integer <int64> Default: 14400 Lifetime of IKE SA in seconds.
proposals	Array of objects (netgate.ipsec.ipsecconfig.tunnel.crypto.ike.Proposals) Proposed parameters for IKE SA
dpd-poll-interval	integer <int32> Seconds between DPD peer status checks.
version	integer <int32> Default: 2
authentication	Array of objects (netgate.ipsec.ipsecconfig.tunnel.crypto.ike.Authentication) The auth data for an IKE peer

Responses

201

Object created

400

Internal error

409

Object already exists

Request samples

Payload
Go
javascript
Python
Shell

Content type

application/yang-data+json

Copy

Expand all Collapse all

{

"key-renewal": "reauth",
"role": "initiator-only",
"child-sa":
[
- {
  - "proposal":
    [
    {
    "name": "string",
    "sequence-number": "esn",
    "encryption-algorithm": "aes128gcm16",
    "dh-group": "modp768",
    "integrity-algorithm": "md5"
    }
    ],
  - "mode": "tunnel",
  - "protocol": "esp",
  - "lifetime": 3600,
  - "name": "string",
  - "traffic-selector":
    [
    {
    "number": 0,
    "remote-net": "string",
    "local-net": "string"
    }
    ],
  - "replay-window": 0
  }
],
"identity":
[
- {
  - "type": "none",
  - "value": "string",
  - "peer": "remote"
  }
],
"lifetime": 14400,
"proposals":
[
- {
  - "name": "string",
  - "encryption-algorithm": "aes128",
  - "prf": "prfmd5",
  - "dh-group": "modp768",
  - "integrity-algorithm": "md5"
  }
],
"dpd-poll-interval": 0,
"version": 2,
"authentication":
[
- {
  - "round":
    [
    {
    "number": 0,
    "psk": "string",
    "type": "psk"
    }
    ],
  - "peer": "remote"
  }
]

}

creates or updates netgate.ipsec.ipsecconfig.tunnel.crypto.Ike

put /data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:ike

Example URL

https://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:ike

creates or updates netgate.ipsec.ipsecconfig.tunnel.crypto.Ike

path Parameters

instance

required

integer <int64>

Id of tunnel

Request Body schema: application/yang-data+json

netgate.ipsec.ipsecconfig.tunnel.crypto.Ike to be added or updated

netgate-ipsec:ike

object (netgate.ipsec.ipsecconfig.tunnel.crypto.Ike)

Responses

201

Object created

204

Object modified

400

Internal error

Request samples

Payload
Go
javascript
Python
Shell

Content type

application/yang-data+json

Copy

Expand all Collapse all

{

"netgate-ipsec:ike":
{
- "key-renewal": "reauth",
- "role": "initiator-only",
- "child-sa":
  [
  - {
    "proposal":
    [
    {
    "name": "string",
    "sequence-number": "esn",
    "encryption-algorithm": "aes128gcm16",
    "dh-group": "modp768",
    "integrity-algorithm": "md5"
    }
    ],
    "mode": "tunnel",
    "protocol": "esp",
    "lifetime": 3600,
    "name": "string",
    "traffic-selector":
    [
    {
    "number": 0,
    "remote-net": "string",
    "local-net": "string"
    }
    ],
    "replay-window": 0
    }
  ],
- "identity":
  [
  - {
    "type": "none",
    "value": "string",
    "peer": "remote"
    }
  ],
- "lifetime": 14400,
- "proposals":
  [
  - {
    "name": "string",
    "encryption-algorithm": "aes128",
    "prf": "prfmd5",
    "dh-group": "modp768",
    "integrity-algorithm": "md5"
    }
  ],
- "dpd-poll-interval": 0,
- "version": 2,
- "authentication":
  [
  - {
    "round":
    [
    {
    "number": 0,
    "psk": "string",
    "type": "psk"
    }
    ],
    "peer": "remote"
    }
  ]
}

}

removes netgate.ipsec.ipsecconfig.tunnel.crypto.Ike

delete /data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:ike

Example URL

https://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:ike

removes netgate.ipsec.ipsecconfig.tunnel.crypto.Ike

path Parameters

instance

required

integer <int64>

Id of tunnel

Responses

204

Object deleted

400

Internal error

Request samples

Go
javascript
Python
Shell

Copy

package main

import (
	"fmt"
	"net/http"
	"io/ioutil"
)

func main() {

	url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel=%7Binstance%7D/netgate-ipsec:crypto/netgate-ipsec:ike"

	req, _ := http.NewRequest("DELETE", url, nil)

	res, _ := http.DefaultClient.Do(req)

	defer res.Body.Close()
	body, _ := ioutil.ReadAll(res.Body)

	fmt.Println(res)
	fmt.Println(string(body))

}

creates netgate.ipsec.ipsecconfig.tunnel.crypto.ike.Authentication

post /data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:ike/netgate-ipsec:authentication

Example URL

https://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:ike/netgate-ipsec:authentication

The auth data for an IKE peer

path Parameters

instance

required

integer <int64>

Id of tunnel

Request Body schema: application/yang-data+json

netgate.ipsec.ipsecconfig.tunnel.crypto.ike.Authentication to be added to list

round	Array of objects (netgate.ipsec.ipsecconfig.tunnel.crypto.ike.authentication.Round) An authentication round for one peer.
peer	string (netgate.ipsec.PeerPositionT) Enum: "remote" "local"

Responses

201

Object created

400

Internal error

409

Object already exists

Request samples

Payload
Go
javascript
Python
Shell

Content type

application/yang-data+json

Copy

Expand all Collapse all

{

"round":
[
- {
  - "number": 0,
  - "psk": "string",
  - "type": "psk"
  }
],
"peer": "remote"

}

returns netgate.ipsec.ipsecconfig.tunnel.crypto.ike.Authentication

get /data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:ike/netgate-ipsec:authentication={peer}

Example URL

https://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:ike/netgate-ipsec:authentication={peer}

The auth data for an IKE peer

path Parameters

instance required	integer <int64> Id of tunnel
peer required	string Id of authentication

Responses

200

netgate.ipsec.ipsecconfig.tunnel.crypto.ike.Authentication

400

Internal error

Request samples

Go
javascript
Python
Shell

Copy

package main

import (
	"fmt"
	"net/http"
	"io/ioutil"
)

func main() {

	url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel=%7Binstance%7D/netgate-ipsec:crypto/netgate-ipsec:ike/netgate-ipsec:authentication=%7Bpeer%7D"

	req, _ := http.NewRequest("GET", url, nil)

	res, _ := http.DefaultClient.Do(req)

	defer res.Body.Close()
	body, _ := ioutil.ReadAll(res.Body)

	fmt.Println(res)
	fmt.Println(string(body))

}

Response samples

Content type

application/yang-data+json

Copy

Expand all Collapse all

{

"netgate-ipsec:authentication":
{
- "round":
  [
  - {
    "number": 0,
    "psk": "string",
    "type": "psk"
    }
  ],
- "peer": "remote"
}

}

creates netgate.ipsec.ipsecconfig.tunnel.crypto.ike.Authentication

post /data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:ike/netgate-ipsec:authentication={peer}

Example URL

https://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:ike/netgate-ipsec:authentication={peer}

The auth data for an IKE peer

path Parameters

instance required	integer <int64> Id of tunnel
peer required	string Id of authentication

Request Body schema: application/yang-data+json

netgate.ipsec.ipsecconfig.tunnel.crypto.ike.Authentication to be added to list

round	Array of objects (netgate.ipsec.ipsecconfig.tunnel.crypto.ike.authentication.Round) An authentication round for one peer.
peer	string (netgate.ipsec.PeerPositionT) Enum: "remote" "local"

Responses

201

Object created

400

Internal error

409

Object already exists

Request samples

Payload
Go
javascript
Python
Shell

Content type

application/yang-data+json

Copy

Expand all Collapse all

{

"round":
[
- {
  - "number": 0,
  - "psk": "string",
  - "type": "psk"
  }
],
"peer": "remote"

}

creates or updates netgate.ipsec.ipsecconfig.tunnel.crypto.ike.Authentication

put /data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:ike/netgate-ipsec:authentication={peer}

Example URL

https://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:ike/netgate-ipsec:authentication={peer}

The auth data for an IKE peer

path Parameters

instance required	integer <int64> Id of tunnel
peer required	string Id of authentication

Request Body schema: application/yang-data+json

netgate.ipsec.ipsecconfig.tunnel.crypto.ike.Authentication to be added or updated

netgate-ipsec:authentication

object (netgate.ipsec.ipsecconfig.tunnel.crypto.ike.Authentication)

Responses

201

Object created

204

Object modified

400

Internal error

Request samples

Payload
Go
javascript
Python
Shell

Content type

application/yang-data+json

Copy

Expand all Collapse all

{

"netgate-ipsec:authentication":
{
- "round":
  [
  - {
    "number": 0,
    "psk": "string",
    "type": "psk"
    }
  ],
- "peer": "remote"
}

}

removes netgate.ipsec.ipsecconfig.tunnel.crypto.ike.Authentication

delete /data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:ike/netgate-ipsec:authentication={peer}

Example URL

https://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:ike/netgate-ipsec:authentication={peer}

The auth data for an IKE peer

path Parameters

instance required	integer <int64> Id of tunnel
peer required	string Id of authentication

Responses

204

Object deleted

400

Internal error

Request samples

Go
javascript
Python
Shell

Copy

package main

import (
	"fmt"
	"net/http"
	"io/ioutil"
)

func main() {

	url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel=%7Binstance%7D/netgate-ipsec:crypto/netgate-ipsec:ike/netgate-ipsec:authentication=%7Bpeer%7D"

	req, _ := http.NewRequest("DELETE", url, nil)

	res, _ := http.DefaultClient.Do(req)

	defer res.Body.Close()
	body, _ := ioutil.ReadAll(res.Body)

	fmt.Println(res)
	fmt.Println(string(body))

}

creates netgate.ipsec.ipsecconfig.tunnel.crypto.ike.authentication.Round

post /data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:ike/netgate-ipsec:authentication={peer}/netgate-ipsec:round

Example URL

https://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:ike/netgate-ipsec:authentication={peer}/netgate-ipsec:round

An authentication round for one peer.

path Parameters

instance required	integer <int64> Id of tunnel
peer required	string Id of authentication

Request Body schema: application/yang-data+json

netgate.ipsec.ipsecconfig.tunnel.crypto.ike.authentication.Round to be added to list

number	integer <int32> Numeric field to order multiple authentications
psk	string Pre Shared Key
type	string (netgate.ipsec.AuthenticationMethodT) Value: "psk"

Responses

201

Object created

400

Internal error

409

Object already exists

Request samples

Payload
Go
javascript
Python
Shell

Content type

application/yang-data+json

Copy

Expand all Collapse all

{

"number": 0,
"psk": "string",
"type": "psk"

}

returns netgate.ipsec.ipsecconfig.tunnel.crypto.ike.authentication.Round

get /data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:ike/netgate-ipsec:authentication={peer}/netgate-ipsec:round={number}

Example URL

https://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:ike/netgate-ipsec:authentication={peer}/netgate-ipsec:round={number}

An authentication round for one peer.

path Parameters

instance required	integer <int64> Id of tunnel
peer required	string Id of authentication
number required	integer <int32> Id of round

Responses

200

netgate.ipsec.ipsecconfig.tunnel.crypto.ike.authentication.Round

400

Internal error

Request samples

Go
javascript
Python
Shell

Copy

package main

import (
	"fmt"
	"net/http"
	"io/ioutil"
)

func main() {

	url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel=%7Binstance%7D/netgate-ipsec:crypto/netgate-ipsec:ike/netgate-ipsec:authentication=%7Bpeer%7D/netgate-ipsec:round=%7Bnumber%7D"

	req, _ := http.NewRequest("GET", url, nil)

	res, _ := http.DefaultClient.Do(req)

	defer res.Body.Close()
	body, _ := ioutil.ReadAll(res.Body)

	fmt.Println(res)
	fmt.Println(string(body))

}

Response samples

Content type

application/yang-data+json

Copy

Expand all Collapse all

{

"netgate-ipsec:round":
{
- "number": 0,
- "psk": "string",
- "type": "psk"
}

}

creates netgate.ipsec.ipsecconfig.tunnel.crypto.ike.authentication.Round

post /data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:ike/netgate-ipsec:authentication={peer}/netgate-ipsec:round={number}

Example URL

https://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:ike/netgate-ipsec:authentication={peer}/netgate-ipsec:round={number}

An authentication round for one peer.

path Parameters

instance required	integer <int64> Id of tunnel
peer required	string Id of authentication
number required	integer <int32> Id of round

Request Body schema: application/yang-data+json

netgate.ipsec.ipsecconfig.tunnel.crypto.ike.authentication.Round to be added to list

number	integer <int32> Numeric field to order multiple authentications
psk	string Pre Shared Key
type	string (netgate.ipsec.AuthenticationMethodT) Value: "psk"

Responses

201

Object created

400

Internal error

409

Object already exists

Request samples

Payload
Go
javascript
Python
Shell

Content type

application/yang-data+json

Copy

Expand all Collapse all

{

"number": 0,
"psk": "string",
"type": "psk"

}

creates or updates netgate.ipsec.ipsecconfig.tunnel.crypto.ike.authentication.Round

put /data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:ike/netgate-ipsec:authentication={peer}/netgate-ipsec:round={number}

Example URL

https://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:ike/netgate-ipsec:authentication={peer}/netgate-ipsec:round={number}

An authentication round for one peer.

path Parameters

instance required	integer <int64> Id of tunnel
peer required	string Id of authentication
number required	integer <int32> Id of round

Request Body schema: application/yang-data+json

netgate.ipsec.ipsecconfig.tunnel.crypto.ike.authentication.Round to be added or updated

netgate-ipsec:round

object (netgate.ipsec.ipsecconfig.tunnel.crypto.ike.authentication.Round)

Responses

201

Object created

204

Object modified

400

Internal error

Request samples

Payload
Go
javascript
Python
Shell

Content type

application/yang-data+json

Copy

Expand all Collapse all

{

"netgate-ipsec:round":
{
- "number": 0,
- "psk": "string",
- "type": "psk"
}

}

removes netgate.ipsec.ipsecconfig.tunnel.crypto.ike.authentication.Round

delete /data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:ike/netgate-ipsec:authentication={peer}/netgate-ipsec:round={number}

Example URL

https://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:ike/netgate-ipsec:authentication={peer}/netgate-ipsec:round={number}

An authentication round for one peer.

path Parameters

instance required	integer <int64> Id of tunnel
peer required	string Id of authentication
number required	integer <int32> Id of round

Responses

204

Object deleted

400

Internal error

Request samples

Go
javascript
Python
Shell

Copy

package main

import (
	"fmt"
	"net/http"
	"io/ioutil"
)

func main() {

	url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel=%7Binstance%7D/netgate-ipsec:crypto/netgate-ipsec:ike/netgate-ipsec:authentication=%7Bpeer%7D/netgate-ipsec:round=%7Bnumber%7D"

	req, _ := http.NewRequest("DELETE", url, nil)

	res, _ := http.DefaultClient.Do(req)

	defer res.Body.Close()
	body, _ := ioutil.ReadAll(res.Body)

	fmt.Println(res)
	fmt.Println(string(body))

}

creates netgate.ipsec.ipsecconfig.tunnel.crypto.ike.ChildSa

post /data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:ike/netgate-ipsec:child-sa

Example URL

https://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:ike/netgate-ipsec:child-sa

Child (phase 2) SA.

path Parameters

instance

required

integer <int64>

Id of tunnel

Request Body schema: application/yang-data+json

netgate.ipsec.ipsecconfig.tunnel.crypto.ike.ChildSa to be added to list

proposal	Array of objects (netgate.ipsec.ipsecconfig.tunnel.crypto.ike.childsa.Proposal)
mode	string (netgate.ipsec.Mode) Value: "tunnel"
protocol	string (netgate.ipsec.Protocol) Value: "esp"
lifetime	integer <int64> Default: 3600 The length of time in seconds until the child SA is no longer valid.
name	string Name of the child SA
traffic-selector	Array of objects (netgate.ipsec.ipsecconfig.tunnel.crypto.ike.childsa.TrafficSelector) Local and remote address ranges that match packets that should go over a policy-based IPsec tunnel.
replay-window	integer <int64> Number of packets in replay window. Currently, 64 packets is the only supported value. Setting anything here will enable a 64 packet replay window.

Responses

201

Object created

400

Internal error

409

Object already exists

Request samples

Payload
Go
javascript
Python
Shell

Content type

application/yang-data+json

Copy

Expand all Collapse all

{

"proposal":
[
- {
  - "name": "string",
  - "sequence-number": "esn",
  - "encryption-algorithm": "aes128gcm16",
  - "dh-group": "modp768",
  - "integrity-algorithm": "md5"
  }
],
"mode": "tunnel",
"protocol": "esp",
"lifetime": 3600,
"name": "string",
"traffic-selector":
[
- {
  - "number": 0,
  - "remote-net": "string",
  - "local-net": "string"
  }
],
"replay-window": 0

}

returns netgate.ipsec.ipsecconfig.tunnel.crypto.ike.ChildSa

get /data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:ike/netgate-ipsec:child-sa={name}

Example URL

https://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:ike/netgate-ipsec:child-sa={name}

Child (phase 2) SA.

path Parameters

instance required	integer <int64> Id of tunnel
name required	string Id of child-sa

Responses

200

netgate.ipsec.ipsecconfig.tunnel.crypto.ike.ChildSa

400

Internal error

Request samples

Go
javascript
Python
Shell

Copy

package main

import (
	"fmt"
	"net/http"
	"io/ioutil"
)

func main() {

	url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel=%7Binstance%7D/netgate-ipsec:crypto/netgate-ipsec:ike/netgate-ipsec:child-sa=%7Bname%7D"

	req, _ := http.NewRequest("GET", url, nil)

	res, _ := http.DefaultClient.Do(req)

	defer res.Body.Close()
	body, _ := ioutil.ReadAll(res.Body)

	fmt.Println(res)
	fmt.Println(string(body))

}

Response samples

Content type

application/yang-data+json

Copy

Expand all Collapse all

{

"netgate-ipsec:child-sa":
{
- "proposal":
  [
  - {
    "name": "string",
    "sequence-number": "esn",
    "encryption-algorithm": "aes128gcm16",
    "dh-group": "modp768",
    "integrity-algorithm": "md5"
    }
  ],
- "mode": "tunnel",
- "protocol": "esp",
- "lifetime": 3600,
- "name": "string",
- "traffic-selector":
  [
  - {
    "number": 0,
    "remote-net": "string",
    "local-net": "string"
    }
  ],
- "replay-window": 0
}

}

creates netgate.ipsec.ipsecconfig.tunnel.crypto.ike.ChildSa

post /data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:ike/netgate-ipsec:child-sa={name}

Example URL

https://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:ike/netgate-ipsec:child-sa={name}

Child (phase 2) SA.

path Parameters

instance required	integer <int64> Id of tunnel
name required	string Id of child-sa

Request Body schema: application/yang-data+json

netgate.ipsec.ipsecconfig.tunnel.crypto.ike.ChildSa to be added to list

proposal	Array of objects (netgate.ipsec.ipsecconfig.tunnel.crypto.ike.childsa.Proposal)
mode	string (netgate.ipsec.Mode) Value: "tunnel"
protocol	string (netgate.ipsec.Protocol) Value: "esp"
lifetime	integer <int64> Default: 3600 The length of time in seconds until the child SA is no longer valid.
name	string Name of the child SA
traffic-selector	Array of objects (netgate.ipsec.ipsecconfig.tunnel.crypto.ike.childsa.TrafficSelector) Local and remote address ranges that match packets that should go over a policy-based IPsec tunnel.
replay-window	integer <int64> Number of packets in replay window. Currently, 64 packets is the only supported value. Setting anything here will enable a 64 packet replay window.

Responses

201

Object created

400

Internal error

409

Object already exists

Request samples

Payload
Go
javascript
Python
Shell

Content type

application/yang-data+json

Copy

Expand all Collapse all

{

"proposal":
[
- {
  - "name": "string",
  - "sequence-number": "esn",
  - "encryption-algorithm": "aes128gcm16",
  - "dh-group": "modp768",
  - "integrity-algorithm": "md5"
  }
],
"mode": "tunnel",
"protocol": "esp",
"lifetime": 3600,
"name": "string",
"traffic-selector":
[
- {
  - "number": 0,
  - "remote-net": "string",
  - "local-net": "string"
  }
],
"replay-window": 0

}

creates or updates netgate.ipsec.ipsecconfig.tunnel.crypto.ike.ChildSa

put /data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:ike/netgate-ipsec:child-sa={name}

Example URL

https://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:ike/netgate-ipsec:child-sa={name}

Child (phase 2) SA.

path Parameters

instance required	integer <int64> Id of tunnel
name required	string Id of child-sa

Request Body schema: application/yang-data+json

netgate.ipsec.ipsecconfig.tunnel.crypto.ike.ChildSa to be added or updated

netgate-ipsec:child-sa

object (netgate.ipsec.ipsecconfig.tunnel.crypto.ike.ChildSa)

Responses

201

Object created

204

Object modified

400

Internal error

Request samples

Payload
Go
javascript
Python
Shell

Content type

application/yang-data+json

Copy

Expand all Collapse all

{

"netgate-ipsec:child-sa":
{
- "proposal":
  [
  - {
    "name": "string",
    "sequence-number": "esn",
    "encryption-algorithm": "aes128gcm16",
    "dh-group": "modp768",
    "integrity-algorithm": "md5"
    }
  ],
- "mode": "tunnel",
- "protocol": "esp",
- "lifetime": 3600,
- "name": "string",
- "traffic-selector":
  [
  - {
    "number": 0,
    "remote-net": "string",
    "local-net": "string"
    }
  ],
- "replay-window": 0
}

}

removes netgate.ipsec.ipsecconfig.tunnel.crypto.ike.ChildSa

delete /data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:ike/netgate-ipsec:child-sa={name}

Example URL

https://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:ike/netgate-ipsec:child-sa={name}

Child (phase 2) SA.

path Parameters

instance required	integer <int64> Id of tunnel
name required	string Id of child-sa

Responses

204

Object deleted

400

Internal error

Request samples

Go
javascript
Python
Shell

Copy

package main

import (
	"fmt"
	"net/http"
	"io/ioutil"
)

func main() {

	url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel=%7Binstance%7D/netgate-ipsec:crypto/netgate-ipsec:ike/netgate-ipsec:child-sa=%7Bname%7D"

	req, _ := http.NewRequest("DELETE", url, nil)

	res, _ := http.DefaultClient.Do(req)

	defer res.Body.Close()
	body, _ := ioutil.ReadAll(res.Body)

	fmt.Println(res)
	fmt.Println(string(body))

}

creates netgate.ipsec.ipsecconfig.tunnel.crypto.ike.childsa.Proposal

post /data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:ike/netgate-ipsec:child-sa={name}/netgate-ipsec:proposal

Example URL

https://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:ike/netgate-ipsec:child-sa={name}/netgate-ipsec:proposal

creates netgate.ipsec.ipsecconfig.tunnel.crypto.ike.childsa.Proposal

path Parameters

instance required	integer <int64> Id of tunnel
name required	string Id of child-sa

Request Body schema: application/yang-data+json

netgate.ipsec.ipsecconfig.tunnel.crypto.ike.childsa.Proposal to be added to list

name	string
sequence-number	string (netgate.ipsec.IpsecSeqNumberTypeT) Enum: "esn" "noesn"
encryption-algorithm	string (netgate.ipsec.DataplaneEspEncryptionAlgorithmT) Enum: "aes128gcm16" "aes192gcm16" "aes256gcm16" "aes128" "aes192" "aes256"
dh-group	string (netgate.ipsec.NgDiffieHellmanGroupT) Enum: "modp768" "modp1024" "modp1536" "modp2048" "modp3072" "modp4096" "modp6144" "modp8192" "ecp256" "ecp384" "ecp521" "modp1024s160" "modp2048s224" "modp2048s256"
integrity-algorithm	string (netgate.ipsec.DataplaneEspIntegrityAlgorithmT) Enum: "md5" "sha1" "sha256" "sha384" "sha512"

Responses

201

Object created

400

Internal error

409

Object already exists

Request samples

Payload
Go
javascript
Python
Shell

Content type

application/yang-data+json

Copy

Expand all Collapse all

{

"name": "string",
"sequence-number": "esn",
"encryption-algorithm": "aes128gcm16",
"dh-group": "modp768",
"integrity-algorithm": "md5"

}

returns netgate.ipsec.ipsecconfig.tunnel.crypto.ike.childsa.Proposal

get /data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:ike/netgate-ipsec:child-sa={name}/netgate-ipsec:proposal={proposal-name}

Example URL

https://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:ike/netgate-ipsec:child-sa={name}/netgate-ipsec:proposal={proposal-name}

returns netgate.ipsec.ipsecconfig.tunnel.crypto.ike.childsa.Proposal

path Parameters

instance required	integer <int64> Id of tunnel
name required	string Id of child-sa
proposal-name required	string Id of proposal

Responses

200

netgate.ipsec.ipsecconfig.tunnel.crypto.ike.childsa.Proposal

400

Internal error

Request samples

Go
javascript
Python
Shell

Copy

package main

import (
	"fmt"
	"net/http"
	"io/ioutil"
)

func main() {

	url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel=%7Binstance%7D/netgate-ipsec:crypto/netgate-ipsec:ike/netgate-ipsec:child-sa=%7Bname%7D/netgate-ipsec:proposal=%7Bproposal-name%7D"

	req, _ := http.NewRequest("GET", url, nil)

	res, _ := http.DefaultClient.Do(req)

	defer res.Body.Close()
	body, _ := ioutil.ReadAll(res.Body)

	fmt.Println(res)
	fmt.Println(string(body))

}

Response samples

Content type

application/yang-data+json

Copy

Expand all Collapse all

{

"netgate-ipsec:proposal":
{
- "name": "string",
- "sequence-number": "esn",
- "encryption-algorithm": "aes128gcm16",
- "dh-group": "modp768",
- "integrity-algorithm": "md5"
}

}

creates netgate.ipsec.ipsecconfig.tunnel.crypto.ike.childsa.Proposal

post /data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:ike/netgate-ipsec:child-sa={name}/netgate-ipsec:proposal={proposal-name}

Example URL

https://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:ike/netgate-ipsec:child-sa={name}/netgate-ipsec:proposal={proposal-name}

creates netgate.ipsec.ipsecconfig.tunnel.crypto.ike.childsa.Proposal

path Parameters

instance required	integer <int64> Id of tunnel
name required	string Id of child-sa
proposal-name required	string Id of proposal

Request Body schema: application/yang-data+json

netgate.ipsec.ipsecconfig.tunnel.crypto.ike.childsa.Proposal to be added to list

name	string
sequence-number	string (netgate.ipsec.IpsecSeqNumberTypeT) Enum: "esn" "noesn"
encryption-algorithm	string (netgate.ipsec.DataplaneEspEncryptionAlgorithmT) Enum: "aes128gcm16" "aes192gcm16" "aes256gcm16" "aes128" "aes192" "aes256"
dh-group	string (netgate.ipsec.NgDiffieHellmanGroupT) Enum: "modp768" "modp1024" "modp1536" "modp2048" "modp3072" "modp4096" "modp6144" "modp8192" "ecp256" "ecp384" "ecp521" "modp1024s160" "modp2048s224" "modp2048s256"
integrity-algorithm	string (netgate.ipsec.DataplaneEspIntegrityAlgorithmT) Enum: "md5" "sha1" "sha256" "sha384" "sha512"

Responses

201

Object created

400

Internal error

409

Object already exists

Request samples

Payload
Go
javascript
Python
Shell

Content type

application/yang-data+json

Copy

Expand all Collapse all

{

"name": "string",
"sequence-number": "esn",
"encryption-algorithm": "aes128gcm16",
"dh-group": "modp768",
"integrity-algorithm": "md5"

}

creates or updates netgate.ipsec.ipsecconfig.tunnel.crypto.ike.childsa.Proposal

put /data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:ike/netgate-ipsec:child-sa={name}/netgate-ipsec:proposal={proposal-name}

Example URL

https://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:ike/netgate-ipsec:child-sa={name}/netgate-ipsec:proposal={proposal-name}

creates or updates netgate.ipsec.ipsecconfig.tunnel.crypto.ike.childsa.Proposal

path Parameters

instance required	integer <int64> Id of tunnel
name required	string Id of child-sa
proposal-name required	string Id of proposal

Request Body schema: application/yang-data+json

netgate.ipsec.ipsecconfig.tunnel.crypto.ike.childsa.Proposal to be added or updated

netgate-ipsec:proposal

object (netgate.ipsec.ipsecconfig.tunnel.crypto.ike.childsa.Proposal)

Responses

201

Object created

204

Object modified

400

Internal error

Request samples

Payload
Go
javascript
Python
Shell

Content type

application/yang-data+json

Copy

Expand all Collapse all

{

"netgate-ipsec:proposal":
{
- "name": "string",
- "sequence-number": "esn",
- "encryption-algorithm": "aes128gcm16",
- "dh-group": "modp768",
- "integrity-algorithm": "md5"
}

}

removes netgate.ipsec.ipsecconfig.tunnel.crypto.ike.childsa.Proposal

delete /data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:ike/netgate-ipsec:child-sa={name}/netgate-ipsec:proposal={proposal-name}

Example URL

https://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:ike/netgate-ipsec:child-sa={name}/netgate-ipsec:proposal={proposal-name}

removes netgate.ipsec.ipsecconfig.tunnel.crypto.ike.childsa.Proposal

path Parameters

instance required	integer <int64> Id of tunnel
name required	string Id of child-sa
proposal-name required	string Id of proposal

Responses

204

Object deleted

400

Internal error

Request samples

Go
javascript
Python
Shell

Copy

package main

import (
	"fmt"
	"net/http"
	"io/ioutil"
)

func main() {

	url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel=%7Binstance%7D/netgate-ipsec:crypto/netgate-ipsec:ike/netgate-ipsec:child-sa=%7Bname%7D/netgate-ipsec:proposal=%7Bproposal-name%7D"

	req, _ := http.NewRequest("DELETE", url, nil)

	res, _ := http.DefaultClient.Do(req)

	defer res.Body.Close()
	body, _ := ioutil.ReadAll(res.Body)

	fmt.Println(res)
	fmt.Println(string(body))

}

creates netgate.ipsec.ipsecconfig.tunnel.crypto.ike.childsa.TrafficSelector

post /data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:ike/netgate-ipsec:child-sa={name}/netgate-ipsec:traffic-selector

Example URL

https://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:ike/netgate-ipsec:child-sa={name}/netgate-ipsec:traffic-selector

Local and remote address ranges that match packets that should go over a policy-based IPsec tunnel.

path Parameters

instance required	integer <int64> Id of tunnel
name required	string Id of child-sa

Request Body schema: application/yang-data+json

netgate.ipsec.ipsecconfig.tunnel.crypto.ike.childsa.TrafficSelector to be added to list

number	integer <int32> Numeric identifier for traffic selector.
remote-net	string Remote network prefix.
local-net	string Local network prefix.

Responses

201

Object created

400

Internal error

409

Object already exists

Request samples

Payload
Go
javascript
Python
Shell

Content type

application/yang-data+json

Copy

Expand all Collapse all

{

"number": 0,
"remote-net": "string",
"local-net": "string"

}

returns netgate.ipsec.ipsecconfig.tunnel.crypto.ike.childsa.TrafficSelector

get /data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:ike/netgate-ipsec:child-sa={name}/netgate-ipsec:traffic-selector={number}

Example URL

https://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:ike/netgate-ipsec:child-sa={name}/netgate-ipsec:traffic-selector={number}

Local and remote address ranges that match packets that should go over a policy-based IPsec tunnel.

path Parameters

instance required	integer <int64> Id of tunnel
name required	string Id of child-sa
number required	integer <int32> Id of traffic-selector

Responses

200

netgate.ipsec.ipsecconfig.tunnel.crypto.ike.childsa.TrafficSelector

400

Internal error

Request samples

Go
javascript
Python
Shell

Copy

package main

import (
	"fmt"
	"net/http"
	"io/ioutil"
)

func main() {

	url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel=%7Binstance%7D/netgate-ipsec:crypto/netgate-ipsec:ike/netgate-ipsec:child-sa=%7Bname%7D/netgate-ipsec:traffic-selector=%7Bnumber%7D"

	req, _ := http.NewRequest("GET", url, nil)

	res, _ := http.DefaultClient.Do(req)

	defer res.Body.Close()
	body, _ := ioutil.ReadAll(res.Body)

	fmt.Println(res)
	fmt.Println(string(body))

}

Response samples

Content type

application/yang-data+json

Copy

Expand all Collapse all

{

"netgate-ipsec:traffic-selector":
{
- "number": 0,
- "remote-net": "string",
- "local-net": "string"
}

}

creates netgate.ipsec.ipsecconfig.tunnel.crypto.ike.childsa.TrafficSelector

post /data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:ike/netgate-ipsec:child-sa={name}/netgate-ipsec:traffic-selector={number}

Example URL

https://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:ike/netgate-ipsec:child-sa={name}/netgate-ipsec:traffic-selector={number}

Local and remote address ranges that match packets that should go over a policy-based IPsec tunnel.

path Parameters

instance required	integer <int64> Id of tunnel
name required	string Id of child-sa
number required	integer <int32> Id of traffic-selector

Request Body schema: application/yang-data+json

netgate.ipsec.ipsecconfig.tunnel.crypto.ike.childsa.TrafficSelector to be added to list

number	integer <int32> Numeric identifier for traffic selector.
remote-net	string Remote network prefix.
local-net	string Local network prefix.

Responses

201

Object created

400

Internal error

409

Object already exists

Request samples

Payload
Go
javascript
Python
Shell

Content type

application/yang-data+json

Copy

Expand all Collapse all

{

"number": 0,
"remote-net": "string",
"local-net": "string"

}

creates or updates netgate.ipsec.ipsecconfig.tunnel.crypto.ike.childsa.TrafficSelector

put /data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:ike/netgate-ipsec:child-sa={name}/netgate-ipsec:traffic-selector={number}

Example URL

https://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:ike/netgate-ipsec:child-sa={name}/netgate-ipsec:traffic-selector={number}

Local and remote address ranges that match packets that should go over a policy-based IPsec tunnel.

path Parameters

instance required	integer <int64> Id of tunnel
name required	string Id of child-sa
number required	integer <int32> Id of traffic-selector

Request Body schema: application/yang-data+json

netgate.ipsec.ipsecconfig.tunnel.crypto.ike.childsa.TrafficSelector to be added or updated

netgate-ipsec:traffic-selector

object (netgate.ipsec.ipsecconfig.tunnel.crypto.ike.childsa.TrafficSelector)

Responses

201

Object created

204

Object modified

400

Internal error

Request samples

Payload
Go
javascript
Python
Shell

Content type

application/yang-data+json

Copy

Expand all Collapse all

{

"netgate-ipsec:traffic-selector":
{
- "number": 0,
- "remote-net": "string",
- "local-net": "string"
}

}

removes netgate.ipsec.ipsecconfig.tunnel.crypto.ike.childsa.TrafficSelector

delete /data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:ike/netgate-ipsec:child-sa={name}/netgate-ipsec:traffic-selector={number}

Example URL

https://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:ike/netgate-ipsec:child-sa={name}/netgate-ipsec:traffic-selector={number}

Local and remote address ranges that match packets that should go over a policy-based IPsec tunnel.

path Parameters

instance required	integer <int64> Id of tunnel
name required	string Id of child-sa
number required	integer <int32> Id of traffic-selector

Responses

204

Object deleted

400

Internal error

Request samples

Go
javascript
Python
Shell

Copy

package main

import (
	"fmt"
	"net/http"
	"io/ioutil"
)

func main() {

	url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel=%7Binstance%7D/netgate-ipsec:crypto/netgate-ipsec:ike/netgate-ipsec:child-sa=%7Bname%7D/netgate-ipsec:traffic-selector=%7Bnumber%7D"

	req, _ := http.NewRequest("DELETE", url, nil)

	res, _ := http.DefaultClient.Do(req)

	defer res.Body.Close()
	body, _ := ioutil.ReadAll(res.Body)

	fmt.Println(res)
	fmt.Println(string(body))

}

creates netgate.ipsec.ipsecconfig.tunnel.crypto.ike.Identity

post /data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:ike/netgate-ipsec:identity

Example URL

https://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:ike/netgate-ipsec:identity

The ID data for one peer in the SA

path Parameters

instance

required

integer <int64>

Id of tunnel

Request Body schema: application/yang-data+json

netgate.ipsec.ipsecconfig.tunnel.crypto.ike.Identity to be added to list

type	string (netgate.ipsec.IkeIdentityTypeT) Enum: "none" "email" "fqdn" "dn" "key-id" "address"
value	string The ID of the peer.
peer	string (netgate.ipsec.PeerPositionT) Enum: "remote" "local"

Responses

201

Object created

400

Internal error

409

Object already exists

Request samples

Payload
Go
javascript
Python
Shell

Content type

application/yang-data+json

Copy

Expand all Collapse all

{

"type": "none",
"value": "string",
"peer": "remote"

}

returns netgate.ipsec.ipsecconfig.tunnel.crypto.ike.Identity

get /data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:ike/netgate-ipsec:identity={peer}

Example URL

https://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:ike/netgate-ipsec:identity={peer}

The ID data for one peer in the SA

path Parameters

instance required	integer <int64> Id of tunnel
peer required	string Id of identity

Responses

200

netgate.ipsec.ipsecconfig.tunnel.crypto.ike.Identity

400

Internal error

Request samples

Go
javascript
Python
Shell

Copy

package main

import (
	"fmt"
	"net/http"
	"io/ioutil"
)

func main() {

	url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel=%7Binstance%7D/netgate-ipsec:crypto/netgate-ipsec:ike/netgate-ipsec:identity=%7Bpeer%7D"

	req, _ := http.NewRequest("GET", url, nil)

	res, _ := http.DefaultClient.Do(req)

	defer res.Body.Close()
	body, _ := ioutil.ReadAll(res.Body)

	fmt.Println(res)
	fmt.Println(string(body))

}

Response samples

Content type

application/yang-data+json

Copy

Expand all Collapse all

{

"netgate-ipsec:identity":
{
- "type": "none",
- "value": "string",
- "peer": "remote"
}

}

creates netgate.ipsec.ipsecconfig.tunnel.crypto.ike.Identity

post /data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:ike/netgate-ipsec:identity={peer}

Example URL

https://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:ike/netgate-ipsec:identity={peer}

The ID data for one peer in the SA

path Parameters

instance required	integer <int64> Id of tunnel
peer required	string Id of identity

Request Body schema: application/yang-data+json

netgate.ipsec.ipsecconfig.tunnel.crypto.ike.Identity to be added to list

type	string (netgate.ipsec.IkeIdentityTypeT) Enum: "none" "email" "fqdn" "dn" "key-id" "address"
value	string The ID of the peer.
peer	string (netgate.ipsec.PeerPositionT) Enum: "remote" "local"

Responses

201

Object created

400

Internal error

409

Object already exists

Request samples

Payload
Go
javascript
Python
Shell

Content type

application/yang-data+json

Copy

Expand all Collapse all

{

"type": "none",
"value": "string",
"peer": "remote"

}

creates or updates netgate.ipsec.ipsecconfig.tunnel.crypto.ike.Identity

put /data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:ike/netgate-ipsec:identity={peer}

Example URL

https://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:ike/netgate-ipsec:identity={peer}

The ID data for one peer in the SA

path Parameters

instance required	integer <int64> Id of tunnel
peer required	string Id of identity

Request Body schema: application/yang-data+json

netgate.ipsec.ipsecconfig.tunnel.crypto.ike.Identity to be added or updated

netgate-ipsec:identity

object (netgate.ipsec.ipsecconfig.tunnel.crypto.ike.Identity)

Responses

201

Object created

204

Object modified

400

Internal error

Request samples

Payload
Go
javascript
Python
Shell

Content type

application/yang-data+json

Copy

Expand all Collapse all

{

"netgate-ipsec:identity":
{
- "type": "none",
- "value": "string",
- "peer": "remote"
}

}

removes netgate.ipsec.ipsecconfig.tunnel.crypto.ike.Identity

delete /data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:ike/netgate-ipsec:identity={peer}

Example URL

https://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:ike/netgate-ipsec:identity={peer}

The ID data for one peer in the SA

path Parameters

instance required	integer <int64> Id of tunnel
peer required	string Id of identity

Responses

204

Object deleted

400

Internal error

Request samples

Go
javascript
Python
Shell

Copy

package main

import (
	"fmt"
	"net/http"
	"io/ioutil"
)

func main() {

	url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel=%7Binstance%7D/netgate-ipsec:crypto/netgate-ipsec:ike/netgate-ipsec:identity=%7Bpeer%7D"

	req, _ := http.NewRequest("DELETE", url, nil)

	res, _ := http.DefaultClient.Do(req)

	defer res.Body.Close()
	body, _ := ioutil.ReadAll(res.Body)

	fmt.Println(res)
	fmt.Println(string(body))

}

creates netgate.ipsec.ipsecconfig.tunnel.crypto.ike.Proposals

post /data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:ike/netgate-ipsec:proposals

Example URL

https://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:ike/netgate-ipsec:proposals

Proposed parameters for IKE SA

path Parameters

instance

required

integer <int64>

Id of tunnel

Request Body schema: application/yang-data+json

netgate.ipsec.ipsecconfig.tunnel.crypto.ike.Proposals to be added to list

name	string IKE proposal name.
encryption-algorithm	string (netgate.ipsec.NgIkeEncryptionAlgorithmT) Enum: "aes128" "aes192" "aes256" "aes128ctr" "aes192ctr" "aes256ctr" "aes128ccm8" "aes192ccm8" "aes256ccm8" "aes128ccm12" "aes192ccm12" "aes256ccm12" "aes128ccm16" "aes192ccm16" "aes256ccm16" "aes128gcm8" "aes192gcm8" "aes256gcm8" "aes128gcm12" "aes192gcm12" "aes256gcm12" "aes128gcm16" "aes192gcm16" "aes256gcm16" "camellia128" "camellia192" "camellia256" "camellia128ctr" "camellia192ctr" "camellia256ctr" "camellia128ccm8" "camellia192ccm8" "camellia256ccm8" "camellia128ccm12" "camellia192ccm12" "camellia256ccm12" "camellia128ccm16" "camellia192ccm16" "camellia256ccm16" "chacha20poly1305"
prf	string (netgate.ipsec.NgPseudoRandomFunctionT) Enum: "prfmd5" "prfsha1" "prfaesxcbc" "prfsha256" "prfsha384" "prfsha512" "prfaescmac"
dh-group	string (netgate.ipsec.NgDiffieHellmanGroupT) Enum: "modp768" "modp1024" "modp1536" "modp2048" "modp3072" "modp4096" "modp6144" "modp8192" "ecp256" "ecp384" "ecp521" "modp1024s160" "modp2048s224" "modp2048s256"
integrity-algorithm	string (netgate.ipsec.NgIkeIntegrityAlgorithmT) Enum: "md5" "sha1" "aesxcbc" "aescmac" "sha256" "sha384" "sha512"

Responses

201

Object created

400

Internal error

409

Object already exists

Request samples

Payload
Go
javascript
Python
Shell

Content type

application/yang-data+json

Copy

Expand all Collapse all

{

"name": "string",
"encryption-algorithm": "aes128",
"prf": "prfmd5",
"dh-group": "modp768",
"integrity-algorithm": "md5"

}

returns netgate.ipsec.ipsecconfig.tunnel.crypto.ike.Proposals

get /data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:ike/netgate-ipsec:proposals={name}

Example URL

https://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:ike/netgate-ipsec:proposals={name}

Proposed parameters for IKE SA

path Parameters

instance required	integer <int64> Id of tunnel
name required	string Id of proposals

Responses

200

netgate.ipsec.ipsecconfig.tunnel.crypto.ike.Proposals

400

Internal error

Request samples

Go
javascript
Python
Shell

Copy

package main

import (
	"fmt"
	"net/http"
	"io/ioutil"
)

func main() {

	url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel=%7Binstance%7D/netgate-ipsec:crypto/netgate-ipsec:ike/netgate-ipsec:proposals=%7Bname%7D"

	req, _ := http.NewRequest("GET", url, nil)

	res, _ := http.DefaultClient.Do(req)

	defer res.Body.Close()
	body, _ := ioutil.ReadAll(res.Body)

	fmt.Println(res)
	fmt.Println(string(body))

}

Response samples

Content type

application/yang-data+json

Copy

Expand all Collapse all

{

"netgate-ipsec:proposals":
{
- "name": "string",
- "encryption-algorithm": "aes128",
- "prf": "prfmd5",
- "dh-group": "modp768",
- "integrity-algorithm": "md5"
}

}

creates netgate.ipsec.ipsecconfig.tunnel.crypto.ike.Proposals

post /data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:ike/netgate-ipsec:proposals={name}

Example URL

https://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:ike/netgate-ipsec:proposals={name}

Proposed parameters for IKE SA

path Parameters

instance required	integer <int64> Id of tunnel
name required	string Id of proposals

Request Body schema: application/yang-data+json

netgate.ipsec.ipsecconfig.tunnel.crypto.ike.Proposals to be added to list

name	string IKE proposal name.
encryption-algorithm	string (netgate.ipsec.NgIkeEncryptionAlgorithmT) Enum: "aes128" "aes192" "aes256" "aes128ctr" "aes192ctr" "aes256ctr" "aes128ccm8" "aes192ccm8" "aes256ccm8" "aes128ccm12" "aes192ccm12" "aes256ccm12" "aes128ccm16" "aes192ccm16" "aes256ccm16" "aes128gcm8" "aes192gcm8" "aes256gcm8" "aes128gcm12" "aes192gcm12" "aes256gcm12" "aes128gcm16" "aes192gcm16" "aes256gcm16" "camellia128" "camellia192" "camellia256" "camellia128ctr" "camellia192ctr" "camellia256ctr" "camellia128ccm8" "camellia192ccm8" "camellia256ccm8" "camellia128ccm12" "camellia192ccm12" "camellia256ccm12" "camellia128ccm16" "camellia192ccm16" "camellia256ccm16" "chacha20poly1305"
prf	string (netgate.ipsec.NgPseudoRandomFunctionT) Enum: "prfmd5" "prfsha1" "prfaesxcbc" "prfsha256" "prfsha384" "prfsha512" "prfaescmac"
dh-group	string (netgate.ipsec.NgDiffieHellmanGroupT) Enum: "modp768" "modp1024" "modp1536" "modp2048" "modp3072" "modp4096" "modp6144" "modp8192" "ecp256" "ecp384" "ecp521" "modp1024s160" "modp2048s224" "modp2048s256"
integrity-algorithm	string (netgate.ipsec.NgIkeIntegrityAlgorithmT) Enum: "md5" "sha1" "aesxcbc" "aescmac" "sha256" "sha384" "sha512"

Responses

201

Object created

400

Internal error

409

Object already exists

Request samples

Payload
Go
javascript
Python
Shell

Content type

application/yang-data+json

Copy

Expand all Collapse all

{

"name": "string",
"encryption-algorithm": "aes128",
"prf": "prfmd5",
"dh-group": "modp768",
"integrity-algorithm": "md5"

}

creates or updates netgate.ipsec.ipsecconfig.tunnel.crypto.ike.Proposals

put /data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:ike/netgate-ipsec:proposals={name}

Example URL

https://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:ike/netgate-ipsec:proposals={name}

Proposed parameters for IKE SA

path Parameters

instance required	integer <int64> Id of tunnel
name required	string Id of proposals

Request Body schema: application/yang-data+json

netgate.ipsec.ipsecconfig.tunnel.crypto.ike.Proposals to be added or updated

netgate-ipsec:proposals

object (netgate.ipsec.ipsecconfig.tunnel.crypto.ike.Proposals)

Responses

201

Object created

204

Object modified

400

Internal error

Request samples

Payload
Go
javascript
Python
Shell

Content type

application/yang-data+json

Copy

Expand all Collapse all

{

"netgate-ipsec:proposals":
{
- "name": "string",
- "encryption-algorithm": "aes128",
- "prf": "prfmd5",
- "dh-group": "modp768",
- "integrity-algorithm": "md5"
}

}

removes netgate.ipsec.ipsecconfig.tunnel.crypto.ike.Proposals

delete /data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:ike/netgate-ipsec:proposals={name}

Example URL

https://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:ike/netgate-ipsec:proposals={name}

Proposed parameters for IKE SA

path Parameters

instance required	integer <int64> Id of tunnel
name required	string Id of proposals

Responses

204

Object deleted

400

Internal error

Request samples

Go
javascript
Python
Shell

Copy

package main

import (
	"fmt"
	"net/http"
	"io/ioutil"
)

func main() {

	url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel=%7Binstance%7D/netgate-ipsec:crypto/netgate-ipsec:ike/netgate-ipsec:proposals=%7Bname%7D"

	req, _ := http.NewRequest("DELETE", url, nil)

	res, _ := http.DefaultClient.Do(req)

	defer res.Body.Close()
	body, _ := ioutil.ReadAll(res.Body)

	fmt.Println(res)
	fmt.Println(string(body))

}

returns netgate.ipsec.ipsecconfig.tunnel.crypto.Manual

get /data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:manual

Example URL

https://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:manual

returns netgate.ipsec.ipsecconfig.tunnel.crypto.Manual

path Parameters

instance

required

integer <int64>

Id of tunnel

Responses

200

netgate.ipsec.ipsecconfig.tunnel.crypto.Manual

400

Internal error

Request samples

Go
javascript
Python
Shell

Copy

package main

import (
	"fmt"
	"net/http"
	"io/ioutil"
)

func main() {

	url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel=%7Binstance%7D/netgate-ipsec:crypto/netgate-ipsec:manual"

	req, _ := http.NewRequest("GET", url, nil)

	res, _ := http.DefaultClient.Do(req)

	defer res.Body.Close()
	body, _ := ioutil.ReadAll(res.Body)

	fmt.Println(res)
	fmt.Println(string(body))

}

Response samples

Content type

application/yang-data+json

Copy

Expand all Collapse all

{

"netgate-ipsec:manual":
{
- "protocol": "esp",
- "integrity":
  {
  - "key": "string",
  - "algorithm": "md5"
  },
- "encryption":
  {
  - "key": "string",
  - "algorithm": "aes128gcm16"
  }
}

}

creates netgate.ipsec.ipsecconfig.tunnel.crypto.Manual

post /data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:manual

Example URL

https://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:manual

creates netgate.ipsec.ipsecconfig.tunnel.crypto.Manual

path Parameters

instance

required

integer <int64>

Id of tunnel

Request Body schema: application/yang-data+json

netgate.ipsec.ipsecconfig.tunnel.crypto.Manual to be added to list

protocol	string (netgate.ipsec.Protocol) Value: "esp"
integrity	object (netgate.ipsec.ipsecconfig.tunnel.crypto.manual.Integrity)
encryption	object (netgate.ipsec.ipsecconfig.tunnel.crypto.manual.Encryption)

Responses

201

Object created

400

Internal error

409

Object already exists

Request samples

Payload
Go
javascript
Python
Shell

Content type

application/yang-data+json

Copy

Expand all Collapse all

{

"protocol": "esp",
"integrity":
{
- "key": "string",
- "algorithm": "md5"
},
"encryption":
{
- "key": "string",
- "algorithm": "aes128gcm16"
}

}

creates or updates netgate.ipsec.ipsecconfig.tunnel.crypto.Manual

put /data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:manual

Example URL

https://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:manual

creates or updates netgate.ipsec.ipsecconfig.tunnel.crypto.Manual

path Parameters

instance

required

integer <int64>

Id of tunnel

Request Body schema: application/yang-data+json

netgate.ipsec.ipsecconfig.tunnel.crypto.Manual to be added or updated

netgate-ipsec:manual

object (netgate.ipsec.ipsecconfig.tunnel.crypto.Manual)

Responses

201

Object created

204

Object modified

400

Internal error

Request samples

Payload
Go
javascript
Python
Shell

Content type

application/yang-data+json

Copy

Expand all Collapse all

{

"netgate-ipsec:manual":
{
- "protocol": "esp",
- "integrity":
  {
  - "key": "string",
  - "algorithm": "md5"
  },
- "encryption":
  {
  - "key": "string",
  - "algorithm": "aes128gcm16"
  }
}

}

removes netgate.ipsec.ipsecconfig.tunnel.crypto.Manual

delete /data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:manual

Example URL

https://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:manual

removes netgate.ipsec.ipsecconfig.tunnel.crypto.Manual

path Parameters

instance

required

integer <int64>

Id of tunnel

Responses

204

Object deleted

400

Internal error

Request samples

Go
javascript
Python
Shell

Copy

package main

import (
	"fmt"
	"net/http"
	"io/ioutil"
)

func main() {

	url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel=%7Binstance%7D/netgate-ipsec:crypto/netgate-ipsec:manual"

	req, _ := http.NewRequest("DELETE", url, nil)

	res, _ := http.DefaultClient.Do(req)

	defer res.Body.Close()
	body, _ := ioutil.ReadAll(res.Body)

	fmt.Println(res)
	fmt.Println(string(body))

}

returns netgate.ipsec.ipsecconfig.tunnel.crypto.manual.Encryption

get /data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:manual/netgate-ipsec:encryption

Example URL

https://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:manual/netgate-ipsec:encryption

returns netgate.ipsec.ipsecconfig.tunnel.crypto.manual.Encryption

path Parameters

instance

required

integer <int64>

Id of tunnel

Responses

200

netgate.ipsec.ipsecconfig.tunnel.crypto.manual.Encryption

400

Internal error

Request samples

Go
javascript
Python
Shell

Copy

package main

import (
	"fmt"
	"net/http"
	"io/ioutil"
)

func main() {

	url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel=%7Binstance%7D/netgate-ipsec:crypto/netgate-ipsec:manual/netgate-ipsec:encryption"

	req, _ := http.NewRequest("GET", url, nil)

	res, _ := http.DefaultClient.Do(req)

	defer res.Body.Close()
	body, _ := ioutil.ReadAll(res.Body)

	fmt.Println(res)
	fmt.Println(string(body))

}

Response samples

Content type

application/yang-data+json

Copy

Expand all Collapse all

{

"netgate-ipsec:encryption":
{
- "key": "string",
- "algorithm": "aes128gcm16"
}

}

creates netgate.ipsec.ipsecconfig.tunnel.crypto.manual.Encryption

post /data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:manual/netgate-ipsec:encryption

Example URL

https://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:manual/netgate-ipsec:encryption

creates netgate.ipsec.ipsecconfig.tunnel.crypto.manual.Encryption

path Parameters

instance

required

integer <int64>

Id of tunnel

Request Body schema: application/yang-data+json

netgate.ipsec.ipsecconfig.tunnel.crypto.manual.Encryption to be added to list

key	string
algorithm	string (netgate.ipsec.DataplaneEspEncryptionAlgorithmT) Enum: "aes128gcm16" "aes192gcm16" "aes256gcm16" "aes128" "aes192" "aes256"

Responses

201

Object created

400

Internal error

409

Object already exists

Request samples

Payload
Go
javascript
Python
Shell

Content type

application/yang-data+json

Copy

Expand all Collapse all

{

"key": "string",
"algorithm": "aes128gcm16"

}

creates or updates netgate.ipsec.ipsecconfig.tunnel.crypto.manual.Encryption

put /data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:manual/netgate-ipsec:encryption

Example URL

https://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:manual/netgate-ipsec:encryption

creates or updates netgate.ipsec.ipsecconfig.tunnel.crypto.manual.Encryption

path Parameters

instance

required

integer <int64>

Id of tunnel

Request Body schema: application/yang-data+json

netgate.ipsec.ipsecconfig.tunnel.crypto.manual.Encryption to be added or updated

netgate-ipsec:encryption

object (netgate.ipsec.ipsecconfig.tunnel.crypto.manual.Encryption)

Responses

201

Object created

204

Object modified

400

Internal error

Request samples

Payload
Go
javascript
Python
Shell

Content type

application/yang-data+json

Copy

Expand all Collapse all

{

"netgate-ipsec:encryption":
{
- "key": "string",
- "algorithm": "aes128gcm16"
}

}

removes netgate.ipsec.ipsecconfig.tunnel.crypto.manual.Encryption

delete /data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:manual/netgate-ipsec:encryption

Example URL

https://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:manual/netgate-ipsec:encryption

removes netgate.ipsec.ipsecconfig.tunnel.crypto.manual.Encryption

path Parameters

instance

required

integer <int64>

Id of tunnel

Responses

204

Object deleted

400

Internal error

Request samples

Go
javascript
Python
Shell

Copy

package main

import (
	"fmt"
	"net/http"
	"io/ioutil"
)

func main() {

	url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel=%7Binstance%7D/netgate-ipsec:crypto/netgate-ipsec:manual/netgate-ipsec:encryption"

	req, _ := http.NewRequest("DELETE", url, nil)

	res, _ := http.DefaultClient.Do(req)

	defer res.Body.Close()
	body, _ := ioutil.ReadAll(res.Body)

	fmt.Println(res)
	fmt.Println(string(body))

}

returns netgate.ipsec.ipsecconfig.tunnel.crypto.manual.Integrity

get /data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:manual/netgate-ipsec:integrity

Example URL

https://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:manual/netgate-ipsec:integrity

returns netgate.ipsec.ipsecconfig.tunnel.crypto.manual.Integrity

path Parameters

instance

required

integer <int64>

Id of tunnel

Responses

200

netgate.ipsec.ipsecconfig.tunnel.crypto.manual.Integrity

400

Internal error

Request samples

Go
javascript
Python
Shell

Copy

package main

import (
	"fmt"
	"net/http"
	"io/ioutil"
)

func main() {

	url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel=%7Binstance%7D/netgate-ipsec:crypto/netgate-ipsec:manual/netgate-ipsec:integrity"

	req, _ := http.NewRequest("GET", url, nil)

	res, _ := http.DefaultClient.Do(req)

	defer res.Body.Close()
	body, _ := ioutil.ReadAll(res.Body)

	fmt.Println(res)
	fmt.Println(string(body))

}

Response samples

Content type

application/yang-data+json

Copy

Expand all Collapse all

{

"netgate-ipsec:integrity":
{
- "key": "string",
- "algorithm": "md5"
}

}

creates netgate.ipsec.ipsecconfig.tunnel.crypto.manual.Integrity

post /data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:manual/netgate-ipsec:integrity

Example URL

https://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:manual/netgate-ipsec:integrity

creates netgate.ipsec.ipsecconfig.tunnel.crypto.manual.Integrity

path Parameters

instance

required

integer <int64>

Id of tunnel

Request Body schema: application/yang-data+json

netgate.ipsec.ipsecconfig.tunnel.crypto.manual.Integrity to be added to list

key	string
algorithm	string (netgate.ipsec.DataplaneEspIntegrityAlgorithmT) Enum: "md5" "sha1" "sha256" "sha384" "sha512"

Responses

201

Object created

400

Internal error

409

Object already exists

Request samples

Payload
Go
javascript
Python
Shell

Content type

application/yang-data+json

Copy

Expand all Collapse all

{

"key": "string",
"algorithm": "md5"

}

creates or updates netgate.ipsec.ipsecconfig.tunnel.crypto.manual.Integrity

put /data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:manual/netgate-ipsec:integrity

Example URL

https://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:manual/netgate-ipsec:integrity

creates or updates netgate.ipsec.ipsecconfig.tunnel.crypto.manual.Integrity

path Parameters

instance

required

integer <int64>

Id of tunnel

Request Body schema: application/yang-data+json

netgate.ipsec.ipsecconfig.tunnel.crypto.manual.Integrity to be added or updated

netgate-ipsec:integrity

object (netgate.ipsec.ipsecconfig.tunnel.crypto.manual.Integrity)

Responses

201

Object created

204

Object modified

400

Internal error

Request samples

Payload
Go
javascript
Python
Shell

Content type

application/yang-data+json

Copy

Expand all Collapse all

{

"netgate-ipsec:integrity":
{
- "key": "string",
- "algorithm": "md5"
}

}

removes netgate.ipsec.ipsecconfig.tunnel.crypto.manual.Integrity

delete /data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:manual/netgate-ipsec:integrity

Example URL

https://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}/netgate-ipsec:crypto/netgate-ipsec:manual/netgate-ipsec:integrity

removes netgate.ipsec.ipsecconfig.tunnel.crypto.manual.Integrity

path Parameters

instance

required

integer <int64>

Id of tunnel

Responses

204

Object deleted

400

Internal error

Request samples

Go
javascript
Python
Shell

Copy

package main

import (
	"fmt"
	"net/http"
	"io/ioutil"
)

func main() {

	url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel=%7Binstance%7D/netgate-ipsec:crypto/netgate-ipsec:manual/netgate-ipsec:integrity"

	req, _ := http.NewRequest("DELETE", url, nil)

	res, _ := http.DefaultClient.Do(req)

	defer res.Body.Close()
	body, _ := ioutil.ReadAll(res.Body)

	fmt.Println(res)
	fmt.Println(string(body))

}

ipsec-state

returns netgate.ipsec.IpsecState

get /data/netgate-ipsec:ipsec-state

Example URL

https://hostname/restconf/data/netgate-ipsec:ipsec-state

Operational state data for IPsec.

Responses

200

netgate.ipsec.IpsecState

400

Internal error

Request samples

Go
javascript
Python
Shell

Copy

package main

import (
	"fmt"
	"net/http"
	"io/ioutil"
)

func main() {

	url := "http://hostname/restconf/data/netgate-ipsec:ipsec-state"

	req, _ := http.NewRequest("GET", url, nil)

	res, _ := http.DefaultClient.Do(req)

	defer res.Body.Close()
	body, _ := ioutil.ReadAll(res.Body)

	fmt.Println(res)
	fmt.Println(string(body))

}

Response samples

Content type

application/yang-data+json

Copy

Expand all Collapse all

{

"netgate-ipsec:ipsec-state":
{
- "tunnel":
  [
  - {
    "instance": 0,
    "ike-sa":
    [
    {
    "remote-addr": "string",
    "child-sa":
    [
    {
    "name": "string",
    "sa":
    [
    {
    "unique-id": 0,
    "status":
    {
    "packets-sent": 0,
    "packets-received": 0,
    "expire-time": 0,
    "bytes-sent": 0,
    "state": "string",
    "rekey-time": 0,
    "bytes-received": 0,
    "age": 0
    },
    "crypto":
    {
    "outbound-spi": "string",
    "encryption-algorithm": "string",
    "encryption-keylen": 0,
    "dh-group": "string",
    "inbound-spi": "string",
    "integrity-algorithm": "string"
    }
    }
    ]
    }
    ],
    "ike-unique-id": 0,
    "local-addr": "string",
    "name": "string",
    "version": 0,
    "crypto":
    {
    "remote-id": "string",
    "prf-algorithm": "string",
    "encryption-algorithm": "string",
    "local-id": "string",
    "initiator": true,
    "encryption-keylen": 0,
    "initiator-spi": 0,
    "dh-group": "string",
    "responder-spi": 0,
    "integrity-algorithm": "string"
    },
    "status":
    {
    "reauth-time": 0,
    "state": "string",
    "rekey-time": 0,
    "age": 0
    }
    }
    ]
    }
  ]
}

}

returns netgate.ipsec.ipsecstate.Tunnel

get /data/netgate-ipsec:ipsec-state/netgate-ipsec:tunnel={instance}

Example URL

https://hostname/restconf/data/netgate-ipsec:ipsec-state/netgate-ipsec:tunnel={instance}

IPsec tunnel

path Parameters

instance

required

integer <int64>

Id of tunnel

Responses

200

netgate.ipsec.ipsecstate.Tunnel

400

Internal error

Request samples

Go
javascript
Python
Shell

Copy

package main

import (
	"fmt"
	"net/http"
	"io/ioutil"
)

func main() {

	url := "http://hostname/restconf/data/netgate-ipsec:ipsec-state/netgate-ipsec:tunnel=%7Binstance%7D"

	req, _ := http.NewRequest("GET", url, nil)

	res, _ := http.DefaultClient.Do(req)

	defer res.Body.Close()
	body, _ := ioutil.ReadAll(res.Body)

	fmt.Println(res)
	fmt.Println(string(body))

}

Response samples

Content type

application/yang-data+json

Copy

Expand all Collapse all

{

"netgate-ipsec:tunnel":
{
- "instance": 0,
- "ike-sa":
  [
  - {
    "remote-addr": "string",
    "child-sa":
    [
    {
    "name": "string",
    "sa":
    [
    {
    "unique-id": 0,
    "status":
    {
    "packets-sent": 0,
    "packets-received": 0,
    "expire-time": 0,
    "bytes-sent": 0,
    "state": "string",
    "rekey-time": 0,
    "bytes-received": 0,
    "age": 0
    },
    "crypto":
    {
    "outbound-spi": "string",
    "encryption-algorithm": "string",
    "encryption-keylen": 0,
    "dh-group": "string",
    "inbound-spi": "string",
    "integrity-algorithm": "string"
    }
    }
    ]
    }
    ],
    "ike-unique-id": 0,
    "local-addr": "string",
    "name": "string",
    "version": 0,
    "crypto":
    {
    "remote-id": "string",
    "prf-algorithm": "string",
    "encryption-algorithm": "string",
    "local-id": "string",
    "initiator": true,
    "encryption-keylen": 0,
    "initiator-spi": 0,
    "dh-group": "string",
    "responder-spi": 0,
    "integrity-algorithm": "string"
    },
    "status":
    {
    "reauth-time": 0,
    "state": "string",
    "rekey-time": 0,
    "age": 0
    }
    }
  ]
}

}

returns netgate.ipsec.ipsecstate.tunnel.IkeSa

get /data/netgate-ipsec:ipsec-state/netgate-ipsec:tunnel={instance}/netgate-ipsec:ike-sa={ike-unique-id}

Example URL

https://hostname/restconf/data/netgate-ipsec:ipsec-state/netgate-ipsec:tunnel={instance}/netgate-ipsec:ike-sa={ike-unique-id}

IKE SA

path Parameters

instance required	integer <int64> Id of tunnel
ike-unique-id required	integer <int64> Id of ike-sa

Responses

200

netgate.ipsec.ipsecstate.tunnel.IkeSa

400

Internal error

Request samples

Go
javascript
Python
Shell

Copy

package main

import (
	"fmt"
	"net/http"
	"io/ioutil"
)

func main() {

	url := "http://hostname/restconf/data/netgate-ipsec:ipsec-state/netgate-ipsec:tunnel=%7Binstance%7D/netgate-ipsec:ike-sa=%7Bike-unique-id%7D"

	req, _ := http.NewRequest("GET", url, nil)

	res, _ := http.DefaultClient.Do(req)

	defer res.Body.Close()
	body, _ := ioutil.ReadAll(res.Body)

	fmt.Println(res)
	fmt.Println(string(body))

}

Response samples

Content type

application/yang-data+json

Copy

Expand all Collapse all

{

"netgate-ipsec:ike-sa":
{
- "remote-addr": "string",
- "child-sa":
  [
  - {
    "name": "string",
    "sa":
    [
    {
    "unique-id": 0,
    "status":
    {
    "packets-sent": 0,
    "packets-received": 0,
    "expire-time": 0,
    "bytes-sent": 0,
    "state": "string",
    "rekey-time": 0,
    "bytes-received": 0,
    "age": 0
    },
    "crypto":
    {
    "outbound-spi": "string",
    "encryption-algorithm": "string",
    "encryption-keylen": 0,
    "dh-group": "string",
    "inbound-spi": "string",
    "integrity-algorithm": "string"
    }
    }
    ]
    }
  ],
- "ike-unique-id": 0,
- "local-addr": "string",
- "name": "string",
- "version": 0,
- "crypto":
  {
  - "remote-id": "string",
  - "prf-algorithm": "string",
  - "encryption-algorithm": "string",
  - "local-id": "string",
  - "initiator": true,
  - "encryption-keylen": 0,
  - "initiator-spi": 0,
  - "dh-group": "string",
  - "responder-spi": 0,
  - "integrity-algorithm": "string"
  },
- "status":
  {
  - "reauth-time": 0,
  - "state": "string",
  - "rekey-time": 0,
  - "age": 0
  }
}

}

returns netgate.ipsec.ipsecstate.tunnel.ikesa.ChildSa

get /data/netgate-ipsec:ipsec-state/netgate-ipsec:tunnel={instance}/netgate-ipsec:ike-sa={ike-unique-id}/netgate-ipsec:child-sa={name}

Example URL

https://hostname/restconf/data/netgate-ipsec:ipsec-state/netgate-ipsec:tunnel={instance}/netgate-ipsec:ike-sa={ike-unique-id}/netgate-ipsec:child-sa={name}

Child SA

path Parameters

instance required	integer <int64> Id of tunnel
ike-unique-id required	integer <int64> Id of ike-sa
name required	string Id of child-sa

Responses

200

netgate.ipsec.ipsecstate.tunnel.ikesa.ChildSa

400

Internal error

Request samples

Go
javascript
Python
Shell

Copy

package main

import (
	"fmt"
	"net/http"
	"io/ioutil"
)

func main() {

	url := "http://hostname/restconf/data/netgate-ipsec:ipsec-state/netgate-ipsec:tunnel=%7Binstance%7D/netgate-ipsec:ike-sa=%7Bike-unique-id%7D/netgate-ipsec:child-sa=%7Bname%7D"

	req, _ := http.NewRequest("GET", url, nil)

	res, _ := http.DefaultClient.Do(req)

	defer res.Body.Close()
	body, _ := ioutil.ReadAll(res.Body)

	fmt.Println(res)
	fmt.Println(string(body))

}

Response samples

Content type

application/yang-data+json

Copy

Expand all Collapse all

{

"netgate-ipsec:child-sa":
{
- "name": "string",
- "sa":
  [
  - {
    "unique-id": 0,
    "status":
    {
    "packets-sent": 0,
    "packets-received": 0,
    "expire-time": 0,
    "bytes-sent": 0,
    "state": "string",
    "rekey-time": 0,
    "bytes-received": 0,
    "age": 0
    },
    "crypto":
    {
    "outbound-spi": "string",
    "encryption-algorithm": "string",
    "encryption-keylen": 0,
    "dh-group": "string",
    "inbound-spi": "string",
    "integrity-algorithm": "string"
    }
    }
  ]
}

}

returns netgate.ipsec.ipsecstate.tunnel.ikesa.childsa.Sa

get /data/netgate-ipsec:ipsec-state/netgate-ipsec:tunnel={instance}/netgate-ipsec:ike-sa={ike-unique-id}/netgate-ipsec:child-sa={name}/netgate-ipsec:sa={unique-id}

Example URL

https://hostname/restconf/data/netgate-ipsec:ipsec-state/netgate-ipsec:tunnel={instance}/netgate-ipsec:ike-sa={ike-unique-id}/netgate-ipsec:child-sa={name}/netgate-ipsec:sa={unique-id}

Child SA instance

path Parameters

instance required	integer <int64> Id of tunnel
ike-unique-id required	integer <int64> Id of ike-sa
name required	string Id of child-sa
unique-id required	integer <int64> Id of sa

Responses

200

netgate.ipsec.ipsecstate.tunnel.ikesa.childsa.Sa

400

Internal error

Request samples

Go
javascript
Python
Shell

Copy

package main

import (
	"fmt"
	"net/http"
	"io/ioutil"
)

func main() {

	url := "http://hostname/restconf/data/netgate-ipsec:ipsec-state/netgate-ipsec:tunnel=%7Binstance%7D/netgate-ipsec:ike-sa=%7Bike-unique-id%7D/netgate-ipsec:child-sa=%7Bname%7D/netgate-ipsec:sa=%7Bunique-id%7D"

	req, _ := http.NewRequest("GET", url, nil)

	res, _ := http.DefaultClient.Do(req)

	defer res.Body.Close()
	body, _ := ioutil.ReadAll(res.Body)

	fmt.Println(res)
	fmt.Println(string(body))

}

Response samples

Content type

application/yang-data+json

Copy

Expand all Collapse all

{

"netgate-ipsec:sa":
{
- "unique-id": 0,
- "status":
  {
  - "packets-sent": 0,
  - "packets-received": 0,
  - "expire-time": 0,
  - "bytes-sent": 0,
  - "state": "string",
  - "rekey-time": 0,
  - "bytes-received": 0,
  - "age": 0
  },
- "crypto":
  {
  - "outbound-spi": "string",
  - "encryption-algorithm": "string",
  - "encryption-keylen": 0,
  - "dh-group": "string",
  - "inbound-spi": "string",
  - "integrity-algorithm": "string"
  }
}

}

returns netgate.ipsec.ipsecstate.tunnel.ikesa.childsa.sa.Crypto

get /data/netgate-ipsec:ipsec-state/netgate-ipsec:tunnel={instance}/netgate-ipsec:ike-sa={ike-unique-id}/netgate-ipsec:child-sa={name}/netgate-ipsec:sa={unique-id}/netgate-ipsec:crypto

Example URL

https://hostname/restconf/data/netgate-ipsec:ipsec-state/netgate-ipsec:tunnel={instance}/netgate-ipsec:ike-sa={ike-unique-id}/netgate-ipsec:child-sa={name}/netgate-ipsec:sa={unique-id}/netgate-ipsec:crypto

Cryptographic Parameters

path Parameters

instance required	integer <int64> Id of tunnel
ike-unique-id required	integer <int64> Id of ike-sa
name required	string Id of child-sa
unique-id required	integer <int64> Id of sa

Responses

200

netgate.ipsec.ipsecstate.tunnel.ikesa.childsa.sa.Crypto

400

Internal error

Request samples

Go
javascript
Python
Shell

Copy

package main

import (
	"fmt"
	"net/http"
	"io/ioutil"
)

func main() {

	url := "http://hostname/restconf/data/netgate-ipsec:ipsec-state/netgate-ipsec:tunnel=%7Binstance%7D/netgate-ipsec:ike-sa=%7Bike-unique-id%7D/netgate-ipsec:child-sa=%7Bname%7D/netgate-ipsec:sa=%7Bunique-id%7D/netgate-ipsec:crypto"

	req, _ := http.NewRequest("GET", url, nil)

	res, _ := http.DefaultClient.Do(req)

	defer res.Body.Close()
	body, _ := ioutil.ReadAll(res.Body)

	fmt.Println(res)
	fmt.Println(string(body))

}

Response samples

Content type

application/yang-data+json

Copy

Expand all Collapse all

{

"netgate-ipsec:crypto":
{
- "outbound-spi": "string",
- "encryption-algorithm": "string",
- "encryption-keylen": 0,
- "dh-group": "string",
- "inbound-spi": "string",
- "integrity-algorithm": "string"
}

}

returns netgate.ipsec.ipsecstate.tunnel.ikesa.childsa.sa.Status

get /data/netgate-ipsec:ipsec-state/netgate-ipsec:tunnel={instance}/netgate-ipsec:ike-sa={ike-unique-id}/netgate-ipsec:child-sa={name}/netgate-ipsec:sa={unique-id}/netgate-ipsec:status

Example URL

SA status

path Parameters

instance required	integer <int64> Id of tunnel
ike-unique-id required	integer <int64> Id of ike-sa
name required	string Id of child-sa
unique-id required	integer <int64> Id of sa

Responses

200

netgate.ipsec.ipsecstate.tunnel.ikesa.childsa.sa.Status

400

Internal error

Request samples

Go
javascript
Python
Shell

Copy

package main

import (
	"fmt"
	"net/http"
	"io/ioutil"
)

func main() {

	url := "http://hostname/restconf/data/netgate-ipsec:ipsec-state/netgate-ipsec:tunnel=%7Binstance%7D/netgate-ipsec:ike-sa=%7Bike-unique-id%7D/netgate-ipsec:child-sa=%7Bname%7D/netgate-ipsec:sa=%7Bunique-id%7D/netgate-ipsec:status"

	req, _ := http.NewRequest("GET", url, nil)

	res, _ := http.DefaultClient.Do(req)

	defer res.Body.Close()
	body, _ := ioutil.ReadAll(res.Body)

	fmt.Println(res)
	fmt.Println(string(body))

}

Response samples

Content type

application/yang-data+json

Copy

Expand all Collapse all

{

"netgate-ipsec:status":
{
- "packets-sent": 0,
- "packets-received": 0,
- "expire-time": 0,
- "bytes-sent": 0,
- "state": "string",
- "rekey-time": 0,
- "bytes-received": 0,
- "age": 0
}

}

returns netgate.ipsec.ipsecstate.tunnel.ikesa.Crypto

get /data/netgate-ipsec:ipsec-state/netgate-ipsec:tunnel={instance}/netgate-ipsec:ike-sa={ike-unique-id}/netgate-ipsec:crypto

Example URL

https://hostname/restconf/data/netgate-ipsec:ipsec-state/netgate-ipsec:tunnel={instance}/netgate-ipsec:ike-sa={ike-unique-id}/netgate-ipsec:crypto

Cryptographic Parameters

path Parameters

instance required	integer <int64> Id of tunnel
ike-unique-id required	integer <int64> Id of ike-sa

Responses

200

netgate.ipsec.ipsecstate.tunnel.ikesa.Crypto

400

Internal error

Request samples

Go
javascript
Python
Shell

Copy

package main

import (
	"fmt"
	"net/http"
	"io/ioutil"
)

func main() {

	url := "http://hostname/restconf/data/netgate-ipsec:ipsec-state/netgate-ipsec:tunnel=%7Binstance%7D/netgate-ipsec:ike-sa=%7Bike-unique-id%7D/netgate-ipsec:crypto"

	req, _ := http.NewRequest("GET", url, nil)

	res, _ := http.DefaultClient.Do(req)

	defer res.Body.Close()
	body, _ := ioutil.ReadAll(res.Body)

	fmt.Println(res)
	fmt.Println(string(body))

}

Response samples

Content type

application/yang-data+json

Copy

Expand all Collapse all

{

"netgate-ipsec:crypto":
{
- "remote-id": "string",
- "prf-algorithm": "string",
- "encryption-algorithm": "string",
- "local-id": "string",
- "initiator": true,
- "encryption-keylen": 0,
- "initiator-spi": 0,
- "dh-group": "string",
- "responder-spi": 0,
- "integrity-algorithm": "string"
}

}

returns netgate.ipsec.ipsecstate.tunnel.ikesa.Status

get /data/netgate-ipsec:ipsec-state/netgate-ipsec:tunnel={instance}/netgate-ipsec:ike-sa={ike-unique-id}/netgate-ipsec:status

Example URL

https://hostname/restconf/data/netgate-ipsec:ipsec-state/netgate-ipsec:tunnel={instance}/netgate-ipsec:ike-sa={ike-unique-id}/netgate-ipsec:status

SA status

path Parameters

instance required	integer <int64> Id of tunnel
ike-unique-id required	integer <int64> Id of ike-sa

Responses

200

netgate.ipsec.ipsecstate.tunnel.ikesa.Status

400

Internal error

Request samples

Go
javascript
Python
Shell

Copy

package main

import (
	"fmt"
	"net/http"
	"io/ioutil"
)

func main() {

	url := "http://hostname/restconf/data/netgate-ipsec:ipsec-state/netgate-ipsec:tunnel=%7Binstance%7D/netgate-ipsec:ike-sa=%7Bike-unique-id%7D/netgate-ipsec:status"

	req, _ := http.NewRequest("GET", url, nil)

	res, _ := http.DefaultClient.Do(req)

	defer res.Body.Close()
	body, _ := ioutil.ReadAll(res.Body)

	fmt.Println(res)
	fmt.Println(string(body))

}

Response samples

Content type

application/yang-data+json

Copy

Expand all Collapse all

{

"netgate-ipsec:status":
{
- "reauth-time": 0,
- "state": "string",
- "rekey-time": 0,
- "age": 0
}

}