This YANG module provides mappings of the CLI command structure to the underlying data-model elements for the Netgate router.
Copyright 2016-2023 Rubicon Communications, LLC.
package main import ( "fmt" "net/http" "io/ioutil" ) func main() { url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config" req, _ := http.NewRequest("GET", url, nil) res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := ioutil.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) }
{- "netgate-ipsec:ipsec-config": {
- "netgate-ipsec:global-options": {
- "netgate-ipsec:eap-radius": {
- "netgate-ipsec:server-group": "string",
- "netgate-ipsec:accounting": {
- "netgate-ipsec:interim-interval": 0,
- "netgate-ipsec:enabled": true
}
}
}, - "netgate-ipsec:tunnel": [
- {
- "netgate-ipsec:description": "string",
- "netgate-ipsec:remote-type": "gateway",
- "netgate-ipsec:tunnel-type": "interface",
- "netgate-ipsec:instance": 0,
- "netgate-ipsec:tunnel-enable": false,
- "netgate-ipsec:crypto": {
- "netgate-ipsec:manual": {
- "netgate-ipsec:encryption": {
- "netgate-ipsec:key": "string",
- "netgate-ipsec:algorithm": "aes128gcm16"
}, - "netgate-ipsec:protocol": "esp",
- "netgate-ipsec:integrity": {
- "netgate-ipsec:key": "string",
- "netgate-ipsec:algorithm": "sha1"
}
}, - "netgate-ipsec:ike": {
- "netgate-ipsec:role": "initiator-only",
- "netgate-ipsec:udp-encapsulation": false,
- "netgate-ipsec:unique-id-policy": "never",
- "netgate-ipsec:lifetime": 14400,
- "netgate-ipsec:mobike": "string",
- "netgate-ipsec:remote-access": {
- "netgate-ipsec:dns": {
- "netgate-ipsec:resolver": [
- {
- "netgate-ipsec:res-number": null,
- "netgate-ipsec:address": null
}
], - "netgate-ipsec:internal-domain": [
- {
- "netgate-ipsec:domain-name": null,
- "netgate-ipsec:domain-number": null
}
]
}, - "netgate-ipsec:address-pools": {
- "netgate-ipsec:radius": "string",
- "netgate-ipsec:ipv4-range": {
- "netgate-ipsec:first-address": "string",
- "netgate-ipsec:last-address": "string"
}, - "netgate-ipsec:ipv6-range": {
- "netgate-ipsec:first-address": "string",
- "netgate-ipsec:last-address": "string"
}
}
}, - "netgate-ipsec:dpd-poll-interval": 0,
- "netgate-ipsec:version": 2,
- "netgate-ipsec:key-renewal": "reauth",
- "netgate-ipsec:child-sa": [
- {
- "netgate-ipsec:proposal": [
- {
- "netgate-ipsec:name": null,
- "netgate-ipsec:sequence-number": null,
- "netgate-ipsec:encryption-algorithm": null,
- "netgate-ipsec:dh-group": null,
- "netgate-ipsec:integrity-algorithm": null
}
], - "netgate-ipsec:mode": "tunnel",
- "netgate-ipsec:protocol": "esp",
- "netgate-ipsec:lifetime": 3600,
- "netgate-ipsec:name": "string",
- "netgate-ipsec:traffic-selector": [
- {
- "netgate-ipsec:ts-number": null,
- "netgate-ipsec:local": null
}
], - "netgate-ipsec:replay-window": 0
}
], - "netgate-ipsec:identity": [
- {
- "netgate-ipsec:type": "none",
- "netgate-ipsec:value": "string",
- "netgate-ipsec:peer": "remote"
}
], - "netgate-ipsec:proposals": [
- {
- "netgate-ipsec:name": "string",
- "netgate-ipsec:encryption-algorithm": "aes128",
- "netgate-ipsec:prf": "prfsha1",
- "netgate-ipsec:dh-group": "modp768",
- "netgate-ipsec:integrity-algorithm": "sha1"
}
], - "netgate-ipsec:authentication": [
- {
- "netgate-ipsec:round": [
- {
- "netgate-ipsec:certificate": null,
- "netgate-ipsec:number": null,
- "netgate-ipsec:eap-radius": null,
- "netgate-ipsec:psk": null,
- "netgate-ipsec:eap-tls-ca-certificate": null,
- "netgate-ipsec:ca-certificate": null
}
], - "netgate-ipsec:peer": "remote"
}
]
}, - "netgate-ipsec:config-type": "ike"
}
}
]
}
}
Internet Key Exchange (IKE) configuration for IPsec.
netgate.ipsec.IpsecConfig to be added to list
object (netgate.ipsec.ipsecconfig.GlobalOptions) Global IPsec options. | |
Array of objects (netgate.ipsec.ipsecconfig.Tunnel) IPsec tunnel configurations |
{- "netgate-ipsec:global-options": {
- "netgate-ipsec:eap-radius": {
- "netgate-ipsec:server-group": "string",
- "netgate-ipsec:accounting": {
- "netgate-ipsec:interim-interval": 0,
- "netgate-ipsec:enabled": true
}
}
}, - "netgate-ipsec:tunnel": [
- {
- "netgate-ipsec:description": "string",
- "netgate-ipsec:remote-type": "gateway",
- "netgate-ipsec:tunnel-type": "interface",
- "netgate-ipsec:instance": 0,
- "netgate-ipsec:tunnel-enable": false,
- "netgate-ipsec:crypto": {
- "netgate-ipsec:manual": {
- "netgate-ipsec:encryption": {
- "netgate-ipsec:key": "string",
- "netgate-ipsec:algorithm": "aes128gcm16"
}, - "netgate-ipsec:protocol": "esp",
- "netgate-ipsec:integrity": {
- "netgate-ipsec:key": "string",
- "netgate-ipsec:algorithm": "sha1"
}
}, - "netgate-ipsec:ike": {
- "netgate-ipsec:role": "initiator-only",
- "netgate-ipsec:udp-encapsulation": false,
- "netgate-ipsec:unique-id-policy": "never",
- "netgate-ipsec:lifetime": 14400,
- "netgate-ipsec:mobike": "string",
- "netgate-ipsec:remote-access": {
- "netgate-ipsec:dns": {
- "netgate-ipsec:resolver": [
- {
- "netgate-ipsec:res-number": 0,
- "netgate-ipsec:address": "string"
}
], - "netgate-ipsec:internal-domain": [
- {
- "netgate-ipsec:domain-name": "string",
- "netgate-ipsec:domain-number": 0
}
]
}, - "netgate-ipsec:address-pools": {
- "netgate-ipsec:radius": "string",
- "netgate-ipsec:ipv4-range": {
- "netgate-ipsec:first-address": "string",
- "netgate-ipsec:last-address": "string"
}, - "netgate-ipsec:ipv6-range": {
- "netgate-ipsec:first-address": "string",
- "netgate-ipsec:last-address": "string"
}
}
}, - "netgate-ipsec:dpd-poll-interval": 0,
- "netgate-ipsec:version": 2,
- "netgate-ipsec:key-renewal": "reauth",
- "netgate-ipsec:child-sa": [
- {
- "netgate-ipsec:proposal": [
- {
- "netgate-ipsec:name": "string",
- "netgate-ipsec:sequence-number": "esn",
- "netgate-ipsec:encryption-algorithm": "aes128gcm16",
- "netgate-ipsec:dh-group": "modp768",
- "netgate-ipsec:integrity-algorithm": "sha1"
}
], - "netgate-ipsec:mode": "tunnel",
- "netgate-ipsec:protocol": "esp",
- "netgate-ipsec:lifetime": 3600,
- "netgate-ipsec:name": "string",
- "netgate-ipsec:traffic-selector": [
- {
- "netgate-ipsec:ts-number": 0,
- "netgate-ipsec:local": "string"
}
], - "netgate-ipsec:replay-window": 0
}
], - "netgate-ipsec:identity": [
- {
- "netgate-ipsec:type": "none",
- "netgate-ipsec:value": "string",
- "netgate-ipsec:peer": "remote"
}
], - "netgate-ipsec:proposals": [
- {
- "netgate-ipsec:name": "string",
- "netgate-ipsec:encryption-algorithm": "aes128",
- "netgate-ipsec:prf": "prfsha1",
- "netgate-ipsec:dh-group": "modp768",
- "netgate-ipsec:integrity-algorithm": "sha1"
}
], - "netgate-ipsec:authentication": [
- {
- "netgate-ipsec:round": [
- {
- "netgate-ipsec:certificate": "string",
- "netgate-ipsec:number": 0,
- "netgate-ipsec:eap-radius": "string",
- "netgate-ipsec:psk": "string",
- "netgate-ipsec:eap-tls-ca-certificate": "string",
- "netgate-ipsec:ca-certificate": "string"
}
], - "netgate-ipsec:peer": "remote"
}
]
}, - "netgate-ipsec:config-type": "ike"
}
}
]
}
Internet Key Exchange (IKE) configuration for IPsec.
netgate.ipsec.IpsecConfig to be added or updated
object (netgate.ipsec.IpsecConfig) Internet Key Exchange (IKE) configuration for IPsec. |
{- "netgate-ipsec:ipsec-config": {
- "netgate-ipsec:global-options": {
- "netgate-ipsec:eap-radius": {
- "netgate-ipsec:server-group": "string",
- "netgate-ipsec:accounting": {
- "netgate-ipsec:interim-interval": 0,
- "netgate-ipsec:enabled": true
}
}
}, - "netgate-ipsec:tunnel": [
- {
- "netgate-ipsec:description": "string",
- "netgate-ipsec:remote-type": "gateway",
- "netgate-ipsec:tunnel-type": "interface",
- "netgate-ipsec:instance": 0,
- "netgate-ipsec:tunnel-enable": false,
- "netgate-ipsec:crypto": {
- "netgate-ipsec:manual": {
- "netgate-ipsec:encryption": {
- "netgate-ipsec:key": "string",
- "netgate-ipsec:algorithm": "aes128gcm16"
}, - "netgate-ipsec:protocol": "esp",
- "netgate-ipsec:integrity": {
- "netgate-ipsec:key": "string",
- "netgate-ipsec:algorithm": "sha1"
}
}, - "netgate-ipsec:ike": {
- "netgate-ipsec:role": "initiator-only",
- "netgate-ipsec:udp-encapsulation": false,
- "netgate-ipsec:unique-id-policy": "never",
- "netgate-ipsec:lifetime": 14400,
- "netgate-ipsec:mobike": "string",
- "netgate-ipsec:remote-access": {
- "netgate-ipsec:dns": {
- "netgate-ipsec:resolver": [
- {
- "netgate-ipsec:res-number": null,
- "netgate-ipsec:address": null
}
], - "netgate-ipsec:internal-domain": [
- {
- "netgate-ipsec:domain-name": null,
- "netgate-ipsec:domain-number": null
}
]
}, - "netgate-ipsec:address-pools": {
- "netgate-ipsec:radius": "string",
- "netgate-ipsec:ipv4-range": {
- "netgate-ipsec:first-address": "string",
- "netgate-ipsec:last-address": "string"
}, - "netgate-ipsec:ipv6-range": {
- "netgate-ipsec:first-address": "string",
- "netgate-ipsec:last-address": "string"
}
}
}, - "netgate-ipsec:dpd-poll-interval": 0,
- "netgate-ipsec:version": 2,
- "netgate-ipsec:key-renewal": "reauth",
- "netgate-ipsec:child-sa": [
- {
- "netgate-ipsec:proposal": [
- {
- "netgate-ipsec:name": null,
- "netgate-ipsec:sequence-number": null,
- "netgate-ipsec:encryption-algorithm": null,
- "netgate-ipsec:dh-group": null,
- "netgate-ipsec:integrity-algorithm": null
}
], - "netgate-ipsec:mode": "tunnel",
- "netgate-ipsec:protocol": "esp",
- "netgate-ipsec:lifetime": 3600,
- "netgate-ipsec:name": "string",
- "netgate-ipsec:traffic-selector": [
- {
- "netgate-ipsec:ts-number": null,
- "netgate-ipsec:local": null
}
], - "netgate-ipsec:replay-window": 0
}
], - "netgate-ipsec:identity": [
- {
- "netgate-ipsec:type": "none",
- "netgate-ipsec:value": "string",
- "netgate-ipsec:peer": "remote"
}
], - "netgate-ipsec:proposals": [
- {
- "netgate-ipsec:name": "string",
- "netgate-ipsec:encryption-algorithm": "aes128",
- "netgate-ipsec:prf": "prfsha1",
- "netgate-ipsec:dh-group": "modp768",
- "netgate-ipsec:integrity-algorithm": "sha1"
}
], - "netgate-ipsec:authentication": [
- {
- "netgate-ipsec:round": [
- {
- "netgate-ipsec:certificate": null,
- "netgate-ipsec:number": null,
- "netgate-ipsec:eap-radius": null,
- "netgate-ipsec:psk": null,
- "netgate-ipsec:eap-tls-ca-certificate": null,
- "netgate-ipsec:ca-certificate": null
}
], - "netgate-ipsec:peer": "remote"
}
]
}, - "netgate-ipsec:config-type": "ike"
}
}
]
}
}
package main import ( "fmt" "net/http" "io/ioutil" ) func main() { url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config" req, _ := http.NewRequest("DELETE", url, nil) res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := ioutil.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) }
package main import ( "fmt" "net/http" "io/ioutil" ) func main() { url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/global-options" req, _ := http.NewRequest("GET", url, nil) res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := ioutil.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) }
{- "netgate-ipsec:global-options": {
- "netgate-ipsec:eap-radius": {
- "netgate-ipsec:server-group": "string",
- "netgate-ipsec:accounting": {
- "netgate-ipsec:interim-interval": 0,
- "netgate-ipsec:enabled": true
}
}
}
}
Global IPsec options.
netgate.ipsec.ipsecconfig.GlobalOptions to be added to list
object (netgate.ipsec.ipsecconfig.globaloptions.EapRadius) EAP-RADIUS plugin settings. |
{- "netgate-ipsec:eap-radius": {
- "netgate-ipsec:server-group": "string",
- "netgate-ipsec:accounting": {
- "netgate-ipsec:interim-interval": 0,
- "netgate-ipsec:enabled": true
}
}
}
Global IPsec options.
netgate.ipsec.ipsecconfig.GlobalOptions to be added or updated
object (netgate.ipsec.ipsecconfig.GlobalOptions) Global IPsec options. |
{- "netgate-ipsec:global-options": {
- "netgate-ipsec:eap-radius": {
- "netgate-ipsec:server-group": "string",
- "netgate-ipsec:accounting": {
- "netgate-ipsec:interim-interval": 0,
- "netgate-ipsec:enabled": true
}
}
}
}
package main import ( "fmt" "net/http" "io/ioutil" ) func main() { url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/global-options" req, _ := http.NewRequest("DELETE", url, nil) res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := ioutil.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) }
package main import ( "fmt" "net/http" "io/ioutil" ) func main() { url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/global-options/eap-radius" req, _ := http.NewRequest("GET", url, nil) res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := ioutil.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) }
{- "netgate-ipsec:eap-radius": {
- "netgate-ipsec:server-group": "string",
- "netgate-ipsec:accounting": {
- "netgate-ipsec:interim-interval": 0,
- "netgate-ipsec:enabled": true
}
}
}
EAP-RADIUS plugin settings.
netgate.ipsec.ipsecconfig.globaloptions.EapRadius to be added to list
netgate-ipsec:server-group | string The RADIUS server group for IPsec. |
object (netgate.ipsec.ipsecconfig.globaloptions.eapradius.Accounting) RADIUS accounting settings. |
{- "netgate-ipsec:server-group": "string",
- "netgate-ipsec:accounting": {
- "netgate-ipsec:interim-interval": 0,
- "netgate-ipsec:enabled": true
}
}
EAP-RADIUS plugin settings.
netgate.ipsec.ipsecconfig.globaloptions.EapRadius to be added or updated
object (netgate.ipsec.ipsecconfig.globaloptions.EapRadius) EAP-RADIUS plugin settings. |
{- "netgate-ipsec:eap-radius": {
- "netgate-ipsec:server-group": "string",
- "netgate-ipsec:accounting": {
- "netgate-ipsec:interim-interval": 0,
- "netgate-ipsec:enabled": true
}
}
}
package main import ( "fmt" "net/http" "io/ioutil" ) func main() { url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/global-options/eap-radius" req, _ := http.NewRequest("DELETE", url, nil) res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := ioutil.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) }
RADIUS accounting settings.
package main import ( "fmt" "net/http" "io/ioutil" ) func main() { url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/global-options/eap-radius/accounting" req, _ := http.NewRequest("GET", url, nil) res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := ioutil.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) }
{- "netgate-ipsec:accounting": {
- "netgate-ipsec:interim-interval": 0,
- "netgate-ipsec:enabled": true
}
}
RADIUS accounting settings.
netgate.ipsec.ipsecconfig.globaloptions.eapradius.Accounting to be added to list
netgate-ipsec:interim-interval | integer <int32> Seconds between interim updates. |
netgate-ipsec:enabled | boolean If true, send accounting packets for remote access IPsec tunnels. |
{- "netgate-ipsec:interim-interval": 0,
- "netgate-ipsec:enabled": true
}
RADIUS accounting settings.
netgate.ipsec.ipsecconfig.globaloptions.eapradius.Accounting to be added or updated
object (netgate.ipsec.ipsecconfig.globaloptions.eapradius.Accounting) RADIUS accounting settings. |
{- "netgate-ipsec:accounting": {
- "netgate-ipsec:interim-interval": 0,
- "netgate-ipsec:enabled": true
}
}
RADIUS accounting settings.
package main import ( "fmt" "net/http" "io/ioutil" ) func main() { url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/global-options/eap-radius/accounting" req, _ := http.NewRequest("DELETE", url, nil) res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := ioutil.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) }
IPsec tunnel configurations
netgate.ipsec.ipsecconfig.Tunnel to be added to list
netgate-ipsec:description | string IPsec tunnel description |
netgate-ipsec:remote-type | string (netgate.ipsec.RemoteType) Enum: "gateway" "endpoint" |
netgate-ipsec:tunnel-type | string (netgate.ipsec.TunnelType) Value: "interface" |
netgate-ipsec:instance | integer <int64> Numeric identifier of tunnel |
netgate-ipsec:tunnel-enable | boolean Default: false |
object (netgate.ipsec.ipsecconfig.tunnel.Crypto) Tunnel cryptographic settings |
{- "netgate-ipsec:description": "string",
- "netgate-ipsec:remote-type": "gateway",
- "netgate-ipsec:tunnel-type": "interface",
- "netgate-ipsec:instance": 0,
- "netgate-ipsec:tunnel-enable": false,
- "netgate-ipsec:crypto": {
- "netgate-ipsec:manual": {
- "netgate-ipsec:encryption": {
- "netgate-ipsec:key": "string",
- "netgate-ipsec:algorithm": "aes128gcm16"
}, - "netgate-ipsec:protocol": "esp",
- "netgate-ipsec:integrity": {
- "netgate-ipsec:key": "string",
- "netgate-ipsec:algorithm": "sha1"
}
}, - "netgate-ipsec:ike": {
- "netgate-ipsec:role": "initiator-only",
- "netgate-ipsec:udp-encapsulation": false,
- "netgate-ipsec:unique-id-policy": "never",
- "netgate-ipsec:lifetime": 14400,
- "netgate-ipsec:mobike": "string",
- "netgate-ipsec:remote-access": {
- "netgate-ipsec:dns": {
- "netgate-ipsec:resolver": [
- {
- "netgate-ipsec:res-number": 0,
- "netgate-ipsec:address": "string"
}
], - "netgate-ipsec:internal-domain": [
- {
- "netgate-ipsec:domain-name": "string",
- "netgate-ipsec:domain-number": 0
}
]
}, - "netgate-ipsec:address-pools": {
- "netgate-ipsec:radius": "string",
- "netgate-ipsec:ipv4-range": {
- "netgate-ipsec:first-address": "string",
- "netgate-ipsec:last-address": "string"
}, - "netgate-ipsec:ipv6-range": {
- "netgate-ipsec:first-address": "string",
- "netgate-ipsec:last-address": "string"
}
}
}, - "netgate-ipsec:dpd-poll-interval": 0,
- "netgate-ipsec:version": 2,
- "netgate-ipsec:key-renewal": "reauth",
- "netgate-ipsec:child-sa": [
- {
- "netgate-ipsec:proposal": [
- {
- "netgate-ipsec:name": "string",
- "netgate-ipsec:sequence-number": "esn",
- "netgate-ipsec:encryption-algorithm": "aes128gcm16",
- "netgate-ipsec:dh-group": "modp768",
- "netgate-ipsec:integrity-algorithm": "sha1"
}
], - "netgate-ipsec:mode": "tunnel",
- "netgate-ipsec:protocol": "esp",
- "netgate-ipsec:lifetime": 3600,
- "netgate-ipsec:name": "string",
- "netgate-ipsec:traffic-selector": [
- {
- "netgate-ipsec:ts-number": 0,
- "netgate-ipsec:local": "string"
}
], - "netgate-ipsec:replay-window": 0
}
], - "netgate-ipsec:identity": [
- {
- "netgate-ipsec:type": "none",
- "netgate-ipsec:value": "string",
- "netgate-ipsec:peer": "remote"
}
], - "netgate-ipsec:proposals": [
- {
- "netgate-ipsec:name": "string",
- "netgate-ipsec:encryption-algorithm": "aes128",
- "netgate-ipsec:prf": "prfsha1",
- "netgate-ipsec:dh-group": "modp768",
- "netgate-ipsec:integrity-algorithm": "sha1"
}
], - "netgate-ipsec:authentication": [
- {
- "netgate-ipsec:round": [
- {
- "netgate-ipsec:certificate": "string",
- "netgate-ipsec:number": 0,
- "netgate-ipsec:eap-radius": "string",
- "netgate-ipsec:psk": "string",
- "netgate-ipsec:eap-tls-ca-certificate": "string",
- "netgate-ipsec:ca-certificate": "string"
}
], - "netgate-ipsec:peer": "remote"
}
]
}, - "netgate-ipsec:config-type": "ike"
}
}
IPsec tunnel configurations
instance required | integer <int64> Id of tunnel |
package main import ( "fmt" "net/http" "io/ioutil" ) func main() { url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/tunnel=%7Binstance%7D" req, _ := http.NewRequest("GET", url, nil) res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := ioutil.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) }
{- "netgate-ipsec:tunnel": {
- "netgate-ipsec:description": "string",
- "netgate-ipsec:remote-type": "gateway",
- "netgate-ipsec:tunnel-type": "interface",
- "netgate-ipsec:instance": 0,
- "netgate-ipsec:tunnel-enable": false,
- "netgate-ipsec:crypto": {
- "netgate-ipsec:manual": {
- "netgate-ipsec:encryption": {
- "netgate-ipsec:key": "string",
- "netgate-ipsec:algorithm": "aes128gcm16"
}, - "netgate-ipsec:protocol": "esp",
- "netgate-ipsec:integrity": {
- "netgate-ipsec:key": "string",
- "netgate-ipsec:algorithm": "sha1"
}
}, - "netgate-ipsec:ike": {
- "netgate-ipsec:role": "initiator-only",
- "netgate-ipsec:udp-encapsulation": false,
- "netgate-ipsec:unique-id-policy": "never",
- "netgate-ipsec:lifetime": 14400,
- "netgate-ipsec:mobike": "string",
- "netgate-ipsec:remote-access": {
- "netgate-ipsec:dns": {
- "netgate-ipsec:resolver": [
- {
- "netgate-ipsec:res-number": 0,
- "netgate-ipsec:address": "string"
}
], - "netgate-ipsec:internal-domain": [
- {
- "netgate-ipsec:domain-name": "string",
- "netgate-ipsec:domain-number": 0
}
]
}, - "netgate-ipsec:address-pools": {
- "netgate-ipsec:radius": "string",
- "netgate-ipsec:ipv4-range": {
- "netgate-ipsec:first-address": "string",
- "netgate-ipsec:last-address": "string"
}, - "netgate-ipsec:ipv6-range": {
- "netgate-ipsec:first-address": "string",
- "netgate-ipsec:last-address": "string"
}
}
}, - "netgate-ipsec:dpd-poll-interval": 0,
- "netgate-ipsec:version": 2,
- "netgate-ipsec:key-renewal": "reauth",
- "netgate-ipsec:child-sa": [
- {
- "netgate-ipsec:proposal": [
- {
- "netgate-ipsec:name": "string",
- "netgate-ipsec:sequence-number": "esn",
- "netgate-ipsec:encryption-algorithm": "aes128gcm16",
- "netgate-ipsec:dh-group": "modp768",
- "netgate-ipsec:integrity-algorithm": "sha1"
}
], - "netgate-ipsec:mode": "tunnel",
- "netgate-ipsec:protocol": "esp",
- "netgate-ipsec:lifetime": 3600,
- "netgate-ipsec:name": "string",
- "netgate-ipsec:traffic-selector": [
- {
- "netgate-ipsec:ts-number": 0,
- "netgate-ipsec:local": "string"
}
], - "netgate-ipsec:replay-window": 0
}
], - "netgate-ipsec:identity": [
- {
- "netgate-ipsec:type": "none",
- "netgate-ipsec:value": "string",
- "netgate-ipsec:peer": "remote"
}
], - "netgate-ipsec:proposals": [
- {
- "netgate-ipsec:name": "string",
- "netgate-ipsec:encryption-algorithm": "aes128",
- "netgate-ipsec:prf": "prfsha1",
- "netgate-ipsec:dh-group": "modp768",
- "netgate-ipsec:integrity-algorithm": "sha1"
}
], - "netgate-ipsec:authentication": [
- {
- "netgate-ipsec:round": [
- {
- "netgate-ipsec:certificate": "string",
- "netgate-ipsec:number": 0,
- "netgate-ipsec:eap-radius": "string",
- "netgate-ipsec:psk": "string",
- "netgate-ipsec:eap-tls-ca-certificate": "string",
- "netgate-ipsec:ca-certificate": "string"
}
], - "netgate-ipsec:peer": "remote"
}
]
}, - "netgate-ipsec:config-type": "ike"
}
}
}
IPsec tunnel configurations
instance required | integer <int64> Id of tunnel |
netgate.ipsec.ipsecconfig.Tunnel to be added or updated
object (netgate.ipsec.ipsecconfig.Tunnel) IPsec tunnel configurations |
{- "netgate-ipsec:tunnel": {
- "netgate-ipsec:description": "string",
- "netgate-ipsec:remote-type": "gateway",
- "netgate-ipsec:tunnel-type": "interface",
- "netgate-ipsec:instance": 0,
- "netgate-ipsec:tunnel-enable": false,
- "netgate-ipsec:crypto": {
- "netgate-ipsec:manual": {
- "netgate-ipsec:encryption": {
- "netgate-ipsec:key": "string",
- "netgate-ipsec:algorithm": "aes128gcm16"
}, - "netgate-ipsec:protocol": "esp",
- "netgate-ipsec:integrity": {
- "netgate-ipsec:key": "string",
- "netgate-ipsec:algorithm": "sha1"
}
}, - "netgate-ipsec:ike": {
- "netgate-ipsec:role": "initiator-only",
- "netgate-ipsec:udp-encapsulation": false,
- "netgate-ipsec:unique-id-policy": "never",
- "netgate-ipsec:lifetime": 14400,
- "netgate-ipsec:mobike": "string",
- "netgate-ipsec:remote-access": {
- "netgate-ipsec:dns": {
- "netgate-ipsec:resolver": [
- {
- "netgate-ipsec:res-number": 0,
- "netgate-ipsec:address": "string"
}
], - "netgate-ipsec:internal-domain": [
- {
- "netgate-ipsec:domain-name": "string",
- "netgate-ipsec:domain-number": 0
}
]
}, - "netgate-ipsec:address-pools": {
- "netgate-ipsec:radius": "string",
- "netgate-ipsec:ipv4-range": {
- "netgate-ipsec:first-address": "string",
- "netgate-ipsec:last-address": "string"
}, - "netgate-ipsec:ipv6-range": {
- "netgate-ipsec:first-address": "string",
- "netgate-ipsec:last-address": "string"
}
}
}, - "netgate-ipsec:dpd-poll-interval": 0,
- "netgate-ipsec:version": 2,
- "netgate-ipsec:key-renewal": "reauth",
- "netgate-ipsec:child-sa": [
- {
- "netgate-ipsec:proposal": [
- {
- "netgate-ipsec:name": "string",
- "netgate-ipsec:sequence-number": "esn",
- "netgate-ipsec:encryption-algorithm": "aes128gcm16",
- "netgate-ipsec:dh-group": "modp768",
- "netgate-ipsec:integrity-algorithm": "sha1"
}
], - "netgate-ipsec:mode": "tunnel",
- "netgate-ipsec:protocol": "esp",
- "netgate-ipsec:lifetime": 3600,
- "netgate-ipsec:name": "string",
- "netgate-ipsec:traffic-selector": [
- {
- "netgate-ipsec:ts-number": 0,
- "netgate-ipsec:local": "string"
}
], - "netgate-ipsec:replay-window": 0
}
], - "netgate-ipsec:identity": [
- {
- "netgate-ipsec:type": "none",
- "netgate-ipsec:value": "string",
- "netgate-ipsec:peer": "remote"
}
], - "netgate-ipsec:proposals": [
- {
- "netgate-ipsec:name": "string",
- "netgate-ipsec:encryption-algorithm": "aes128",
- "netgate-ipsec:prf": "prfsha1",
- "netgate-ipsec:dh-group": "modp768",
- "netgate-ipsec:integrity-algorithm": "sha1"
}
], - "netgate-ipsec:authentication": [
- {
- "netgate-ipsec:round": [
- {
- "netgate-ipsec:certificate": "string",
- "netgate-ipsec:number": 0,
- "netgate-ipsec:eap-radius": "string",
- "netgate-ipsec:psk": "string",
- "netgate-ipsec:eap-tls-ca-certificate": "string",
- "netgate-ipsec:ca-certificate": "string"
}
], - "netgate-ipsec:peer": "remote"
}
]
}, - "netgate-ipsec:config-type": "ike"
}
}
}
IPsec tunnel configurations
instance required | integer <int64> Id of tunnel |
package main import ( "fmt" "net/http" "io/ioutil" ) func main() { url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/tunnel=%7Binstance%7D" req, _ := http.NewRequest("DELETE", url, nil) res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := ioutil.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) }
Tunnel cryptographic settings
instance required | integer <int64> Id of tunnel |
package main import ( "fmt" "net/http" "io/ioutil" ) func main() { url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/tunnel=%7Binstance%7D/crypto" req, _ := http.NewRequest("GET", url, nil) res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := ioutil.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) }
{- "netgate-ipsec:crypto": {
- "netgate-ipsec:manual": {
- "netgate-ipsec:encryption": {
- "netgate-ipsec:key": "string",
- "netgate-ipsec:algorithm": "aes128gcm16"
}, - "netgate-ipsec:protocol": "esp",
- "netgate-ipsec:integrity": {
- "netgate-ipsec:key": "string",
- "netgate-ipsec:algorithm": "sha1"
}
}, - "netgate-ipsec:ike": {
- "netgate-ipsec:role": "initiator-only",
- "netgate-ipsec:udp-encapsulation": false,
- "netgate-ipsec:unique-id-policy": "never",
- "netgate-ipsec:lifetime": 14400,
- "netgate-ipsec:mobike": "string",
- "netgate-ipsec:remote-access": {
- "netgate-ipsec:dns": {
- "netgate-ipsec:resolver": [
- {
- "netgate-ipsec:res-number": 0,
- "netgate-ipsec:address": "string"
}
], - "netgate-ipsec:internal-domain": [
- {
- "netgate-ipsec:domain-name": "string",
- "netgate-ipsec:domain-number": 0
}
]
}, - "netgate-ipsec:address-pools": {
- "netgate-ipsec:radius": "string",
- "netgate-ipsec:ipv4-range": {
- "netgate-ipsec:first-address": "string",
- "netgate-ipsec:last-address": "string"
}, - "netgate-ipsec:ipv6-range": {
- "netgate-ipsec:first-address": "string",
- "netgate-ipsec:last-address": "string"
}
}
}, - "netgate-ipsec:dpd-poll-interval": 0,
- "netgate-ipsec:version": 2,
- "netgate-ipsec:key-renewal": "reauth",
- "netgate-ipsec:child-sa": [
- {
- "netgate-ipsec:proposal": [
- {
- "netgate-ipsec:name": "string",
- "netgate-ipsec:sequence-number": "esn",
- "netgate-ipsec:encryption-algorithm": "aes128gcm16",
- "netgate-ipsec:dh-group": "modp768",
- "netgate-ipsec:integrity-algorithm": "sha1"
}
], - "netgate-ipsec:mode": "tunnel",
- "netgate-ipsec:protocol": "esp",
- "netgate-ipsec:lifetime": 3600,
- "netgate-ipsec:name": "string",
- "netgate-ipsec:traffic-selector": [
- {
- "netgate-ipsec:ts-number": 0,
- "netgate-ipsec:local": "string"
}
], - "netgate-ipsec:replay-window": 0
}
], - "netgate-ipsec:identity": [
- {
- "netgate-ipsec:type": "none",
- "netgate-ipsec:value": "string",
- "netgate-ipsec:peer": "remote"
}
], - "netgate-ipsec:proposals": [
- {
- "netgate-ipsec:name": "string",
- "netgate-ipsec:encryption-algorithm": "aes128",
- "netgate-ipsec:prf": "prfsha1",
- "netgate-ipsec:dh-group": "modp768",
- "netgate-ipsec:integrity-algorithm": "sha1"
}
], - "netgate-ipsec:authentication": [
- {
- "netgate-ipsec:round": [
- {
- "netgate-ipsec:certificate": "string",
- "netgate-ipsec:number": 0,
- "netgate-ipsec:eap-radius": "string",
- "netgate-ipsec:psk": "string",
- "netgate-ipsec:eap-tls-ca-certificate": "string",
- "netgate-ipsec:ca-certificate": "string"
}
], - "netgate-ipsec:peer": "remote"
}
]
}, - "netgate-ipsec:config-type": "ike"
}
}
Tunnel cryptographic settings
instance required | integer <int64> Id of tunnel |
netgate.ipsec.ipsecconfig.tunnel.Crypto to be added to list
object (netgate.ipsec.ipsecconfig.tunnel.crypto.Manual) | |
object (netgate.ipsec.ipsecconfig.tunnel.crypto.Ike) | |
netgate-ipsec:config-type | string (netgate.ipsec.ConfigType) Enum: "ike" "manual" |
{- "netgate-ipsec:manual": {
- "netgate-ipsec:encryption": {
- "netgate-ipsec:key": "string",
- "netgate-ipsec:algorithm": "aes128gcm16"
}, - "netgate-ipsec:protocol": "esp",
- "netgate-ipsec:integrity": {
- "netgate-ipsec:key": "string",
- "netgate-ipsec:algorithm": "sha1"
}
}, - "netgate-ipsec:ike": {
- "netgate-ipsec:role": "initiator-only",
- "netgate-ipsec:udp-encapsulation": false,
- "netgate-ipsec:unique-id-policy": "never",
- "netgate-ipsec:lifetime": 14400,
- "netgate-ipsec:mobike": "string",
- "netgate-ipsec:remote-access": {
- "netgate-ipsec:dns": {
- "netgate-ipsec:resolver": [
- {
- "netgate-ipsec:res-number": 0,
- "netgate-ipsec:address": "string"
}
], - "netgate-ipsec:internal-domain": [
- {
- "netgate-ipsec:domain-name": "string",
- "netgate-ipsec:domain-number": 0
}
]
}, - "netgate-ipsec:address-pools": {
- "netgate-ipsec:radius": "string",
- "netgate-ipsec:ipv4-range": {
- "netgate-ipsec:first-address": "string",
- "netgate-ipsec:last-address": "string"
}, - "netgate-ipsec:ipv6-range": {
- "netgate-ipsec:first-address": "string",
- "netgate-ipsec:last-address": "string"
}
}
}, - "netgate-ipsec:dpd-poll-interval": 0,
- "netgate-ipsec:version": 2,
- "netgate-ipsec:key-renewal": "reauth",
- "netgate-ipsec:child-sa": [
- {
- "netgate-ipsec:proposal": [
- {
- "netgate-ipsec:name": "string",
- "netgate-ipsec:sequence-number": "esn",
- "netgate-ipsec:encryption-algorithm": "aes128gcm16",
- "netgate-ipsec:dh-group": "modp768",
- "netgate-ipsec:integrity-algorithm": "sha1"
}
], - "netgate-ipsec:mode": "tunnel",
- "netgate-ipsec:protocol": "esp",
- "netgate-ipsec:lifetime": 3600,
- "netgate-ipsec:name": "string",
- "netgate-ipsec:traffic-selector": [
- {
- "netgate-ipsec:ts-number": 0,
- "netgate-ipsec:local": "string"
}
], - "netgate-ipsec:replay-window": 0
}
], - "netgate-ipsec:identity": [
- {
- "netgate-ipsec:type": "none",
- "netgate-ipsec:value": "string",
- "netgate-ipsec:peer": "remote"
}
], - "netgate-ipsec:proposals": [
- {
- "netgate-ipsec:name": "string",
- "netgate-ipsec:encryption-algorithm": "aes128",
- "netgate-ipsec:prf": "prfsha1",
- "netgate-ipsec:dh-group": "modp768",
- "netgate-ipsec:integrity-algorithm": "sha1"
}
], - "netgate-ipsec:authentication": [
- {
- "netgate-ipsec:round": [
- {
- "netgate-ipsec:certificate": "string",
- "netgate-ipsec:number": 0,
- "netgate-ipsec:eap-radius": "string",
- "netgate-ipsec:psk": "string",
- "netgate-ipsec:eap-tls-ca-certificate": "string",
- "netgate-ipsec:ca-certificate": "string"
}
], - "netgate-ipsec:peer": "remote"
}
]
}, - "netgate-ipsec:config-type": "ike"
}
Tunnel cryptographic settings
instance required | integer <int64> Id of tunnel |
netgate.ipsec.ipsecconfig.tunnel.Crypto to be added or updated
object (netgate.ipsec.ipsecconfig.tunnel.Crypto) Tunnel cryptographic settings |
{- "netgate-ipsec:crypto": {
- "netgate-ipsec:manual": {
- "netgate-ipsec:encryption": {
- "netgate-ipsec:key": "string",
- "netgate-ipsec:algorithm": "aes128gcm16"
}, - "netgate-ipsec:protocol": "esp",
- "netgate-ipsec:integrity": {
- "netgate-ipsec:key": "string",
- "netgate-ipsec:algorithm": "sha1"
}
}, - "netgate-ipsec:ike": {
- "netgate-ipsec:role": "initiator-only",
- "netgate-ipsec:udp-encapsulation": false,
- "netgate-ipsec:unique-id-policy": "never",
- "netgate-ipsec:lifetime": 14400,
- "netgate-ipsec:mobike": "string",
- "netgate-ipsec:remote-access": {
- "netgate-ipsec:dns": {
- "netgate-ipsec:resolver": [
- {
- "netgate-ipsec:res-number": 0,
- "netgate-ipsec:address": "string"
}
], - "netgate-ipsec:internal-domain": [
- {
- "netgate-ipsec:domain-name": "string",
- "netgate-ipsec:domain-number": 0
}
]
}, - "netgate-ipsec:address-pools": {
- "netgate-ipsec:radius": "string",
- "netgate-ipsec:ipv4-range": {
- "netgate-ipsec:first-address": "string",
- "netgate-ipsec:last-address": "string"
}, - "netgate-ipsec:ipv6-range": {
- "netgate-ipsec:first-address": "string",
- "netgate-ipsec:last-address": "string"
}
}
}, - "netgate-ipsec:dpd-poll-interval": 0,
- "netgate-ipsec:version": 2,
- "netgate-ipsec:key-renewal": "reauth",
- "netgate-ipsec:child-sa": [
- {
- "netgate-ipsec:proposal": [
- {
- "netgate-ipsec:name": "string",
- "netgate-ipsec:sequence-number": "esn",
- "netgate-ipsec:encryption-algorithm": "aes128gcm16",
- "netgate-ipsec:dh-group": "modp768",
- "netgate-ipsec:integrity-algorithm": "sha1"
}
], - "netgate-ipsec:mode": "tunnel",
- "netgate-ipsec:protocol": "esp",
- "netgate-ipsec:lifetime": 3600,
- "netgate-ipsec:name": "string",
- "netgate-ipsec:traffic-selector": [
- {
- "netgate-ipsec:ts-number": 0,
- "netgate-ipsec:local": "string"
}
], - "netgate-ipsec:replay-window": 0
}
], - "netgate-ipsec:identity": [
- {
- "netgate-ipsec:type": "none",
- "netgate-ipsec:value": "string",
- "netgate-ipsec:peer": "remote"
}
], - "netgate-ipsec:proposals": [
- {
- "netgate-ipsec:name": "string",
- "netgate-ipsec:encryption-algorithm": "aes128",
- "netgate-ipsec:prf": "prfsha1",
- "netgate-ipsec:dh-group": "modp768",
- "netgate-ipsec:integrity-algorithm": "sha1"
}
], - "netgate-ipsec:authentication": [
- {
- "netgate-ipsec:round": [
- {
- "netgate-ipsec:certificate": "string",
- "netgate-ipsec:number": 0,
- "netgate-ipsec:eap-radius": "string",
- "netgate-ipsec:psk": "string",
- "netgate-ipsec:eap-tls-ca-certificate": "string",
- "netgate-ipsec:ca-certificate": "string"
}
], - "netgate-ipsec:peer": "remote"
}
]
}, - "netgate-ipsec:config-type": "ike"
}
}
Tunnel cryptographic settings
instance required | integer <int64> Id of tunnel |
package main import ( "fmt" "net/http" "io/ioutil" ) func main() { url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/tunnel=%7Binstance%7D/crypto" req, _ := http.NewRequest("DELETE", url, nil) res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := ioutil.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) }
returns netgate.ipsec.ipsecconfig.tunnel.crypto.Ike
instance required | integer <int64> Id of tunnel |
package main import ( "fmt" "net/http" "io/ioutil" ) func main() { url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/tunnel=%7Binstance%7D/crypto/ike" req, _ := http.NewRequest("GET", url, nil) res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := ioutil.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) }
{- "netgate-ipsec:ike": {
- "netgate-ipsec:role": "initiator-only",
- "netgate-ipsec:udp-encapsulation": false,
- "netgate-ipsec:unique-id-policy": "never",
- "netgate-ipsec:lifetime": 14400,
- "netgate-ipsec:mobike": "string",
- "netgate-ipsec:remote-access": {
- "netgate-ipsec:dns": {
- "netgate-ipsec:resolver": [
- {
- "netgate-ipsec:res-number": 0,
- "netgate-ipsec:address": "string"
}
], - "netgate-ipsec:internal-domain": [
- {
- "netgate-ipsec:domain-name": "string",
- "netgate-ipsec:domain-number": 0
}
]
}, - "netgate-ipsec:address-pools": {
- "netgate-ipsec:radius": "string",
- "netgate-ipsec:ipv4-range": {
- "netgate-ipsec:first-address": "string",
- "netgate-ipsec:last-address": "string"
}, - "netgate-ipsec:ipv6-range": {
- "netgate-ipsec:first-address": "string",
- "netgate-ipsec:last-address": "string"
}
}
}, - "netgate-ipsec:dpd-poll-interval": 0,
- "netgate-ipsec:version": 2,
- "netgate-ipsec:key-renewal": "reauth",
- "netgate-ipsec:child-sa": [
- {
- "netgate-ipsec:proposal": [
- {
- "netgate-ipsec:name": "string",
- "netgate-ipsec:sequence-number": "esn",
- "netgate-ipsec:encryption-algorithm": "aes128gcm16",
- "netgate-ipsec:dh-group": "modp768",
- "netgate-ipsec:integrity-algorithm": "sha1"
}
], - "netgate-ipsec:mode": "tunnel",
- "netgate-ipsec:protocol": "esp",
- "netgate-ipsec:lifetime": 3600,
- "netgate-ipsec:name": "string",
- "netgate-ipsec:traffic-selector": [
- {
- "netgate-ipsec:ts-number": 0,
- "netgate-ipsec:local": "string"
}
], - "netgate-ipsec:replay-window": 0
}
], - "netgate-ipsec:identity": [
- {
- "netgate-ipsec:type": "none",
- "netgate-ipsec:value": "string",
- "netgate-ipsec:peer": "remote"
}
], - "netgate-ipsec:proposals": [
- {
- "netgate-ipsec:name": "string",
- "netgate-ipsec:encryption-algorithm": "aes128",
- "netgate-ipsec:prf": "prfsha1",
- "netgate-ipsec:dh-group": "modp768",
- "netgate-ipsec:integrity-algorithm": "sha1"
}
], - "netgate-ipsec:authentication": [
- {
- "netgate-ipsec:round": [
- {
- "netgate-ipsec:certificate": "string",
- "netgate-ipsec:number": 0,
- "netgate-ipsec:eap-radius": "string",
- "netgate-ipsec:psk": "string",
- "netgate-ipsec:eap-tls-ca-certificate": "string",
- "netgate-ipsec:ca-certificate": "string"
}
], - "netgate-ipsec:peer": "remote"
}
]
}
}
creates netgate.ipsec.ipsecconfig.tunnel.crypto.Ike
instance required | integer <int64> Id of tunnel |
netgate.ipsec.ipsecconfig.tunnel.crypto.Ike to be added to list
netgate-ipsec:role | string (netgate.ipsec.Role) Enum: "initiator-only" "responder-only" "both" |
netgate-ipsec:udp-encapsulation | boolean Default: false Force UDP encapsulation. |
netgate-ipsec:unique-id-policy | string (netgate.ipsec.IkeUniquePolicyT) Enum: "never" "no" "keep" "replace" |
netgate-ipsec:lifetime | integer <int64> Default: 14400 Lifetime of IKE SA in seconds. |
netgate-ipsec:mobike | string Enable MOBIKE mobility/multihoming extension. |
object (netgate.ipsec.ipsecconfig.tunnel.crypto.ike.RemoteAccess) Configurations for remote access VPN | |
netgate-ipsec:dpd-poll-interval | integer <int32> Seconds between DPD peer status checks. |
netgate-ipsec:version | integer <int32> Default: 2 |
netgate-ipsec:key-renewal | string (netgate.ipsec.KeyRenewalT) Enum: "reauth" "rekey" |
Array of objects (netgate.ipsec.ipsecconfig.tunnel.crypto.ike.ChildSa) Child (phase 2) SA. | |
Array of objects (netgate.ipsec.ipsecconfig.tunnel.crypto.ike.Identity) The ID data for one peer in the SA | |
Array of objects (netgate.ipsec.ipsecconfig.tunnel.crypto.ike.Proposals) Proposed parameters for IKE SA | |
Array of objects (netgate.ipsec.ipsecconfig.tunnel.crypto.ike.Authentication) The auth data for an IKE peer |
{- "netgate-ipsec:role": "initiator-only",
- "netgate-ipsec:udp-encapsulation": false,
- "netgate-ipsec:unique-id-policy": "never",
- "netgate-ipsec:lifetime": 14400,
- "netgate-ipsec:mobike": "string",
- "netgate-ipsec:remote-access": {
- "netgate-ipsec:dns": {
- "netgate-ipsec:resolver": [
- {
- "netgate-ipsec:res-number": 0,
- "netgate-ipsec:address": "string"
}
], - "netgate-ipsec:internal-domain": [
- {
- "netgate-ipsec:domain-name": "string",
- "netgate-ipsec:domain-number": 0
}
]
}, - "netgate-ipsec:address-pools": {
- "netgate-ipsec:radius": "string",
- "netgate-ipsec:ipv4-range": {
- "netgate-ipsec:first-address": "string",
- "netgate-ipsec:last-address": "string"
}, - "netgate-ipsec:ipv6-range": {
- "netgate-ipsec:first-address": "string",
- "netgate-ipsec:last-address": "string"
}
}
}, - "netgate-ipsec:dpd-poll-interval": 0,
- "netgate-ipsec:version": 2,
- "netgate-ipsec:key-renewal": "reauth",
- "netgate-ipsec:child-sa": [
- {
- "netgate-ipsec:proposal": [
- {
- "netgate-ipsec:name": "string",
- "netgate-ipsec:sequence-number": "esn",
- "netgate-ipsec:encryption-algorithm": "aes128gcm16",
- "netgate-ipsec:dh-group": "modp768",
- "netgate-ipsec:integrity-algorithm": "sha1"
}
], - "netgate-ipsec:mode": "tunnel",
- "netgate-ipsec:protocol": "esp",
- "netgate-ipsec:lifetime": 3600,
- "netgate-ipsec:name": "string",
- "netgate-ipsec:traffic-selector": [
- {
- "netgate-ipsec:ts-number": 0,
- "netgate-ipsec:local": "string"
}
], - "netgate-ipsec:replay-window": 0
}
], - "netgate-ipsec:identity": [
- {
- "netgate-ipsec:type": "none",
- "netgate-ipsec:value": "string",
- "netgate-ipsec:peer": "remote"
}
], - "netgate-ipsec:proposals": [
- {
- "netgate-ipsec:name": "string",
- "netgate-ipsec:encryption-algorithm": "aes128",
- "netgate-ipsec:prf": "prfsha1",
- "netgate-ipsec:dh-group": "modp768",
- "netgate-ipsec:integrity-algorithm": "sha1"
}
], - "netgate-ipsec:authentication": [
- {
- "netgate-ipsec:round": [
- {
- "netgate-ipsec:certificate": "string",
- "netgate-ipsec:number": 0,
- "netgate-ipsec:eap-radius": "string",
- "netgate-ipsec:psk": "string",
- "netgate-ipsec:eap-tls-ca-certificate": "string",
- "netgate-ipsec:ca-certificate": "string"
}
], - "netgate-ipsec:peer": "remote"
}
]
}
creates or updates netgate.ipsec.ipsecconfig.tunnel.crypto.Ike
instance required | integer <int64> Id of tunnel |
netgate.ipsec.ipsecconfig.tunnel.crypto.Ike to be added or updated
object (netgate.ipsec.ipsecconfig.tunnel.crypto.Ike) |
{- "netgate-ipsec:ike": {
- "netgate-ipsec:role": "initiator-only",
- "netgate-ipsec:udp-encapsulation": false,
- "netgate-ipsec:unique-id-policy": "never",
- "netgate-ipsec:lifetime": 14400,
- "netgate-ipsec:mobike": "string",
- "netgate-ipsec:remote-access": {
- "netgate-ipsec:dns": {
- "netgate-ipsec:resolver": [
- {
- "netgate-ipsec:res-number": 0,
- "netgate-ipsec:address": "string"
}
], - "netgate-ipsec:internal-domain": [
- {
- "netgate-ipsec:domain-name": "string",
- "netgate-ipsec:domain-number": 0
}
]
}, - "netgate-ipsec:address-pools": {
- "netgate-ipsec:radius": "string",
- "netgate-ipsec:ipv4-range": {
- "netgate-ipsec:first-address": "string",
- "netgate-ipsec:last-address": "string"
}, - "netgate-ipsec:ipv6-range": {
- "netgate-ipsec:first-address": "string",
- "netgate-ipsec:last-address": "string"
}
}
}, - "netgate-ipsec:dpd-poll-interval": 0,
- "netgate-ipsec:version": 2,
- "netgate-ipsec:key-renewal": "reauth",
- "netgate-ipsec:child-sa": [
- {
- "netgate-ipsec:proposal": [
- {
- "netgate-ipsec:name": "string",
- "netgate-ipsec:sequence-number": "esn",
- "netgate-ipsec:encryption-algorithm": "aes128gcm16",
- "netgate-ipsec:dh-group": "modp768",
- "netgate-ipsec:integrity-algorithm": "sha1"
}
], - "netgate-ipsec:mode": "tunnel",
- "netgate-ipsec:protocol": "esp",
- "netgate-ipsec:lifetime": 3600,
- "netgate-ipsec:name": "string",
- "netgate-ipsec:traffic-selector": [
- {
- "netgate-ipsec:ts-number": 0,
- "netgate-ipsec:local": "string"
}
], - "netgate-ipsec:replay-window": 0
}
], - "netgate-ipsec:identity": [
- {
- "netgate-ipsec:type": "none",
- "netgate-ipsec:value": "string",
- "netgate-ipsec:peer": "remote"
}
], - "netgate-ipsec:proposals": [
- {
- "netgate-ipsec:name": "string",
- "netgate-ipsec:encryption-algorithm": "aes128",
- "netgate-ipsec:prf": "prfsha1",
- "netgate-ipsec:dh-group": "modp768",
- "netgate-ipsec:integrity-algorithm": "sha1"
}
], - "netgate-ipsec:authentication": [
- {
- "netgate-ipsec:round": [
- {
- "netgate-ipsec:certificate": "string",
- "netgate-ipsec:number": 0,
- "netgate-ipsec:eap-radius": "string",
- "netgate-ipsec:psk": "string",
- "netgate-ipsec:eap-tls-ca-certificate": "string",
- "netgate-ipsec:ca-certificate": "string"
}
], - "netgate-ipsec:peer": "remote"
}
]
}
}
removes netgate.ipsec.ipsecconfig.tunnel.crypto.Ike
instance required | integer <int64> Id of tunnel |
package main import ( "fmt" "net/http" "io/ioutil" ) func main() { url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/tunnel=%7Binstance%7D/crypto/ike" req, _ := http.NewRequest("DELETE", url, nil) res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := ioutil.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) }
The auth data for an IKE peer
instance required | integer <int64> Id of tunnel |
netgate.ipsec.ipsecconfig.tunnel.crypto.ike.Authentication to be added to list
Array of objects (netgate.ipsec.ipsecconfig.tunnel.crypto.ike.authentication.Round) An authentication round for one peer. | |
netgate-ipsec:peer | string (netgate.ipsec.PeerPositionT) Enum: "remote" "local" |
{- "netgate-ipsec:round": [
- {
- "netgate-ipsec:certificate": "string",
- "netgate-ipsec:number": 0,
- "netgate-ipsec:eap-radius": "string",
- "netgate-ipsec:psk": "string",
- "netgate-ipsec:eap-tls-ca-certificate": "string",
- "netgate-ipsec:ca-certificate": "string"
}
], - "netgate-ipsec:peer": "remote"
}
The auth data for an IKE peer
instance required | integer <int64> Id of tunnel |
peer required | string Id of authentication |
package main import ( "fmt" "net/http" "io/ioutil" ) func main() { url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/tunnel=%7Binstance%7D/crypto/ike/authentication=%7Bpeer%7D" req, _ := http.NewRequest("GET", url, nil) res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := ioutil.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) }
{- "netgate-ipsec:authentication": {
- "netgate-ipsec:round": [
- {
- "netgate-ipsec:certificate": "string",
- "netgate-ipsec:number": 0,
- "netgate-ipsec:eap-radius": "string",
- "netgate-ipsec:psk": "string",
- "netgate-ipsec:eap-tls-ca-certificate": "string",
- "netgate-ipsec:ca-certificate": "string"
}
], - "netgate-ipsec:peer": "remote"
}
}
The auth data for an IKE peer
instance required | integer <int64> Id of tunnel |
peer required | string Id of authentication |
netgate.ipsec.ipsecconfig.tunnel.crypto.ike.Authentication to be added or updated
object (netgate.ipsec.ipsecconfig.tunnel.crypto.ike.Authentication) The auth data for an IKE peer |
{- "netgate-ipsec:authentication": {
- "netgate-ipsec:round": [
- {
- "netgate-ipsec:certificate": "string",
- "netgate-ipsec:number": 0,
- "netgate-ipsec:eap-radius": "string",
- "netgate-ipsec:psk": "string",
- "netgate-ipsec:eap-tls-ca-certificate": "string",
- "netgate-ipsec:ca-certificate": "string"
}
], - "netgate-ipsec:peer": "remote"
}
}
The auth data for an IKE peer
instance required | integer <int64> Id of tunnel |
peer required | string Id of authentication |
package main import ( "fmt" "net/http" "io/ioutil" ) func main() { url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/tunnel=%7Binstance%7D/crypto/ike/authentication=%7Bpeer%7D" req, _ := http.NewRequest("DELETE", url, nil) res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := ioutil.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) }
An authentication round for one peer.
instance required | integer <int64> Id of tunnel |
peer required | string Id of authentication |
netgate.ipsec.ipsecconfig.tunnel.crypto.ike.authentication.Round to be added to list
netgate-ipsec:certificate | string Name of a certificate file |
netgate-ipsec:number | integer <int32> Numeric field to order multiple authentications |
netgate-ipsec:eap-radius | string Enable EAP-RADIUS using global settings |
netgate-ipsec:psk | string Pre Shared Key |
netgate-ipsec:eap-tls-ca-certificate | string Name of a CA certificate file |
netgate-ipsec:ca-certificate | string Name of a CA certificate file |
{- "netgate-ipsec:certificate": "string",
- "netgate-ipsec:number": 0,
- "netgate-ipsec:eap-radius": "string",
- "netgate-ipsec:psk": "string",
- "netgate-ipsec:eap-tls-ca-certificate": "string",
- "netgate-ipsec:ca-certificate": "string"
}
An authentication round for one peer.
instance required | integer <int64> Id of tunnel |
peer required | string Id of authentication |
number required | integer <int32> Id of round |
package main import ( "fmt" "net/http" "io/ioutil" ) func main() { url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/tunnel=%7Binstance%7D/crypto/ike/authentication=%7Bpeer%7D/round=%7Bnumber%7D" req, _ := http.NewRequest("GET", url, nil) res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := ioutil.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) }
{- "netgate-ipsec:round": {
- "netgate-ipsec:certificate": "string",
- "netgate-ipsec:number": 0,
- "netgate-ipsec:eap-radius": "string",
- "netgate-ipsec:psk": "string",
- "netgate-ipsec:eap-tls-ca-certificate": "string",
- "netgate-ipsec:ca-certificate": "string"
}
}
An authentication round for one peer.
instance required | integer <int64> Id of tunnel |
peer required | string Id of authentication |
number required | integer <int32> Id of round |
netgate.ipsec.ipsecconfig.tunnel.crypto.ike.authentication.Round to be added or updated
object (netgate.ipsec.ipsecconfig.tunnel.crypto.ike.authentication.Round) An authentication round for one peer. |
{- "netgate-ipsec:round": {
- "netgate-ipsec:certificate": "string",
- "netgate-ipsec:number": 0,
- "netgate-ipsec:eap-radius": "string",
- "netgate-ipsec:psk": "string",
- "netgate-ipsec:eap-tls-ca-certificate": "string",
- "netgate-ipsec:ca-certificate": "string"
}
}
An authentication round for one peer.
instance required | integer <int64> Id of tunnel |
peer required | string Id of authentication |
number required | integer <int32> Id of round |
package main import ( "fmt" "net/http" "io/ioutil" ) func main() { url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/tunnel=%7Binstance%7D/crypto/ike/authentication=%7Bpeer%7D/round=%7Bnumber%7D" req, _ := http.NewRequest("DELETE", url, nil) res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := ioutil.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) }
Child (phase 2) SA.
instance required | integer <int64> Id of tunnel |
netgate.ipsec.ipsecconfig.tunnel.crypto.ike.ChildSa to be added to list
Array of objects (netgate.ipsec.ipsecconfig.tunnel.crypto.ike.childsa.Proposal) | |
netgate-ipsec:mode | string (netgate.ipsec.Mode) Value: "tunnel" |
netgate-ipsec:protocol | string (netgate.ipsec.Protocol) Value: "esp" |
netgate-ipsec:lifetime | integer <int64> Default: 3600 The length of time in seconds until the child SA is no longer valid. |
netgate-ipsec:name | string Name of the child SA |
Array of objects (netgate.ipsec.ipsecconfig.tunnel.crypto.ike.childsa.TrafficSelector) Specification of traffic which should be routed through an IPsec tunnel. | |
netgate-ipsec:replay-window | integer <int64> Number of packets in replay window. Currently, 64 packets is the only supported value. Setting anything here will enable a 64 packet replay window. |
{- "netgate-ipsec:proposal": [
- {
- "netgate-ipsec:name": "string",
- "netgate-ipsec:sequence-number": "esn",
- "netgate-ipsec:encryption-algorithm": "aes128gcm16",
- "netgate-ipsec:dh-group": "modp768",
- "netgate-ipsec:integrity-algorithm": "sha1"
}
], - "netgate-ipsec:mode": "tunnel",
- "netgate-ipsec:protocol": "esp",
- "netgate-ipsec:lifetime": 3600,
- "netgate-ipsec:name": "string",
- "netgate-ipsec:traffic-selector": [
- {
- "netgate-ipsec:ts-number": 0,
- "netgate-ipsec:local": "string"
}
], - "netgate-ipsec:replay-window": 0
}
Child (phase 2) SA.
instance required | integer <int64> Id of tunnel |
name required | string Id of child-sa |
package main import ( "fmt" "net/http" "io/ioutil" ) func main() { url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/tunnel=%7Binstance%7D/crypto/ike/child-sa=%7Bname%7D" req, _ := http.NewRequest("GET", url, nil) res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := ioutil.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) }
{- "netgate-ipsec:child-sa": {
- "netgate-ipsec:proposal": [
- {
- "netgate-ipsec:name": "string",
- "netgate-ipsec:sequence-number": "esn",
- "netgate-ipsec:encryption-algorithm": "aes128gcm16",
- "netgate-ipsec:dh-group": "modp768",
- "netgate-ipsec:integrity-algorithm": "sha1"
}
], - "netgate-ipsec:mode": "tunnel",
- "netgate-ipsec:protocol": "esp",
- "netgate-ipsec:lifetime": 3600,
- "netgate-ipsec:name": "string",
- "netgate-ipsec:traffic-selector": [
- {
- "netgate-ipsec:ts-number": 0,
- "netgate-ipsec:local": "string"
}
], - "netgate-ipsec:replay-window": 0
}
}
Child (phase 2) SA.
instance required | integer <int64> Id of tunnel |
name required | string Id of child-sa |
netgate.ipsec.ipsecconfig.tunnel.crypto.ike.ChildSa to be added or updated
object (netgate.ipsec.ipsecconfig.tunnel.crypto.ike.ChildSa) Child (phase 2) SA. |
{- "netgate-ipsec:child-sa": {
- "netgate-ipsec:proposal": [
- {
- "netgate-ipsec:name": "string",
- "netgate-ipsec:sequence-number": "esn",
- "netgate-ipsec:encryption-algorithm": "aes128gcm16",
- "netgate-ipsec:dh-group": "modp768",
- "netgate-ipsec:integrity-algorithm": "sha1"
}
], - "netgate-ipsec:mode": "tunnel",
- "netgate-ipsec:protocol": "esp",
- "netgate-ipsec:lifetime": 3600,
- "netgate-ipsec:name": "string",
- "netgate-ipsec:traffic-selector": [
- {
- "netgate-ipsec:ts-number": 0,
- "netgate-ipsec:local": "string"
}
], - "netgate-ipsec:replay-window": 0
}
}
Child (phase 2) SA.
instance required | integer <int64> Id of tunnel |
name required | string Id of child-sa |
package main import ( "fmt" "net/http" "io/ioutil" ) func main() { url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/tunnel=%7Binstance%7D/crypto/ike/child-sa=%7Bname%7D" req, _ := http.NewRequest("DELETE", url, nil) res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := ioutil.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) }
creates netgate.ipsec.ipsecconfig.tunnel.crypto.ike.childsa.Proposal
instance required | integer <int64> Id of tunnel |
name required | string Id of child-sa |
netgate.ipsec.ipsecconfig.tunnel.crypto.ike.childsa.Proposal to be added to list
netgate-ipsec:name | string |
netgate-ipsec:sequence-number | string (netgate.ipsec.IpsecSeqNumberTypeT) Enum: "esn" "noesn" |
netgate-ipsec:encryption-algorithm | string (netgate.ipsec.DataplaneEspEncryptionAlgorithmT) Enum: "aes128gcm16" "aes192gcm16" "aes256gcm16" "chacha20poly1305" "aes128" "aes192" "aes256" |
netgate-ipsec:dh-group | string (netgate.ipsec.NgDiffieHellmanGroupT) Enum: "modp768" "modp1024" "modp1536" "modp2048" "modp3072" "modp4096" "modp6144" "modp8192" "ecp256" "ecp384" "ecp521" "modp1024s160" "modp2048s224" "modp2048s256" "curve25519" |
netgate-ipsec:integrity-algorithm | string (netgate.ipsec.DataplaneEspIntegrityAlgorithmT) Enum: "sha1" "sha256" "sha384" "sha512" |
{- "netgate-ipsec:name": "string",
- "netgate-ipsec:sequence-number": "esn",
- "netgate-ipsec:encryption-algorithm": "aes128gcm16",
- "netgate-ipsec:dh-group": "modp768",
- "netgate-ipsec:integrity-algorithm": "sha1"
}
returns netgate.ipsec.ipsecconfig.tunnel.crypto.ike.childsa.Proposal
instance required | integer <int64> Id of tunnel |
name required | string Id of child-sa |
proposal-name required | string Id of proposal |
package main import ( "fmt" "net/http" "io/ioutil" ) func main() { url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/tunnel=%7Binstance%7D/crypto/ike/child-sa=%7Bname%7D/proposal=%7Bproposal-name%7D" req, _ := http.NewRequest("GET", url, nil) res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := ioutil.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) }
{- "netgate-ipsec:proposal": {
- "netgate-ipsec:name": "string",
- "netgate-ipsec:sequence-number": "esn",
- "netgate-ipsec:encryption-algorithm": "aes128gcm16",
- "netgate-ipsec:dh-group": "modp768",
- "netgate-ipsec:integrity-algorithm": "sha1"
}
}
creates or updates netgate.ipsec.ipsecconfig.tunnel.crypto.ike.childsa.Proposal
instance required | integer <int64> Id of tunnel |
name required | string Id of child-sa |
proposal-name required | string Id of proposal |
netgate.ipsec.ipsecconfig.tunnel.crypto.ike.childsa.Proposal to be added or updated
object (netgate.ipsec.ipsecconfig.tunnel.crypto.ike.childsa.Proposal) |
{- "netgate-ipsec:proposal": {
- "netgate-ipsec:name": "string",
- "netgate-ipsec:sequence-number": "esn",
- "netgate-ipsec:encryption-algorithm": "aes128gcm16",
- "netgate-ipsec:dh-group": "modp768",
- "netgate-ipsec:integrity-algorithm": "sha1"
}
}
removes netgate.ipsec.ipsecconfig.tunnel.crypto.ike.childsa.Proposal
instance required | integer <int64> Id of tunnel |
name required | string Id of child-sa |
proposal-name required | string Id of proposal |
package main import ( "fmt" "net/http" "io/ioutil" ) func main() { url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/tunnel=%7Binstance%7D/crypto/ike/child-sa=%7Bname%7D/proposal=%7Bproposal-name%7D" req, _ := http.NewRequest("DELETE", url, nil) res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := ioutil.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) }
Specification of traffic which should be routed through an IPsec tunnel.
instance required | integer <int64> Id of tunnel |
name required | string Id of child-sa |
netgate.ipsec.ipsecconfig.tunnel.crypto.ike.childsa.TrafficSelector to be added to list
netgate-ipsec:ts-number | integer <int32> Numeric identifier for traffic selector. |
netgate-ipsec:local | string Local IPv4 or IPv6 network prefix. |
{- "netgate-ipsec:ts-number": 0,
- "netgate-ipsec:local": "string"
}
Specification of traffic which should be routed through an IPsec tunnel.
instance required | integer <int64> Id of tunnel |
name required | string Id of child-sa |
ts-number required | integer <int32> Id of traffic-selector |
package main import ( "fmt" "net/http" "io/ioutil" ) func main() { url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/tunnel=%7Binstance%7D/crypto/ike/child-sa=%7Bname%7D/traffic-selector=%7Bts-number%7D" req, _ := http.NewRequest("GET", url, nil) res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := ioutil.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) }
{- "netgate-ipsec:traffic-selector": {
- "netgate-ipsec:ts-number": 0,
- "netgate-ipsec:local": "string"
}
}
Specification of traffic which should be routed through an IPsec tunnel.
instance required | integer <int64> Id of tunnel |
name required | string Id of child-sa |
ts-number required | integer <int32> Id of traffic-selector |
netgate.ipsec.ipsecconfig.tunnel.crypto.ike.childsa.TrafficSelector to be added or updated
object (netgate.ipsec.ipsecconfig.tunnel.crypto.ike.childsa.TrafficSelector) Specification of traffic which should be routed through an IPsec tunnel. |
{- "netgate-ipsec:traffic-selector": {
- "netgate-ipsec:ts-number": 0,
- "netgate-ipsec:local": "string"
}
}
Specification of traffic which should be routed through an IPsec tunnel.
instance required | integer <int64> Id of tunnel |
name required | string Id of child-sa |
ts-number required | integer <int32> Id of traffic-selector |
package main import ( "fmt" "net/http" "io/ioutil" ) func main() { url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/tunnel=%7Binstance%7D/crypto/ike/child-sa=%7Bname%7D/traffic-selector=%7Bts-number%7D" req, _ := http.NewRequest("DELETE", url, nil) res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := ioutil.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) }
The ID data for one peer in the SA
instance required | integer <int64> Id of tunnel |
netgate.ipsec.ipsecconfig.tunnel.crypto.ike.Identity to be added to list
netgate-ipsec:type | string (netgate.ipsec.IkeIdentityTypeT) Enum: "none" "email" "fqdn" "dn" "key-id" "address" |
netgate-ipsec:value | string The ID of the peer. |
netgate-ipsec:peer | string (netgate.ipsec.PeerPositionT) Enum: "remote" "local" |
{- "netgate-ipsec:type": "none",
- "netgate-ipsec:value": "string",
- "netgate-ipsec:peer": "remote"
}
The ID data for one peer in the SA
instance required | integer <int64> Id of tunnel |
peer required | string Id of identity |
package main import ( "fmt" "net/http" "io/ioutil" ) func main() { url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/tunnel=%7Binstance%7D/crypto/ike/identity=%7Bpeer%7D" req, _ := http.NewRequest("GET", url, nil) res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := ioutil.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) }
{- "netgate-ipsec:identity": {
- "netgate-ipsec:type": "none",
- "netgate-ipsec:value": "string",
- "netgate-ipsec:peer": "remote"
}
}
The ID data for one peer in the SA
instance required | integer <int64> Id of tunnel |
peer required | string Id of identity |
netgate.ipsec.ipsecconfig.tunnel.crypto.ike.Identity to be added or updated
object (netgate.ipsec.ipsecconfig.tunnel.crypto.ike.Identity) The ID data for one peer in the SA |
{- "netgate-ipsec:identity": {
- "netgate-ipsec:type": "none",
- "netgate-ipsec:value": "string",
- "netgate-ipsec:peer": "remote"
}
}
The ID data for one peer in the SA
instance required | integer <int64> Id of tunnel |
peer required | string Id of identity |
package main import ( "fmt" "net/http" "io/ioutil" ) func main() { url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/tunnel=%7Binstance%7D/crypto/ike/identity=%7Bpeer%7D" req, _ := http.NewRequest("DELETE", url, nil) res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := ioutil.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) }
Proposed parameters for IKE SA
instance required | integer <int64> Id of tunnel |
netgate.ipsec.ipsecconfig.tunnel.crypto.ike.Proposals to be added to list
netgate-ipsec:name | string IKE proposal name. |
netgate-ipsec:encryption-algorithm | string (netgate.ipsec.NgIkeEncryptionAlgorithmT) Enum: "aes128" "aes192" "aes256" "aes128ctr" "aes192ctr" "aes256ctr" "aes128ccm8" "aes192ccm8" "aes256ccm8" "aes128ccm12" "aes192ccm12" "aes256ccm12" "aes128ccm16" "aes192ccm16" "aes256ccm16" "aes128gcm8" "aes192gcm8" "aes256gcm8" "aes128gcm12" "aes192gcm12" "aes256gcm12" "aes128gcm16" "aes192gcm16" "aes256gcm16" "camellia128" "camellia192" "camellia256" "camellia128ctr" "camellia192ctr" "camellia256ctr" "camellia128ccm8" "camellia192ccm8" "camellia256ccm8" "camellia128ccm12" "camellia192ccm12" "camellia256ccm12" "camellia128ccm16" "camellia192ccm16" "camellia256ccm16" "chacha20poly1305" |
netgate-ipsec:prf | string (netgate.ipsec.NgPseudoRandomFunctionT) Enum: "prfsha1" "prfsha256" "prfsha384" "prfsha512" |
netgate-ipsec:dh-group | string (netgate.ipsec.NgDiffieHellmanGroupT) Enum: "modp768" "modp1024" "modp1536" "modp2048" "modp3072" "modp4096" "modp6144" "modp8192" "ecp256" "ecp384" "ecp521" "modp1024s160" "modp2048s224" "modp2048s256" "curve25519" |
netgate-ipsec:integrity-algorithm | string (netgate.ipsec.NgIkeIntegrityAlgorithmT) Enum: "sha1" "aesxcbc" "aescmac" "sha256" "sha384" "sha512" |
{- "netgate-ipsec:name": "string",
- "netgate-ipsec:encryption-algorithm": "aes128",
- "netgate-ipsec:prf": "prfsha1",
- "netgate-ipsec:dh-group": "modp768",
- "netgate-ipsec:integrity-algorithm": "sha1"
}
Proposed parameters for IKE SA
instance required | integer <int64> Id of tunnel |
name required | string Id of proposals |
package main import ( "fmt" "net/http" "io/ioutil" ) func main() { url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/tunnel=%7Binstance%7D/crypto/ike/proposals=%7Bname%7D" req, _ := http.NewRequest("GET", url, nil) res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := ioutil.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) }
{- "netgate-ipsec:proposals": {
- "netgate-ipsec:name": "string",
- "netgate-ipsec:encryption-algorithm": "aes128",
- "netgate-ipsec:prf": "prfsha1",
- "netgate-ipsec:dh-group": "modp768",
- "netgate-ipsec:integrity-algorithm": "sha1"
}
}
Proposed parameters for IKE SA
instance required | integer <int64> Id of tunnel |
name required | string Id of proposals |
netgate.ipsec.ipsecconfig.tunnel.crypto.ike.Proposals to be added or updated
object (netgate.ipsec.ipsecconfig.tunnel.crypto.ike.Proposals) Proposed parameters for IKE SA |
{- "netgate-ipsec:proposals": {
- "netgate-ipsec:name": "string",
- "netgate-ipsec:encryption-algorithm": "aes128",
- "netgate-ipsec:prf": "prfsha1",
- "netgate-ipsec:dh-group": "modp768",
- "netgate-ipsec:integrity-algorithm": "sha1"
}
}
Proposed parameters for IKE SA
instance required | integer <int64> Id of tunnel |
name required | string Id of proposals |
package main import ( "fmt" "net/http" "io/ioutil" ) func main() { url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/tunnel=%7Binstance%7D/crypto/ike/proposals=%7Bname%7D" req, _ := http.NewRequest("DELETE", url, nil) res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := ioutil.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) }
Configurations for remote access VPN
instance required | integer <int64> Id of tunnel |
package main import ( "fmt" "net/http" "io/ioutil" ) func main() { url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/tunnel=%7Binstance%7D/crypto/ike/remote-access" req, _ := http.NewRequest("GET", url, nil) res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := ioutil.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) }
{- "netgate-ipsec:remote-access": {
- "netgate-ipsec:dns": {
- "netgate-ipsec:resolver": [
- {
- "netgate-ipsec:res-number": 0,
- "netgate-ipsec:address": "string"
}
], - "netgate-ipsec:internal-domain": [
- {
- "netgate-ipsec:domain-name": "string",
- "netgate-ipsec:domain-number": 0
}
]
}, - "netgate-ipsec:address-pools": {
- "netgate-ipsec:radius": "string",
- "netgate-ipsec:ipv4-range": {
- "netgate-ipsec:first-address": "string",
- "netgate-ipsec:last-address": "string"
}, - "netgate-ipsec:ipv6-range": {
- "netgate-ipsec:first-address": "string",
- "netgate-ipsec:last-address": "string"
}
}
}
}
Configurations for remote access VPN
instance required | integer <int64> Id of tunnel |
netgate.ipsec.ipsecconfig.tunnel.crypto.ike.RemoteAccess to be added to list
object (netgate.ipsec.ipsecconfig.tunnel.crypto.ike.remoteaccess.Dns) DNS configurations. | |
object (netgate.ipsec.ipsecconfig.tunnel.crypto.ike.remoteaccess.AddressPools) Pools for assigning remote client addresses. |
{- "netgate-ipsec:dns": {
- "netgate-ipsec:resolver": [
- {
- "netgate-ipsec:res-number": 0,
- "netgate-ipsec:address": "string"
}
], - "netgate-ipsec:internal-domain": [
- {
- "netgate-ipsec:domain-name": "string",
- "netgate-ipsec:domain-number": 0
}
]
}, - "netgate-ipsec:address-pools": {
- "netgate-ipsec:radius": "string",
- "netgate-ipsec:ipv4-range": {
- "netgate-ipsec:first-address": "string",
- "netgate-ipsec:last-address": "string"
}, - "netgate-ipsec:ipv6-range": {
- "netgate-ipsec:first-address": "string",
- "netgate-ipsec:last-address": "string"
}
}
}
Configurations for remote access VPN
instance required | integer <int64> Id of tunnel |
netgate.ipsec.ipsecconfig.tunnel.crypto.ike.RemoteAccess to be added or updated
object (netgate.ipsec.ipsecconfig.tunnel.crypto.ike.RemoteAccess) Configurations for remote access VPN |
{- "netgate-ipsec:remote-access": {
- "netgate-ipsec:dns": {
- "netgate-ipsec:resolver": [
- {
- "netgate-ipsec:res-number": 0,
- "netgate-ipsec:address": "string"
}
], - "netgate-ipsec:internal-domain": [
- {
- "netgate-ipsec:domain-name": "string",
- "netgate-ipsec:domain-number": 0
}
]
}, - "netgate-ipsec:address-pools": {
- "netgate-ipsec:radius": "string",
- "netgate-ipsec:ipv4-range": {
- "netgate-ipsec:first-address": "string",
- "netgate-ipsec:last-address": "string"
}, - "netgate-ipsec:ipv6-range": {
- "netgate-ipsec:first-address": "string",
- "netgate-ipsec:last-address": "string"
}
}
}
}
Configurations for remote access VPN
instance required | integer <int64> Id of tunnel |
package main import ( "fmt" "net/http" "io/ioutil" ) func main() { url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/tunnel=%7Binstance%7D/crypto/ike/remote-access" req, _ := http.NewRequest("DELETE", url, nil) res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := ioutil.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) }
Pools for assigning remote client addresses.
instance required | integer <int64> Id of tunnel |
package main import ( "fmt" "net/http" "io/ioutil" ) func main() { url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/tunnel=%7Binstance%7D/crypto/ike/remote-access/address-pools" req, _ := http.NewRequest("GET", url, nil) res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := ioutil.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) }
{- "netgate-ipsec:address-pools": {
- "netgate-ipsec:radius": "string",
- "netgate-ipsec:ipv4-range": {
- "netgate-ipsec:first-address": "string",
- "netgate-ipsec:last-address": "string"
}, - "netgate-ipsec:ipv6-range": {
- "netgate-ipsec:first-address": "string",
- "netgate-ipsec:last-address": "string"
}
}
}
Pools for assigning remote client addresses.
instance required | integer <int64> Id of tunnel |
netgate.ipsec.ipsecconfig.tunnel.crypto.ike.remoteaccess.AddressPools to be added to list
netgate-ipsec:radius | string Enable virtual IP address allocation by radius server. |
object (netgate.ipsec.ipsecconfig.tunnel.crypto.ike.remoteaccess.addresspools.Ipv4Range) Range of client virtual IPv4 addresses. | |
object (netgate.ipsec.ipsecconfig.tunnel.crypto.ike.remoteaccess.addresspools.Ipv6Range) Range of client virtual IPv6 addresses. |
{- "netgate-ipsec:radius": "string",
- "netgate-ipsec:ipv4-range": {
- "netgate-ipsec:first-address": "string",
- "netgate-ipsec:last-address": "string"
}, - "netgate-ipsec:ipv6-range": {
- "netgate-ipsec:first-address": "string",
- "netgate-ipsec:last-address": "string"
}
}
Pools for assigning remote client addresses.
instance required | integer <int64> Id of tunnel |
netgate.ipsec.ipsecconfig.tunnel.crypto.ike.remoteaccess.AddressPools to be added or updated
object (netgate.ipsec.ipsecconfig.tunnel.crypto.ike.remoteaccess.AddressPools) Pools for assigning remote client addresses. |
{- "netgate-ipsec:address-pools": {
- "netgate-ipsec:radius": "string",
- "netgate-ipsec:ipv4-range": {
- "netgate-ipsec:first-address": "string",
- "netgate-ipsec:last-address": "string"
}, - "netgate-ipsec:ipv6-range": {
- "netgate-ipsec:first-address": "string",
- "netgate-ipsec:last-address": "string"
}
}
}
Pools for assigning remote client addresses.
instance required | integer <int64> Id of tunnel |
package main import ( "fmt" "net/http" "io/ioutil" ) func main() { url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/tunnel=%7Binstance%7D/crypto/ike/remote-access/address-pools" req, _ := http.NewRequest("DELETE", url, nil) res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := ioutil.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) }
Range of client virtual IPv4 addresses.
instance required | integer <int64> Id of tunnel |
package main import ( "fmt" "net/http" "io/ioutil" ) func main() { url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/tunnel=%7Binstance%7D/crypto/ike/remote-access/address-pools/ipv4-range" req, _ := http.NewRequest("GET", url, nil) res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := ioutil.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) }
{- "netgate-ipsec:ipv4-range": {
- "netgate-ipsec:first-address": "string",
- "netgate-ipsec:last-address": "string"
}
}
Range of client virtual IPv4 addresses.
instance required | integer <int64> Id of tunnel |
netgate.ipsec.ipsecconfig.tunnel.crypto.ike.remoteaccess.addresspools.Ipv4Range to be added to list
netgate-ipsec:first-address | string First IPv4 address in range. |
netgate-ipsec:last-address | string Last IPv4 address in range. |
{- "netgate-ipsec:first-address": "string",
- "netgate-ipsec:last-address": "string"
}
Range of client virtual IPv4 addresses.
instance required | integer <int64> Id of tunnel |
netgate.ipsec.ipsecconfig.tunnel.crypto.ike.remoteaccess.addresspools.Ipv4Range to be added or updated
object (netgate.ipsec.ipsecconfig.tunnel.crypto.ike.remoteaccess.addresspools.Ipv4Range) Range of client virtual IPv4 addresses. |
{- "netgate-ipsec:ipv4-range": {
- "netgate-ipsec:first-address": "string",
- "netgate-ipsec:last-address": "string"
}
}
Range of client virtual IPv4 addresses.
instance required | integer <int64> Id of tunnel |
package main import ( "fmt" "net/http" "io/ioutil" ) func main() { url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/tunnel=%7Binstance%7D/crypto/ike/remote-access/address-pools/ipv4-range" req, _ := http.NewRequest("DELETE", url, nil) res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := ioutil.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) }
Range of client virtual IPv6 addresses.
instance required | integer <int64> Id of tunnel |
package main import ( "fmt" "net/http" "io/ioutil" ) func main() { url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/tunnel=%7Binstance%7D/crypto/ike/remote-access/address-pools/ipv6-range" req, _ := http.NewRequest("GET", url, nil) res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := ioutil.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) }
{- "netgate-ipsec:ipv6-range": {
- "netgate-ipsec:first-address": "string",
- "netgate-ipsec:last-address": "string"
}
}
Range of client virtual IPv6 addresses.
instance required | integer <int64> Id of tunnel |
netgate.ipsec.ipsecconfig.tunnel.crypto.ike.remoteaccess.addresspools.Ipv6Range to be added to list
netgate-ipsec:first-address | string First IPv6 address in range. |
netgate-ipsec:last-address | string Last IPv6 address in range. |
{- "netgate-ipsec:first-address": "string",
- "netgate-ipsec:last-address": "string"
}
Range of client virtual IPv6 addresses.
instance required | integer <int64> Id of tunnel |
netgate.ipsec.ipsecconfig.tunnel.crypto.ike.remoteaccess.addresspools.Ipv6Range to be added or updated
object (netgate.ipsec.ipsecconfig.tunnel.crypto.ike.remoteaccess.addresspools.Ipv6Range) Range of client virtual IPv6 addresses. |
{- "netgate-ipsec:ipv6-range": {
- "netgate-ipsec:first-address": "string",
- "netgate-ipsec:last-address": "string"
}
}
Range of client virtual IPv6 addresses.
instance required | integer <int64> Id of tunnel |
package main import ( "fmt" "net/http" "io/ioutil" ) func main() { url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/tunnel=%7Binstance%7D/crypto/ike/remote-access/address-pools/ipv6-range" req, _ := http.NewRequest("DELETE", url, nil) res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := ioutil.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) }
DNS configurations.
instance required | integer <int64> Id of tunnel |
package main import ( "fmt" "net/http" "io/ioutil" ) func main() { url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/tunnel=%7Binstance%7D/crypto/ike/remote-access/dns" req, _ := http.NewRequest("GET", url, nil) res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := ioutil.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) }
{- "netgate-ipsec:dns": {
- "netgate-ipsec:resolver": [
- {
- "netgate-ipsec:res-number": 0,
- "netgate-ipsec:address": "string"
}
], - "netgate-ipsec:internal-domain": [
- {
- "netgate-ipsec:domain-name": "string",
- "netgate-ipsec:domain-number": 0
}
]
}
}
DNS configurations.
instance required | integer <int64> Id of tunnel |
netgate.ipsec.ipsecconfig.tunnel.crypto.ike.remoteaccess.Dns to be added to list
Array of objects (netgate.ipsec.ipsecconfig.tunnel.crypto.ike.remoteaccess.dns.Resolver) Address of DNS resolvers to be used by clients. | |
Array of objects (netgate.ipsec.ipsecconfig.tunnel.crypto.ike.remoteaccess.dns.InternalDomain) DNS domains which should be handled by the configured resolvers. |
{- "netgate-ipsec:resolver": [
- {
- "netgate-ipsec:res-number": 0,
- "netgate-ipsec:address": "string"
}
], - "netgate-ipsec:internal-domain": [
- {
- "netgate-ipsec:domain-name": "string",
- "netgate-ipsec:domain-number": 0
}
]
}
DNS configurations.
instance required | integer <int64> Id of tunnel |
netgate.ipsec.ipsecconfig.tunnel.crypto.ike.remoteaccess.Dns to be added or updated
object (netgate.ipsec.ipsecconfig.tunnel.crypto.ike.remoteaccess.Dns) DNS configurations. |
{- "netgate-ipsec:dns": {
- "netgate-ipsec:resolver": [
- {
- "netgate-ipsec:res-number": 0,
- "netgate-ipsec:address": "string"
}
], - "netgate-ipsec:internal-domain": [
- {
- "netgate-ipsec:domain-name": "string",
- "netgate-ipsec:domain-number": 0
}
]
}
}
DNS configurations.
instance required | integer <int64> Id of tunnel |
package main import ( "fmt" "net/http" "io/ioutil" ) func main() { url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/tunnel=%7Binstance%7D/crypto/ike/remote-access/dns" req, _ := http.NewRequest("DELETE", url, nil) res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := ioutil.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) }
DNS domains which should be handled by the configured resolvers.
instance required | integer <int64> Id of tunnel |
netgate.ipsec.ipsecconfig.tunnel.crypto.ike.remoteaccess.dns.InternalDomain to be added to list
netgate-ipsec:domain-name | string DNS domain name. |
netgate-ipsec:domain-number | integer <int32> Numeric identifier of domain. |
{- "netgate-ipsec:domain-name": "string",
- "netgate-ipsec:domain-number": 0
}
DNS domains which should be handled by the configured resolvers.
instance required | integer <int64> Id of tunnel |
domain-number required | integer <int32> Id of internal-domain |
package main import ( "fmt" "net/http" "io/ioutil" ) func main() { url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/tunnel=%7Binstance%7D/crypto/ike/remote-access/dns/internal-domain=%7Bdomain-number%7D" req, _ := http.NewRequest("GET", url, nil) res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := ioutil.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) }
{- "netgate-ipsec:internal-domain": {
- "netgate-ipsec:domain-name": "string",
- "netgate-ipsec:domain-number": 0
}
}
DNS domains which should be handled by the configured resolvers.
instance required | integer <int64> Id of tunnel |
domain-number required | integer <int32> Id of internal-domain |
netgate.ipsec.ipsecconfig.tunnel.crypto.ike.remoteaccess.dns.InternalDomain to be added or updated
object (netgate.ipsec.ipsecconfig.tunnel.crypto.ike.remoteaccess.dns.InternalDomain) DNS domains which should be handled by the configured resolvers. |
{- "netgate-ipsec:internal-domain": {
- "netgate-ipsec:domain-name": "string",
- "netgate-ipsec:domain-number": 0
}
}
DNS domains which should be handled by the configured resolvers.
instance required | integer <int64> Id of tunnel |
domain-number required | integer <int32> Id of internal-domain |
package main import ( "fmt" "net/http" "io/ioutil" ) func main() { url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/tunnel=%7Binstance%7D/crypto/ike/remote-access/dns/internal-domain=%7Bdomain-number%7D" req, _ := http.NewRequest("DELETE", url, nil) res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := ioutil.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) }
Address of DNS resolvers to be used by clients.
instance required | integer <int64> Id of tunnel |
netgate.ipsec.ipsecconfig.tunnel.crypto.ike.remoteaccess.dns.Resolver to be added to list
netgate-ipsec:res-number | integer <int32> Numeric identifier of resolver. |
netgate-ipsec:address | string IPv4 or IPv6 address of resolver. |
{- "netgate-ipsec:res-number": 0,
- "netgate-ipsec:address": "string"
}
Address of DNS resolvers to be used by clients.
instance required | integer <int64> Id of tunnel |
res-number required | integer <int32> Id of resolver |
package main import ( "fmt" "net/http" "io/ioutil" ) func main() { url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/tunnel=%7Binstance%7D/crypto/ike/remote-access/dns/resolver=%7Bres-number%7D" req, _ := http.NewRequest("GET", url, nil) res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := ioutil.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) }
{- "netgate-ipsec:resolver": {
- "netgate-ipsec:res-number": 0,
- "netgate-ipsec:address": "string"
}
}
Address of DNS resolvers to be used by clients.
instance required | integer <int64> Id of tunnel |
res-number required | integer <int32> Id of resolver |
netgate.ipsec.ipsecconfig.tunnel.crypto.ike.remoteaccess.dns.Resolver to be added or updated
object (netgate.ipsec.ipsecconfig.tunnel.crypto.ike.remoteaccess.dns.Resolver) Address of DNS resolvers to be used by clients. |
{- "netgate-ipsec:resolver": {
- "netgate-ipsec:res-number": 0,
- "netgate-ipsec:address": "string"
}
}
Address of DNS resolvers to be used by clients.
instance required | integer <int64> Id of tunnel |
res-number required | integer <int32> Id of resolver |
package main import ( "fmt" "net/http" "io/ioutil" ) func main() { url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/tunnel=%7Binstance%7D/crypto/ike/remote-access/dns/resolver=%7Bres-number%7D" req, _ := http.NewRequest("DELETE", url, nil) res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := ioutil.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) }
returns netgate.ipsec.ipsecconfig.tunnel.crypto.Manual
instance required | integer <int64> Id of tunnel |
package main import ( "fmt" "net/http" "io/ioutil" ) func main() { url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/tunnel=%7Binstance%7D/crypto/manual" req, _ := http.NewRequest("GET", url, nil) res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := ioutil.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) }
{- "netgate-ipsec:manual": {
- "netgate-ipsec:encryption": {
- "netgate-ipsec:key": "string",
- "netgate-ipsec:algorithm": "aes128gcm16"
}, - "netgate-ipsec:protocol": "esp",
- "netgate-ipsec:integrity": {
- "netgate-ipsec:key": "string",
- "netgate-ipsec:algorithm": "sha1"
}
}
}
creates netgate.ipsec.ipsecconfig.tunnel.crypto.Manual
instance required | integer <int64> Id of tunnel |
netgate.ipsec.ipsecconfig.tunnel.crypto.Manual to be added to list
object (netgate.ipsec.ipsecconfig.tunnel.crypto.manual.Encryption) | |
netgate-ipsec:protocol | string (netgate.ipsec.Protocol) Value: "esp" |
object (netgate.ipsec.ipsecconfig.tunnel.crypto.manual.Integrity) |
{- "netgate-ipsec:encryption": {
- "netgate-ipsec:key": "string",
- "netgate-ipsec:algorithm": "aes128gcm16"
}, - "netgate-ipsec:protocol": "esp",
- "netgate-ipsec:integrity": {
- "netgate-ipsec:key": "string",
- "netgate-ipsec:algorithm": "sha1"
}
}
creates or updates netgate.ipsec.ipsecconfig.tunnel.crypto.Manual
instance required | integer <int64> Id of tunnel |
netgate.ipsec.ipsecconfig.tunnel.crypto.Manual to be added or updated
object (netgate.ipsec.ipsecconfig.tunnel.crypto.Manual) |
{- "netgate-ipsec:manual": {
- "netgate-ipsec:encryption": {
- "netgate-ipsec:key": "string",
- "netgate-ipsec:algorithm": "aes128gcm16"
}, - "netgate-ipsec:protocol": "esp",
- "netgate-ipsec:integrity": {
- "netgate-ipsec:key": "string",
- "netgate-ipsec:algorithm": "sha1"
}
}
}
removes netgate.ipsec.ipsecconfig.tunnel.crypto.Manual
instance required | integer <int64> Id of tunnel |
package main import ( "fmt" "net/http" "io/ioutil" ) func main() { url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/tunnel=%7Binstance%7D/crypto/manual" req, _ := http.NewRequest("DELETE", url, nil) res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := ioutil.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) }
returns netgate.ipsec.ipsecconfig.tunnel.crypto.manual.Encryption
instance required | integer <int64> Id of tunnel |
package main import ( "fmt" "net/http" "io/ioutil" ) func main() { url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/tunnel=%7Binstance%7D/crypto/manual/encryption" req, _ := http.NewRequest("GET", url, nil) res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := ioutil.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) }
{- "netgate-ipsec:encryption": {
- "netgate-ipsec:key": "string",
- "netgate-ipsec:algorithm": "aes128gcm16"
}
}
creates netgate.ipsec.ipsecconfig.tunnel.crypto.manual.Encryption
instance required | integer <int64> Id of tunnel |
netgate.ipsec.ipsecconfig.tunnel.crypto.manual.Encryption to be added to list
netgate-ipsec:key | string |
netgate-ipsec:algorithm | string (netgate.ipsec.DataplaneEspEncryptionAlgorithmT) Enum: "aes128gcm16" "aes192gcm16" "aes256gcm16" "chacha20poly1305" "aes128" "aes192" "aes256" |
{- "netgate-ipsec:key": "string",
- "netgate-ipsec:algorithm": "aes128gcm16"
}
creates or updates netgate.ipsec.ipsecconfig.tunnel.crypto.manual.Encryption
instance required | integer <int64> Id of tunnel |
netgate.ipsec.ipsecconfig.tunnel.crypto.manual.Encryption to be added or updated
object (netgate.ipsec.ipsecconfig.tunnel.crypto.manual.Encryption) |
{- "netgate-ipsec:encryption": {
- "netgate-ipsec:key": "string",
- "netgate-ipsec:algorithm": "aes128gcm16"
}
}
removes netgate.ipsec.ipsecconfig.tunnel.crypto.manual.Encryption
instance required | integer <int64> Id of tunnel |
package main import ( "fmt" "net/http" "io/ioutil" ) func main() { url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/tunnel=%7Binstance%7D/crypto/manual/encryption" req, _ := http.NewRequest("DELETE", url, nil) res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := ioutil.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) }
returns netgate.ipsec.ipsecconfig.tunnel.crypto.manual.Integrity
instance required | integer <int64> Id of tunnel |
package main import ( "fmt" "net/http" "io/ioutil" ) func main() { url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/tunnel=%7Binstance%7D/crypto/manual/integrity" req, _ := http.NewRequest("GET", url, nil) res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := ioutil.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) }
{- "netgate-ipsec:integrity": {
- "netgate-ipsec:key": "string",
- "netgate-ipsec:algorithm": "sha1"
}
}
creates netgate.ipsec.ipsecconfig.tunnel.crypto.manual.Integrity
instance required | integer <int64> Id of tunnel |
netgate.ipsec.ipsecconfig.tunnel.crypto.manual.Integrity to be added to list
netgate-ipsec:key | string |
netgate-ipsec:algorithm | string (netgate.ipsec.DataplaneEspIntegrityAlgorithmT) Enum: "sha1" "sha256" "sha384" "sha512" |
{- "netgate-ipsec:key": "string",
- "netgate-ipsec:algorithm": "sha1"
}
creates or updates netgate.ipsec.ipsecconfig.tunnel.crypto.manual.Integrity
instance required | integer <int64> Id of tunnel |
netgate.ipsec.ipsecconfig.tunnel.crypto.manual.Integrity to be added or updated
object (netgate.ipsec.ipsecconfig.tunnel.crypto.manual.Integrity) |
{- "netgate-ipsec:integrity": {
- "netgate-ipsec:key": "string",
- "netgate-ipsec:algorithm": "sha1"
}
}
removes netgate.ipsec.ipsecconfig.tunnel.crypto.manual.Integrity
instance required | integer <int64> Id of tunnel |
package main import ( "fmt" "net/http" "io/ioutil" ) func main() { url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/tunnel=%7Binstance%7D/crypto/manual/integrity" req, _ := http.NewRequest("DELETE", url, nil) res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := ioutil.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) }
package main import ( "fmt" "net/http" "io/ioutil" ) func main() { url := "http://hostname/restconf/data/netgate-ipsec:ipsec-state" req, _ := http.NewRequest("GET", url, nil) res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := ioutil.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) }
{- "netgate-ipsec:ipsec-state": {
- "netgate-ipsec:tunnel": [
- {
- "netgate-ipsec:description": "string",
- "netgate-ipsec:instance": 0,
- "netgate-ipsec:ike-sa": [
- {
- "netgate-ipsec:local-port": 0,
- "netgate-ipsec:remote-addr": "string",
- "netgate-ipsec:child-sa": [
- {
- "netgate-ipsec:name": "string",
- "netgate-ipsec:sa": [
- {
- "netgate-ipsec:unique-id": null,
- "netgate-ipsec:status": null,
- "netgate-ipsec:crypto": null
}
]
}
], - "netgate-ipsec:ike-unique-id": 0,
- "netgate-ipsec:local-addr": "string",
- "netgate-ipsec:name": "string",
- "netgate-ipsec:remote-port": 0,
- "netgate-ipsec:version": 0,
- "netgate-ipsec:remote-virtual-addr": [
- "string"
], - "netgate-ipsec:crypto": {
- "netgate-ipsec:remote-id": "string",
- "netgate-ipsec:prf-algorithm": "string",
- "netgate-ipsec:encryption-algorithm": "string",
- "netgate-ipsec:local-id": "string",
- "netgate-ipsec:initiator": true,
- "netgate-ipsec:encryption-keylen": 0,
- "netgate-ipsec:initiator-spi": 0,
- "netgate-ipsec:dh-group": "string",
- "netgate-ipsec:responder-spi": 0,
- "netgate-ipsec:integrity-algorithm": "string"
}, - "netgate-ipsec:status": {
- "netgate-ipsec:reauth-time": 0,
- "netgate-ipsec:state": "string",
- "netgate-ipsec:rekey-time": 0,
- "netgate-ipsec:age": 0
}
}
]
}
]
}
}
IPsec tunnel
instance required | integer <int64> Id of tunnel |
package main import ( "fmt" "net/http" "io/ioutil" ) func main() { url := "http://hostname/restconf/data/netgate-ipsec:ipsec-state/tunnel=%7Binstance%7D" req, _ := http.NewRequest("GET", url, nil) res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := ioutil.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) }
{- "netgate-ipsec:tunnel": {
- "netgate-ipsec:description": "string",
- "netgate-ipsec:instance": 0,
- "netgate-ipsec:ike-sa": [
- {
- "netgate-ipsec:local-port": 0,
- "netgate-ipsec:remote-addr": "string",
- "netgate-ipsec:child-sa": [
- {
- "netgate-ipsec:name": "string",
- "netgate-ipsec:sa": [
- {
- "netgate-ipsec:unique-id": 0,
- "netgate-ipsec:status": {
- "netgate-ipsec:packets-sent": 0,
- "netgate-ipsec:udp-encapsulation": true,
- "netgate-ipsec:packets-received": 0,
- "netgate-ipsec:expire-time": 0,
- "netgate-ipsec:bytes-sent": 0,
- "netgate-ipsec:state": "string",
- "netgate-ipsec:rekey-time": 0,
- "netgate-ipsec:bytes-received": 0,
- "netgate-ipsec:age": 0
}, - "netgate-ipsec:crypto": {
- "netgate-ipsec:outbound-spi": "string",
- "netgate-ipsec:encryption-keylen": 0,
- "netgate-ipsec:encryption-algorithm": "string",
- "netgate-ipsec:dh-group": "string",
- "netgate-ipsec:inbound-spi": "string",
- "netgate-ipsec:integrity-algorithm": "string"
}
}
]
}
], - "netgate-ipsec:ike-unique-id": 0,
- "netgate-ipsec:local-addr": "string",
- "netgate-ipsec:name": "string",
- "netgate-ipsec:remote-port": 0,
- "netgate-ipsec:version": 0,
- "netgate-ipsec:remote-virtual-addr": [
- "string"
], - "netgate-ipsec:crypto": {
- "netgate-ipsec:remote-id": "string",
- "netgate-ipsec:prf-algorithm": "string",
- "netgate-ipsec:encryption-algorithm": "string",
- "netgate-ipsec:local-id": "string",
- "netgate-ipsec:initiator": true,
- "netgate-ipsec:encryption-keylen": 0,
- "netgate-ipsec:initiator-spi": 0,
- "netgate-ipsec:dh-group": "string",
- "netgate-ipsec:responder-spi": 0,
- "netgate-ipsec:integrity-algorithm": "string"
}, - "netgate-ipsec:status": {
- "netgate-ipsec:reauth-time": 0,
- "netgate-ipsec:state": "string",
- "netgate-ipsec:rekey-time": 0,
- "netgate-ipsec:age": 0
}
}
]
}
}
IKE SA
instance required | integer <int64> Id of tunnel |
ike-unique-id required | integer <int64> Id of ike-sa |
package main import ( "fmt" "net/http" "io/ioutil" ) func main() { url := "http://hostname/restconf/data/netgate-ipsec:ipsec-state/tunnel=%7Binstance%7D/ike-sa=%7Bike-unique-id%7D" req, _ := http.NewRequest("GET", url, nil) res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := ioutil.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) }
{- "netgate-ipsec:ike-sa": {
- "netgate-ipsec:local-port": 0,
- "netgate-ipsec:remote-addr": "string",
- "netgate-ipsec:child-sa": [
- {
- "netgate-ipsec:name": "string",
- "netgate-ipsec:sa": [
- {
- "netgate-ipsec:unique-id": 0,
- "netgate-ipsec:status": {
- "netgate-ipsec:packets-sent": 0,
- "netgate-ipsec:udp-encapsulation": true,
- "netgate-ipsec:packets-received": 0,
- "netgate-ipsec:expire-time": 0,
- "netgate-ipsec:bytes-sent": 0,
- "netgate-ipsec:state": "string",
- "netgate-ipsec:rekey-time": 0,
- "netgate-ipsec:bytes-received": 0,
- "netgate-ipsec:age": 0
}, - "netgate-ipsec:crypto": {
- "netgate-ipsec:outbound-spi": "string",
- "netgate-ipsec:encryption-keylen": 0,
- "netgate-ipsec:encryption-algorithm": "string",
- "netgate-ipsec:dh-group": "string",
- "netgate-ipsec:inbound-spi": "string",
- "netgate-ipsec:integrity-algorithm": "string"
}
}
]
}
], - "netgate-ipsec:ike-unique-id": 0,
- "netgate-ipsec:local-addr": "string",
- "netgate-ipsec:name": "string",
- "netgate-ipsec:remote-port": 0,
- "netgate-ipsec:version": 0,
- "netgate-ipsec:remote-virtual-addr": [
- "string"
], - "netgate-ipsec:crypto": {
- "netgate-ipsec:remote-id": "string",
- "netgate-ipsec:prf-algorithm": "string",
- "netgate-ipsec:encryption-algorithm": "string",
- "netgate-ipsec:local-id": "string",
- "netgate-ipsec:initiator": true,
- "netgate-ipsec:encryption-keylen": 0,
- "netgate-ipsec:initiator-spi": 0,
- "netgate-ipsec:dh-group": "string",
- "netgate-ipsec:responder-spi": 0,
- "netgate-ipsec:integrity-algorithm": "string"
}, - "netgate-ipsec:status": {
- "netgate-ipsec:reauth-time": 0,
- "netgate-ipsec:state": "string",
- "netgate-ipsec:rekey-time": 0,
- "netgate-ipsec:age": 0
}
}
}
Child SA
instance required | integer <int64> Id of tunnel |
ike-unique-id required | integer <int64> Id of ike-sa |
name required | string Id of child-sa |
package main import ( "fmt" "net/http" "io/ioutil" ) func main() { url := "http://hostname/restconf/data/netgate-ipsec:ipsec-state/tunnel=%7Binstance%7D/ike-sa=%7Bike-unique-id%7D/child-sa=%7Bname%7D" req, _ := http.NewRequest("GET", url, nil) res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := ioutil.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) }
{- "netgate-ipsec:child-sa": {
- "netgate-ipsec:name": "string",
- "netgate-ipsec:sa": [
- {
- "netgate-ipsec:unique-id": 0,
- "netgate-ipsec:status": {
- "netgate-ipsec:packets-sent": 0,
- "netgate-ipsec:udp-encapsulation": true,
- "netgate-ipsec:packets-received": 0,
- "netgate-ipsec:expire-time": 0,
- "netgate-ipsec:bytes-sent": 0,
- "netgate-ipsec:state": "string",
- "netgate-ipsec:rekey-time": 0,
- "netgate-ipsec:bytes-received": 0,
- "netgate-ipsec:age": 0
}, - "netgate-ipsec:crypto": {
- "netgate-ipsec:outbound-spi": "string",
- "netgate-ipsec:encryption-keylen": 0,
- "netgate-ipsec:encryption-algorithm": "string",
- "netgate-ipsec:dh-group": "string",
- "netgate-ipsec:inbound-spi": "string",
- "netgate-ipsec:integrity-algorithm": "string"
}
}
]
}
}
Child SA instance
instance required | integer <int64> Id of tunnel |
ike-unique-id required | integer <int64> Id of ike-sa |
name required | string Id of child-sa |
unique-id required | integer <int64> Id of sa |
package main import ( "fmt" "net/http" "io/ioutil" ) func main() { url := "http://hostname/restconf/data/netgate-ipsec:ipsec-state/tunnel=%7Binstance%7D/ike-sa=%7Bike-unique-id%7D/child-sa=%7Bname%7D/sa=%7Bunique-id%7D" req, _ := http.NewRequest("GET", url, nil) res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := ioutil.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) }
{- "netgate-ipsec:sa": {
- "netgate-ipsec:unique-id": 0,
- "netgate-ipsec:status": {
- "netgate-ipsec:packets-sent": 0,
- "netgate-ipsec:udp-encapsulation": true,
- "netgate-ipsec:packets-received": 0,
- "netgate-ipsec:expire-time": 0,
- "netgate-ipsec:bytes-sent": 0,
- "netgate-ipsec:state": "string",
- "netgate-ipsec:rekey-time": 0,
- "netgate-ipsec:bytes-received": 0,
- "netgate-ipsec:age": 0
}, - "netgate-ipsec:crypto": {
- "netgate-ipsec:outbound-spi": "string",
- "netgate-ipsec:encryption-keylen": 0,
- "netgate-ipsec:encryption-algorithm": "string",
- "netgate-ipsec:dh-group": "string",
- "netgate-ipsec:inbound-spi": "string",
- "netgate-ipsec:integrity-algorithm": "string"
}
}
}
Cryptographic Parameters
instance required | integer <int64> Id of tunnel |
ike-unique-id required | integer <int64> Id of ike-sa |
name required | string Id of child-sa |
unique-id required | integer <int64> Id of sa |
package main import ( "fmt" "net/http" "io/ioutil" ) func main() { url := "http://hostname/restconf/data/netgate-ipsec:ipsec-state/tunnel=%7Binstance%7D/ike-sa=%7Bike-unique-id%7D/child-sa=%7Bname%7D/sa=%7Bunique-id%7D/crypto" req, _ := http.NewRequest("GET", url, nil) res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := ioutil.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) }
{- "netgate-ipsec:crypto": {
- "netgate-ipsec:outbound-spi": "string",
- "netgate-ipsec:encryption-keylen": 0,
- "netgate-ipsec:encryption-algorithm": "string",
- "netgate-ipsec:dh-group": "string",
- "netgate-ipsec:inbound-spi": "string",
- "netgate-ipsec:integrity-algorithm": "string"
}
}
SA status
instance required | integer <int64> Id of tunnel |
ike-unique-id required | integer <int64> Id of ike-sa |
name required | string Id of child-sa |
unique-id required | integer <int64> Id of sa |
package main import ( "fmt" "net/http" "io/ioutil" ) func main() { url := "http://hostname/restconf/data/netgate-ipsec:ipsec-state/tunnel=%7Binstance%7D/ike-sa=%7Bike-unique-id%7D/child-sa=%7Bname%7D/sa=%7Bunique-id%7D/status" req, _ := http.NewRequest("GET", url, nil) res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := ioutil.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) }
{- "netgate-ipsec:status": {
- "netgate-ipsec:packets-sent": 0,
- "netgate-ipsec:udp-encapsulation": true,
- "netgate-ipsec:packets-received": 0,
- "netgate-ipsec:expire-time": 0,
- "netgate-ipsec:bytes-sent": 0,
- "netgate-ipsec:state": "string",
- "netgate-ipsec:rekey-time": 0,
- "netgate-ipsec:bytes-received": 0,
- "netgate-ipsec:age": 0
}
}
Cryptographic Parameters
instance required | integer <int64> Id of tunnel |
ike-unique-id required | integer <int64> Id of ike-sa |
package main import ( "fmt" "net/http" "io/ioutil" ) func main() { url := "http://hostname/restconf/data/netgate-ipsec:ipsec-state/tunnel=%7Binstance%7D/ike-sa=%7Bike-unique-id%7D/crypto" req, _ := http.NewRequest("GET", url, nil) res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := ioutil.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) }
{- "netgate-ipsec:crypto": {
- "netgate-ipsec:remote-id": "string",
- "netgate-ipsec:prf-algorithm": "string",
- "netgate-ipsec:encryption-algorithm": "string",
- "netgate-ipsec:local-id": "string",
- "netgate-ipsec:initiator": true,
- "netgate-ipsec:encryption-keylen": 0,
- "netgate-ipsec:initiator-spi": 0,
- "netgate-ipsec:dh-group": "string",
- "netgate-ipsec:responder-spi": 0,
- "netgate-ipsec:integrity-algorithm": "string"
}
}
SA status
instance required | integer <int64> Id of tunnel |
ike-unique-id required | integer <int64> Id of ike-sa |
package main import ( "fmt" "net/http" "io/ioutil" ) func main() { url := "http://hostname/restconf/data/netgate-ipsec:ipsec-state/tunnel=%7Binstance%7D/ike-sa=%7Bike-unique-id%7D/status" req, _ := http.NewRequest("GET", url, nil) res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := ioutil.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) }
{- "netgate-ipsec:status": {
- "netgate-ipsec:reauth-time": 0,
- "netgate-ipsec:state": "string",
- "netgate-ipsec:rekey-time": 0,
- "netgate-ipsec:age": 0
}
}
operates on netgate.ipsec.IkeControl
object (netgate.ipsec.ikecontrol.Input) |
{- "input": {
- "netgate-ipsec:operation": "start"
}
}
{- "output": {
- "netgate-ipsec:stdout": "string"
}
}
operates on netgate.ipsec.IkeCoredump
object (netgate.ipsec.ikecoredump.Input) |
{- "input": {
- "netgate-ipsec:operation": "enable"
}
}
{- "output": {
- "netgate-ipsec:stdout": "string"
}
}