netgate-ipsec API (22.06)
This YANG module provides mappings of the CLI command structure to the underlying data-model elements for the Netgate router.
Copyright 2016-2020 Rubicon Communications, LLC.
returns netgate.ipsec.IpsecConfig
get /data/netgate-ipsec:ipsec-config
Example URL
https://hostname/restconf/data/netgate-ipsec:ipsec-config
returns netgate.ipsec.IpsecConfig
Responses
200
netgate.ipsec.IpsecConfig
400
Internal error
Request samples
- Go
- javascript
- Python
- Shell
Copy
package main import ( "fmt" "net/http" "io/ioutil" ) func main() { url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config" req, _ := http.NewRequest("GET", url, nil) res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := ioutil.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) }
Response samples
- 200
Content type
application/yang-data+json
Copy
Expand all Collapse all {
- "netgate-ipsec:ipsec-config": {
- "tunnel": [
- {
- "remote-type": "gateway",
- "tunnel-type": "interface",
- "remote-addr": "string",
- "instance": 0,
- "tunnel-enable": false,
- "local-addr": "string",
- "crypto": {
- "ike": {
- "key-renewal": "reauth",
- "role": "initiator-only",
- "udp-encapsulation": false,
- "child-sa": [
- {
- "proposal": [
- {
- "name": "string",
- "sequence-number": "esn",
- "encryption-algorithm": "aes128gcm16",
- "dh-group": "modp768",
- "integrity-algorithm": "md5"
- "mode": "tunnel",
- "protocol": "esp",
- "lifetime": 3600,
- "name": "string",
- "traffic-selector": [
- {
- "number": 0,
- "remote-net": "string",
- "local-net": "string"
- "replay-window": 0
- "identity": [
- {
- "type": "none",
- "value": "string",
- "peer": "remote"
- "lifetime": 14400,
- "proposals": [
- {
- "name": "string",
- "encryption-algorithm": "3des",
- "prf": "prfmd5",
- "dh-group": "modp768",
- "integrity-algorithm": "md5"
- "dpd-poll-interval": 0,
- "version": 2,
- "authentication": [
- {
- "round": [
- {
- "number": 0,
- "psk": "string",
- "type": "psk"
- "peer": "remote"
- "manual": {
- "protocol": "esp",
- "integrity": {
- "key": "string",
- "algorithm": "md5"
- "encryption": {
- "key": "string",
- "algorithm": "aes128gcm16"
- "config-type": "ike"
creates netgate.ipsec.IpsecConfig
post /data/netgate-ipsec:ipsec-config
Example URL
https://hostname/restconf/data/netgate-ipsec:ipsec-config
creates netgate.ipsec.IpsecConfig
Request Body schema: application/yang-data+json
netgate.ipsec.IpsecConfig to be added to list
| tunnel | Array of objects (netgate.ipsec.ipsecconfig.Tunnel) IPsec tunnel configurations |
Responses
201
Object created
400
Internal error
409
Object already exists
Request samples
- Payload
- Go
- javascript
- Python
- Shell
Content type
application/yang-data+json
Copy
Expand all Collapse all {
- "tunnel": [
- {
- "remote-type": "gateway",
- "tunnel-type": "interface",
- "remote-addr": "string",
- "instance": 0,
- "tunnel-enable": false,
- "local-addr": "string",
- "crypto": {
- "ike": {
- "key-renewal": "reauth",
- "role": "initiator-only",
- "udp-encapsulation": false,
- "child-sa": [
- {
- "proposal": [
- {
- "name": "string",
- "sequence-number": "esn",
- "encryption-algorithm": "aes128gcm16",
- "dh-group": "modp768",
- "integrity-algorithm": "md5"
- "mode": "tunnel",
- "protocol": "esp",
- "lifetime": 3600,
- "name": "string",
- "traffic-selector": [
- {
- "number": 0,
- "remote-net": "string",
- "local-net": "string"
- "replay-window": 0
- "identity": [
- {
- "type": "none",
- "value": "string",
- "peer": "remote"
- "lifetime": 14400,
- "proposals": [
- {
- "name": "string",
- "encryption-algorithm": "3des",
- "prf": "prfmd5",
- "dh-group": "modp768",
- "integrity-algorithm": "md5"
- "dpd-poll-interval": 0,
- "version": 2,
- "authentication": [
- {
- "round": [
- {
- "number": 0,
- "psk": "string",
- "type": "psk"
- "peer": "remote"
- "manual": {
- "protocol": "esp",
- "integrity": {
- "key": "string",
- "algorithm": "md5"
- "encryption": {
- "key": "string",
- "algorithm": "aes128gcm16"
- "config-type": "ike"
creates or updates netgate.ipsec.IpsecConfig
put /data/netgate-ipsec:ipsec-config
Example URL
https://hostname/restconf/data/netgate-ipsec:ipsec-config
creates or updates netgate.ipsec.IpsecConfig
Request Body schema: application/yang-data+json
netgate.ipsec.IpsecConfig to be added or updated
| netgate-ipsec:ipsec-config | object (netgate.ipsec.IpsecConfig) |
Responses
201
Object created
204
Object modified
400
Internal error
Request samples
- Payload
- Go
- javascript
- Python
- Shell
Content type
application/yang-data+json
Copy
Expand all Collapse all {
- "netgate-ipsec:ipsec-config": {
- "tunnel": [
- {
- "remote-type": "gateway",
- "tunnel-type": "interface",
- "remote-addr": "string",
- "instance": 0,
- "tunnel-enable": false,
- "local-addr": "string",
- "crypto": {
- "ike": {
- "key-renewal": "reauth",
- "role": "initiator-only",
- "udp-encapsulation": false,
- "child-sa": [
- {
- "proposal": [
- {
- "name": "string",
- "sequence-number": "esn",
- "encryption-algorithm": "aes128gcm16",
- "dh-group": "modp768",
- "integrity-algorithm": "md5"
- "mode": "tunnel",
- "protocol": "esp",
- "lifetime": 3600,
- "name": "string",
- "traffic-selector": [
- {
- "number": 0,
- "remote-net": "string",
- "local-net": "string"
- "replay-window": 0
- "identity": [
- {
- "type": "none",
- "value": "string",
- "peer": "remote"
- "lifetime": 14400,
- "proposals": [
- {
- "name": "string",
- "encryption-algorithm": "3des",
- "prf": "prfmd5",
- "dh-group": "modp768",
- "integrity-algorithm": "md5"
- "dpd-poll-interval": 0,
- "version": 2,
- "authentication": [
- {
- "round": [
- {
- "number": 0,
- "psk": "string",
- "type": "psk"
- "peer": "remote"
- "manual": {
- "protocol": "esp",
- "integrity": {
- "key": "string",
- "algorithm": "md5"
- "encryption": {
- "key": "string",
- "algorithm": "aes128gcm16"
- "config-type": "ike"
removes netgate.ipsec.IpsecConfig
delete /data/netgate-ipsec:ipsec-config
Example URL
https://hostname/restconf/data/netgate-ipsec:ipsec-config
removes netgate.ipsec.IpsecConfig
Responses
204
Object deleted
400
Internal error
Request samples
- Go
- javascript
- Python
- Shell
Copy
package main import ( "fmt" "net/http" "io/ioutil" ) func main() { url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config" req, _ := http.NewRequest("DELETE", url, nil) res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := ioutil.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body)) }
creates netgate.ipsec.ipsecconfig.Tunnel
post /data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel
Example URL
https://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel
IPsec tunnel configurations
Request Body schema: application/yang-data+json
netgate.ipsec.ipsecconfig.Tunnel to be added to list
| remote-type | string (netgate.ipsec.RemoteType) Enum: "gateway" "endpoint" |
| tunnel-type | string (netgate.ipsec.TunnelType) Value: "interface" |
| remote-addr | string IP address or hostname of remote tunnel peer. |
| instance | integer <int64> Numeric identifier of tunnel |
| tunnel-enable | boolean Default: false |
| local-addr | string IP address used locally to terminate tunnel. |
| crypto | object (netgate.ipsec.ipsecconfig.tunnel.Crypto) |
Responses
201
Object created
400
Internal error
409
Object already exists
Request samples
- Payload
- Go
- javascript
- Python
- Shell
Content type
application/yang-data+json
Copy
Expand all Collapse all {
- "remote-type": "gateway",
- "tunnel-type": "interface",
- "remote-addr": "string",
- "instance": 0,
- "tunnel-enable": false,
- "local-addr": "string",
- "crypto": {
- "ike": {
- "key-renewal": "reauth",
- "role": "initiator-only",
- "udp-encapsulation": false,
- "child-sa": [
- {
- "proposal": [
- {
- "name": "string",
- "sequence-number": "esn",
- "encryption-algorithm": "aes128gcm16",
- "dh-group": "modp768",
- "integrity-algorithm": "md5"
- "mode": "tunnel",
- "protocol": "esp",
- "lifetime": 3600,
- "name": "string",
- "traffic-selector": [
- {
- "number": 0,
- "remote-net": "string",
- "local-net": "string"
- "replay-window": 0
- "identity": [
- {
- "type": "none",
- "value": "string",
- "peer": "remote"
- "lifetime": 14400,
- "proposals": [
- {
- "name": "string",
- "encryption-algorithm": "3des",
- "prf": "prfmd5",
- "dh-group": "modp768",
- "integrity-algorithm": "md5"
- "dpd-poll-interval": 0,
- "version": 2,
- "authentication": [
- {
- "round": [
- {
- "number": 0,
- "psk": "string",
- "type": "psk"
- "peer": "remote"
- "manual": {
- "protocol": "esp",
- "integrity": {
- "key": "string",
- "algorithm": "md5"
- "encryption": {
- "key": "string",
- "algorithm": "aes128gcm16"
- "config-type": "ike"
returns netgate.ipsec.ipsecconfig.Tunnel
get /data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}
Example URL
https://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}
IPsec tunnel configurations
path Parameters
| instance required | integer <int64> Id of tunnel |
Responses
200
netgate.ipsec.ipsecconfig.Tunnel
400
Internal error
Request samples
- Go
- javascript
- Python
- Shell
Copy
package main import ( "fmt" "net/http" "io/ioutil" ) func main() { url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel=%7Binstance%7D" req, _ := http.NewRequest("GET", url, nil) res, _ := http.DefaultClient.Do(req) defer res.Body.Close() body, _ := ioutil.ReadAll(res.Body) fmt.Println(res) fmt.Println(string(body))</