netgate-ipsec API (19.05)

This YANG module provides mappings of the CLI command structure to the underlying data-model elements for the Netgate router.

ipsec-config

returns netgate.ipsec.IpsecConfig

get /data/netgate-ipsec:ipsec-config

Example URL

https://hostname/restconf/data/netgate-ipsec:ipsec-config

returns netgate.ipsec.IpsecConfig

Responses

200

netgate.ipsec.IpsecConfig

400

Internal error

Request samples

Go
javascript
Python
Shell

Copy

package main

import (
	"fmt"
	"net/http"
	"io/ioutil"
)

func main() {

	url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config"

	req, _ := http.NewRequest("GET", url, nil)

	res, _ := http.DefaultClient.Do(req)

	defer res.Body.Close()
	body, _ := ioutil.ReadAll(res.Body)

	fmt.Println(res)
	fmt.Println(string(body))

}

Response samples

application/yang-data+json

Copy

Expand all Collapse all

{

"netgate-ipsec:ipsec-config":
{
- "tunnel":
  [
  - {
    "remote-type": "gateway",
    "tunnel-type": "interface",
    "remote-addr": "string",
    "instance": 0,
    "local-addr": "string",
    "crypto":
    {
    "ike":
    {
    "key-renewal": "reauth",
    "role": "initiator-only",
    "child-sa":
    [
    {
    "proposal":
    [
    {
    "name": "string",
    "sequence-number": "esn",
    "encryption-algorithm": "aes128gcm16",
    "dh-group": "modp768",
    "integrity-algorithm": "md5"
    }
    ],
    "mode": "tunnel",
    "protocol": "esp",
    "lifetime": 3600,
    "name": "string",
    "traffic-selector":
    [
    {
    "number": 0,
    "remote-net": "string",
    "local-net": "string"
    }
    ],
    "replay-window": 0
    }
    ],
    "identity":
    [
    {
    "type": "none",
    "value": "string",
    "peer": "remote"
    }
    ],
    "lifetime": 14400,
    "proposals":
    [
    {
    "name": "string",
    "encryption-algorithm": "3des",
    "prf": "prfmd5",
    "dh-group": "modp768",
    "integrity-algorithm": "md5"
    }
    ],
    "dpd-poll-interval": 0,
    "version": 2,
    "authentication":
    [
    {
    "round":
    [
    {
    "number": 0,
    "psk": "string",
    "type": "psk"
    }
    ],
    "peer": "remote"
    }
    ]
    },
    "manual":
    {
    "protocol": "esp",
    "integrity":
    {
    "key": "string",
    "algorithm": "md5"
    },
    "encryption":
    {
    "key": "string",
    "algorithm": "aes128gcm16"
    }
    },
    "config-type": "ike"
    }
    }
  ]
}

}

creates netgate.ipsec.IpsecConfig

post /data/netgate-ipsec:ipsec-config

Example URL

https://hostname/restconf/data/netgate-ipsec:ipsec-config

creates netgate.ipsec.IpsecConfig

Request Body schema: application/yang-data+json

netgate.ipsec.IpsecConfig to be added to list

tunnel

Array of objects (netgate.ipsec.ipsecconfig.Tunnel)

IPsec tunnel configurations

Responses

201

Object created

400

Internal error

409

Object already exists

Request samples

Payload
Go
javascript
Python
Shell

application/yang-data+json

Copy

Expand all Collapse all

{

"tunnel":
[
- {
  - "remote-type": "gateway",
  - "tunnel-type": "interface",
  - "remote-addr": "string",
  - "instance": 0,
  - "local-addr": "string",
  - "crypto":
    {
    "ike":
    {
    "key-renewal": "reauth",
    "role": "initiator-only",
    "child-sa":
    [
    {
    "proposal":
    [
    {
    "name": "string",
    "sequence-number": "esn",
    "encryption-algorithm": "aes128gcm16",
    "dh-group": "modp768",
    "integrity-algorithm": "md5"
    }
    ],
    "mode": "tunnel",
    "protocol": "esp",
    "lifetime": 3600,
    "name": "string",
    "traffic-selector":
    [
    {
    "number": 0,
    "remote-net": "string",
    "local-net": "string"
    }
    ],
    "replay-window": 0
    }
    ],
    "identity":
    [
    {
    "type": "none",
    "value": "string",
    "peer": "remote"
    }
    ],
    "lifetime": 14400,
    "proposals":
    [
    {
    "name": "string",
    "encryption-algorithm": "3des",
    "prf": "prfmd5",
    "dh-group": "modp768",
    "integrity-algorithm": "md5"
    }
    ],
    "dpd-poll-interval": 0,
    "version": 2,
    "authentication":
    [
    {
    "round":
    [
    {
    "number": 0,
    "psk": "string",
    "type": "psk"
    }
    ],
    "peer": "remote"
    }
    ]
    },
    "manual":
    {
    "protocol": "esp",
    "integrity":
    {
    "key": "string",
    "algorithm": "md5"
    },
    "encryption":
    {
    "key": "string",
    "algorithm": "aes128gcm16"
    }
    },
    "config-type": "ike"
    }
  }
]

}

creates or updates netgate.ipsec.IpsecConfig

put /data/netgate-ipsec:ipsec-config

Example URL

https://hostname/restconf/data/netgate-ipsec:ipsec-config

creates or updates netgate.ipsec.IpsecConfig

Request Body schema: application/yang-data+json

netgate.ipsec.IpsecConfig to be added or updated

netgate-ipsec:ipsec-config

object (netgate.ipsec.IpsecConfig)

Responses

201

Object created

204

Object modified

400

Internal error

Request samples

Payload
Go
javascript
Python
Shell

application/yang-data+json

Copy

Expand all Collapse all

{

"netgate-ipsec:ipsec-config":
{
- "tunnel":
  [
  - {
    "remote-type": "gateway",
    "tunnel-type": "interface",
    "remote-addr": "string",
    "instance": 0,
    "local-addr": "string",
    "crypto":
    {
    "ike":
    {
    "key-renewal": "reauth",
    "role": "initiator-only",
    "child-sa":
    [
    {
    "proposal":
    [
    {
    "name": "string",
    "sequence-number": "esn",
    "encryption-algorithm": "aes128gcm16",
    "dh-group": "modp768",
    "integrity-algorithm": "md5"
    }
    ],
    "mode": "tunnel",
    "protocol": "esp",
    "lifetime": 3600,
    "name": "string",
    "traffic-selector":
    [
    {
    "number": 0,
    "remote-net": "string",
    "local-net": "string"
    }
    ],
    "replay-window": 0
    }
    ],
    "identity":
    [
    {
    "type": "none",
    "value": "string",
    "peer": "remote"
    }
    ],
    "lifetime": 14400,
    "proposals":
    [
    {
    "name": "string",
    "encryption-algorithm": "3des",
    "prf": "prfmd5",
    "dh-group": "modp768",
    "integrity-algorithm": "md5"
    }
    ],
    "dpd-poll-interval": 0,
    "version": 2,
    "authentication":
    [
    {
    "round":
    [
    {
    "number": 0,
    "psk": "string",
    "type": "psk"
    }
    ],
    "peer": "remote"
    }
    ]
    },
    "manual":
    {
    "protocol": "esp",
    "integrity":
    {
    "key": "string",
    "algorithm": "md5"
    },
    "encryption":
    {
    "key": "string",
    "algorithm": "aes128gcm16"
    }
    },
    "config-type": "ike"
    }
    }
  ]
}

}

removes netgate.ipsec.IpsecConfig

delete /data/netgate-ipsec:ipsec-config

Example URL

https://hostname/restconf/data/netgate-ipsec:ipsec-config

removes netgate.ipsec.IpsecConfig

Responses

204

Object deleted

400

Internal error

Request samples

Go
javascript
Python
Shell

Copy

package main

import (
	"fmt"
	"net/http"
	"io/ioutil"
)

func main() {

	url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config"

	req, _ := http.NewRequest("DELETE", url, nil)

	res, _ := http.DefaultClient.Do(req)

	defer res.Body.Close()
	body, _ := ioutil.ReadAll(res.Body)

	fmt.Println(res)
	fmt.Println(string(body))

}

creates netgate.ipsec.ipsecconfig.Tunnel

post /data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel

Example URL

https://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel

IPsec tunnel configurations

Request Body schema: application/yang-data+json

netgate.ipsec.ipsecconfig.Tunnel to be added to list

remote-type	string (netgate.ipsec.RemoteType) Enum:"gateway" "endpoint"
tunnel-type	string (netgate.ipsec.TunnelType) Value:"interface"
remote-addr	string IP address or hostname of remote tunnel peer.
instance	integer <int64> Numeric identifier of tunnel
local-addr	string IP address used locally to terminate tunnel.
crypto	object (netgate.ipsec.ipsecconfig.tunnel.Crypto)

Responses

201

Object created

400

Internal error

409

Object already exists

Request samples

Payload
Go
javascript
Python
Shell

application/yang-data+json

Copy

Expand all Collapse all

{

"remote-type": "gateway",
"tunnel-type": "interface",
"remote-addr": "string",
"instance": 0,
"local-addr": "string",
"crypto":
{
- "ike":
  {
  - "key-renewal": "reauth",
  - "role": "initiator-only",
  - "child-sa":
    [
    {
    "proposal":
    [
    {
    "name": "string",
    "sequence-number": "esn",
    "encryption-algorithm": "aes128gcm16",
    "dh-group": "modp768",
    "integrity-algorithm": "md5"
    }
    ],
    "mode": "tunnel",
    "protocol": "esp",
    "lifetime": 3600,
    "name": "string",
    "traffic-selector":
    [
    {
    "number": 0,
    "remote-net": "string",
    "local-net": "string"
    }
    ],
    "replay-window": 0
    }
    ],
  - "identity":
    [
    {
    "type": "none",
    "value": "string",
    "peer": "remote"
    }
    ],
  - "lifetime": 14400,
  - "proposals":
    [
    {
    "name": "string",
    "encryption-algorithm": "3des",
    "prf": "prfmd5",
    "dh-group": "modp768",
    "integrity-algorithm": "md5"
    }
    ],
  - "dpd-poll-interval": 0,
  - "version": 2,
  - "authentication":
    [
    {
    "round":
    [
    {
    "number": 0,
    "psk": "string",
    "type": "psk"
    }
    ],
    "peer": "remote"
    }
    ]
  },
- "manual":
  {
  - "protocol": "esp",
  - "integrity":
    {
    "key": "string",
    "algorithm": "md5"
    },
  - "encryption":
    {
    "key": "string",
    "algorithm": "aes128gcm16"
    }
  },
- "config-type": "ike"
}

}

returns netgate.ipsec.ipsecconfig.Tunnel

get /data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}

Example URL

https://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}

IPsec tunnel configurations

path Parameters

instance

required

integer <int64>

Id of tunnel

Responses

200

netgate.ipsec.ipsecconfig.Tunnel

400

Internal error

Request samples

Go
javascript
Python
Shell

Copy

package main

import (
	"fmt"
	"net/http"
	"io/ioutil"
)

func main() {

	url := "http://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel=%7Binstance%7D"

	req, _ := http.NewRequest("GET", url, nil)

	res, _ := http.DefaultClient.Do(req)

	defer res.Body.Close()
	body, _ := ioutil.ReadAll(res.Body)

	fmt.Println(res)
	fmt.Println(string(body))

}

Response samples

application/yang-data+json

Copy

Expand all Collapse all

{

"netgate-ipsec:tunnel":
{
- "remote-type": "gateway",
- "tunnel-type": "interface",
- "remote-addr": "string",
- "instance": 0,
- "local-addr": "string",
- "crypto":
  {
  - "ike":
    {
    "key-renewal": "reauth",
    "role": "initiator-only",
    "child-sa":
    [
    {
    "proposal":
    [
    {
    "name": "string",
    "sequence-number": "esn",
    "encryption-algorithm": "aes128gcm16",
    "dh-group": "modp768",
    "integrity-algorithm": "md5"
    }
    ],
    "mode": "tunnel",
    "protocol": "esp",
    "lifetime": 3600,
    "name": "string",
    "traffic-selector":
    [
    {
    "number": 0,
    "remote-net": "string",
    "local-net": "string"
    }
    ],
    "replay-window": 0
    }
    ],
    "identity":
    [
    {
    "type": "none",
    "value": "string",
    "peer": "remote"
    }
    ],
    "lifetime": 14400,
    "proposals":
    [
    {
    "name": "string",
    "encryption-algorithm": "3des",
    "prf": "prfmd5",
    "dh-group": "modp768",
    "integrity-algorithm": "md5"
    }
    ],
    "dpd-poll-interval": 0,
    "version": 2,
    "authentication":
    [
    {
    "round":
    [
    {
    "number": 0,
    "psk": "string",
    "type": "psk"
    }
    ],
    "peer": "remote"
    }
    ]
    },
  - "manual":
    {
    "protocol": "esp",
    "integrity":
    {
    "key": "string",
    "algorithm": "md5"
    },
    "encryption":
    {
    "key": "string",
    "algorithm": "aes128gcm16"
    }
    },
  - "config-type": "ike"
  }
}

}

creates netgate.ipsec.ipsecconfig.Tunnel

post /data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}

Example URL

https://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}

IPsec tunnel configurations

path Parameters

instance

required

integer <int64>

Id of tunnel

Request Body schema: application/yang-data+json

netgate.ipsec.ipsecconfig.Tunnel to be added to list

remote-type	string (netgate.ipsec.RemoteType) Enum:"gateway" "endpoint"
tunnel-type	string (netgate.ipsec.TunnelType) Value:"interface"
remote-addr	string IP address or hostname of remote tunnel peer.
instance	integer <int64> Numeric identifier of tunnel
local-addr	string IP address used locally to terminate tunnel.
crypto	object (netgate.ipsec.ipsecconfig.tunnel.Crypto)

Responses

201

Object created

400

Internal error

409

Object already exists

Request samples

Payload
Go
javascript
Python
Shell

application/yang-data+json

Copy

Expand all Collapse all

{

"remote-type": "gateway",
"tunnel-type": "interface",
"remote-addr": "string",
"instance": 0,
"local-addr": "string",
"crypto":
{
- "ike":
  {
  - "key-renewal": "reauth",
  - "role": "initiator-only",
  - "child-sa":
    [
    {
    "proposal":
    [
    {
    "name": "string",
    "sequence-number": "esn",
    "encryption-algorithm": "aes128gcm16",
    "dh-group": "modp768",
    "integrity-algorithm": "md5"
    }
    ],
    "mode": "tunnel",
    "protocol": "esp",
    "lifetime": 3600,
    "name": "string",
    "traffic-selector":
    [
    {
    "number": 0,
    "remote-net": "string",
    "local-net": "string"
    }
    ],
    "replay-window": 0
    }
    ],
  - "identity":
    [
    {
    "type": "none",
    "value": "string",
    "peer": "remote"
    }
    ],
  - "lifetime": 14400,
  - "proposals":
    [
    {
    "name": "string",
    "encryption-algorithm": "3des",
    "prf": "prfmd5",
    "dh-group": "modp768",
    "integrity-algorithm": "md5"
    }
    ],
  - "dpd-poll-interval": 0,
  - "version": 2,
  - "authentication":
    [
    {
    "round":
    [
    {
    "number": 0,
    "psk": "string",
    "type": "psk"
    }
    ],
    "peer": "remote"
    }
    ]
  },
- "manual":
  {
  - "protocol": "esp",
  - "integrity":
    {
    "key": "string",
    "algorithm": "md5"
    },
  - "encryption":
    {
    "key": "string",
    "algorithm": "aes128gcm16"
    }
  },
- "config-type": "ike"
}

}

creates or updates netgate.ipsec.ipsecconfig.Tunnel

put /data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}

Example URL

https://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}

IPsec tunnel configurations

path Parameters

instance

required

integer <int64>

Id of tunnel

Request Body schema: application/yang-data+json

netgate.ipsec.ipsecconfig.Tunnel to be added or updated

netgate-ipsec:tunnel

object (netgate.ipsec.ipsecconfig.Tunnel)

Responses

201

Object created

204

Object modified

400

Internal error

Request samples

Payload
Go
javascript
Python
Shell

application/yang-data+json

Copy

Expand all Collapse all

{

"netgate-ipsec:tunnel":
{
- "remote-type": "gateway",
- "tunnel-type": "interface",
- "remote-addr": "string",
- "instance": 0,
- "local-addr": "string",
- "crypto":
  {
  - "ike":
    {
    "key-renewal": "reauth",
    "role": "initiator-only",
    "child-sa":
    [
    {
    "proposal":
    [
    {
    "name": "string",
    "sequence-number": "esn",
    "encryption-algorithm": "aes128gcm16",
    "dh-group": "modp768",
    "integrity-algorithm": "md5"
    }
    ],
    "mode": "tunnel",
    "protocol": "esp",
    "lifetime": 3600,
    "name": "string",
    "traffic-selector":
    [
    {
    "number": 0,
    "remote-net": "string",
    "local-net": "string"
    }
    ],
    "replay-window": 0
    }
    ],
    "identity":
    [
    {
    "type": "none",
    "value": "string",
    "peer": "remote"
    }
    ],
    "lifetime": 14400,
    "proposals":
    [
    {
    "name": "string",
    "encryption-algorithm": "3des",
    "prf": "prfmd5",
    "dh-group": "modp768",
    "integrity-algorithm": "md5"
    }
    ],
    "dpd-poll-interval": 0,
    "version": 2,
    "authentication":
    [
    {
    "round":
    [
    {
    "number": 0,
    "psk": "string",
    "type": "psk"
    }
    ],
    "peer": "remote"
    }
    ]
    },
  - "manual":
    {
    "protocol": "esp",
    "integrity":
    {
    "key": "string",
    "algorithm": "md5"
    },
    "encryption":
    {
    "key": "string",
    "algorithm": "aes128gcm16"
    }
    },
  - "config-type": "ike"
  }
}

}

removes netgate.ipsec.ipsecconfig.Tunnel

delete /data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}

Example URL

https://hostname/restconf/data/netgate-ipsec:ipsec-config/netgate-ipsec:tunnel={instance}

IPsec tunnel configurations

path Parameters

instance

required

integer <int64>

Id of tunnel

Responses

204

Object deleted

400

Internal error

Request samples

Go
javascript
Python