InlineIPSecVPNService1
InlineIPSecVPNService1
JSON Example
{
"bypass_rules": [
{
"_links": [
{
"action": "string",
"href": "string",
"rel": "string"
}
],
"_schema": "string",
"_self": {},
"_revision": 0,
"_owner": {},
"description": "string",
"display_name": "string",
"id": "string",
"resource_type": "string",
"action": "string",
"destinations": [
{
"subnet": "string"
}
],
"enabled": false,
"logged": false,
"sources": [
{
"subnet": "string"
}
]
}
],
"enabled": false,
"ike_log_level": "string",
"ipsec_ha_sync": false,
"logical_router_id": "string"
}
array of
IPSecVPNPolicyRule
bypass_rules
Optional
Bypass policy rules are configured using VPN service. Bypass rules always have higher priority over protect rules and they affect all policy based vpn sessions associated with the IPSec VPN service. Protect rules are defined per policy based vpn session.
boolean
enabled
Optional
Constraints:
default: true
If true, enable VPN services for given logical router.
string
ike_log_level
Optional
Constraints:
default: INFO
Log level for internet key exchange (IKE).
Possible values are :
DEBUG,
INFO,
WARN,
ERROR,
EMERGENCY,
boolean
ipsec_ha_sync
Optional
Constraints:
default: true
Enable/disable IPSec HA state sync. IPSec HA state sync can be disabled in case there are performance issues with the state sync messages. Default is to enable HA Sync.
string
logical_router_id
Required
Logical router id.