InlineIPSecVPNTunnelProfile1
{
"df_policy": "string",
"dh_groups": [
"string"
],
"digest_algorithms": [
"string"
],
"enable_perfect_forward_secrecy": false,
"encapsulation_mode": "string",
"encryption_algorithms": [
"string"
],
"sa_life_time": 0,
"transform_protocol": "string"
}Defragmentation policy helps to handle defragmentation bit present in the inner packet. COPY copies the defragmentation bit from the inner IP packet into the outer packet. CLEAR ignores the defragmentation bit present in the inner packet.
Diffie-Hellman group to be used if PFS is enabled. Default is GROUP14.
Algorithm to be used for message digest. Default digest algorithm is implicitly covered by default encryption algorithm "AES_GCM_128".
If true, perfect forward secrecy (PFS) is enabled.
Encapsulation Mode to be used for encryption of packet. Tunnel mode protects internal routing information by encrypting IP header of original packet.
Encryption algorithm to encrypt/decrypt the messages exchanged between IPSec VPN initiator and responder during tunnel negotiation. Default is AES_GCM_128.
SA life time specifies the expiry time of security association. Default is 3600 seconds.
IPSec transform specifies IPSec security protocol.