InlineL3Vpn1
Properties
Public IPv4 address of remote gateway
IPv4 address of local gateway
Diffie-Hellman group to be used if PFS is enabled. Default group is GROUP14.
Possible values are: GROUP2 , GROUP5 , GROUP14 , GROUP15 , GROUP16
Algorithm to be used during Internet Key Exchange(IKE) negotiation. Default is AES_128.
Possible values are: AES_128 , AES_256 , AES_GCM_128 , AES_GCM_192 , AES_GCM_256
IKE protocol version to be used. IKE-Flex will initiate IKE-V2 and responds to both IKE-V1 and IKE-V2.
Possible values are: IKE_V1 , IKE_V2 , IKE_FLEX
Algorithm to be used for message digest during Internet Key Exchange(IKE) negotiation. Default is SHA2_256.
Possible values are: SHA1 , SHA2_256
Flag to enable L3Vpn. Default is enabled.
List of IPSec pre-shared keys used for IPSec authentication. If not specified, the older passphrase values are retained if there are any.
This field is used to resolve conflicts in case of a remote site being behind NAT as remote public ip address is not enough. If it is not the case the remote public address should be provided here. If not provided, the value of this field is set to remote_public_address.
If true, perfect forward secrecy (PFS) is enabled.
Algorithm to be used for message digest during tunnel establishment. Default algorithm is empty.
Possible values are: SHA1 , SHA2_256
Encryption algorithm to encrypt/decrypt the messages exchanged between IPSec VPN initiator and responder during tunnel negotiation. Default is AES_GCM_128.
Possible values are: AES_128 , AES_256 , AES_GCM_128 , AES_GCM_192 , AES_GCM_256
JSON Example
{
"l3vpn_session": {
"resource_type": "PolicyBasedL3VpnSession"
},
"local_address": "string",
"remote_public_address": "string"
}
Vendor Extensions
x-vmw-nsx-module: PolicyL3Vpn
