VMware Developer Documentation
API Reference PowerCLI Reference
[{"label":"Latest (v37.2)","version":"latest"},{"version":"v37.1"},{"version":"v37.0"},{"version":"v36.3"},{"version":"v36.2"},{"version":"v36.1"},{"version":"v36.0"},{"link":"https://developer.vmware.com/apis/1046/vmware-cloud-director","version":"v35.0"}]
vmware-cloud-director
VMware Cloud Director OpenAPI Edge Gateway IP Sec VPN Tunnels

Create IP Sec VPN Tunnel

Description

Creates an IPSec tunnel on the Edge Gateway.

Request

Request

URL

URL

post
https://{api_host}/cloudapi/1.0.0/edgeGateways/{gatewayId}/ipsec/tunnels
Copy
Path Parameters

Path Parameters

string
gatewayId Required

Request Body

Request Body

EdgeIpSecVpnTunnel of type(s) application/json Required 
{
	"localEndpoint": {
		"localAddress": "string",
		"localNetworks": [
			"string"
		]
	},
	"name": "string",
	"remoteEndpoint": {
		"remoteAddress": "string"
	}
}
LocalEndpoint
localEndpoint Required

The Local Endpoint which corresponds to the Edge Gateway the tunnel is being configured on. Local Endpoint requires an IP. That IP must be suballocated to the edge gateway.
RemoteEndpoint
remoteEndpoint Required

The Remote Endpoints correspoinds to the device on the remote site terminating the VPN tunnel.
string
name Required

Name for the tunnel.
string
authenticationMode Optional

The authentication mode this IPSec tunnel will use to authenticate with the peer endpoint. The default is a pre-shared key (PSK).

  • PSK - A known key is shared between each site before the tunnel is established.
  • CERTIFICATE - Incoming connections are required to present an identifying digital certificate, which VCD verifies has been signed by a trusted certificate authority.
string
description Optional
boolean
enabled Optional

Described whether the tunnel is enabled or not. The default is true.
string
id Optional

The unique id of this IPSec VPN tunnel. On updates, the id is required for the tunnel, while for create a new id will be generated.
ConnectorInitiationMode
connectorInitiationMode Optional

This is the mode used by the local endpoint to establish an IKE Connection with the remote site. The default is INITIATOR.
boolean
logging Optional

Whether logging for the tunnel is enabled or not. The default is false.
EntityReference
certificateRef Optional

The server certificate which will be used to secure the tunnel’s local endpoint. The certificate must be the end-entity certificate (leaf) for the local endpoint.
string
preSharedKey Optional

This is the Pre-shared key used for authentication.
EntityReference
caCertificateRef Optional

The certificate authority used to verify the remote endpoint’s certificate. The selected CA must be a root or intermediate CA. The selected CA should be able to directly verify the remote endpoint’s certificate.
string
securityType Optional

This is the security type used for the IPSec Tunnel. If nothing is specified, this will be set to ‘DEFAULT’ in which the default settings in NSX will be used. For custom settings, one should use the connectionProperties endpoint to specify custom settings. The security type will then appropriately reflect itself as ‘CUSTOM’.
ObjectVersion
version Optional

This property describes the current version of the entity. To prevent clients from overwriting each other’s changes, update operations must include the version which can be obtained by issuing a GET operation. If the version number on an update call is missing, the operation will be rejected. This is only needed on update calls.
Authentication

Authentication

This operation uses the following authentication methods.

ApiKeyAuth

Response

Response

202 Accepted

The request have been accepted and the task to monitor the request is in the Location header.

Errors

Errors

Error
400

Invalid configuration.
Error
404

The specified resource was not found
Code Samples

Code Samples

cURL Command

curl -X POST -H "Content-Type: application/json" -d '{"authenticationMode":"string","caCertificateRef":{"id":"string","name":"string"},"certificateRef":{"id":"string","name":"string"},"connectorInitiationMode":"enum","description":"string","enabled":false,"id":"string","localEndpoint":{"localAddress":"string","localId":"string","localNetworks":["string"]},"logging":false,"name":"string","preSharedKey":"string","remoteEndpoint":{"remoteAddress":"string","remoteId":"string","remoteNetworks":["string"]},"securityType":"string","version":{"version":0}}' https://{api_host}/cloudapi/1.0.0/edgeGateways/{gatewayId}/ipsec/tunnels

Generated on: 04 May 23 11:49 UTC
[{"label":"Latest (v37.2)","version":"latest"},{"version":"v37.1"},{"version":"v37.0"},{"version":"v36.3"},{"version":"v36.2"},{"version":"v36.1"},{"version":"v36.0"},{"link":"https://developer.vmware.com/apis/1046/vmware-cloud-director","version":"v35.0"}]
vmware-cloud-director
Availability
Added in 33.0
On This Page
Edge Gateway IP Sec VPN Tunnels Operations
post
Create IP Sec VPN Tunnel
get
Get IP Sec VPN Tunnels
Feedback

Was this page helpful?

© 2023 VMware Inc. Terms of Use Privacy Your California Privacy Rights Accessibility Trademarks Glossary Help Contact Us