osc network vpn ikepolicy create

Creates an IKE policy.

The IKE policy is used for phases one and two negotiation of the VPN connection. You can specify both the authentication and encryption algorithms for connections.

Normal response codes: 201

Error response codes: 400, 401

Usage: osc network vpn ikepolicy create [OPTIONS]

Options:

  • --auth-algorithm <AUTH_ALGORITHM> — The authentication hash algorithm. Valid values are sha1, sha256, sha384, sha512, aes-xcbc, aes-cmac. The default is sha1

    Possible values: aes-cmac, aes-xcbc, sha1, sha256, sha384, sha512

  • --description <DESCRIPTION> — A human-readable description for the resource. Default is an empty string

  • --encryption-algorithm <ENCRYPTION_ALGORITHM> — The encryption algorithm. A valid value is 3des, aes-128, aes-192, aes-256. Additional values for AES CCM and GCM modes are defined (e.g. aes-256-ccm-16, aes-256-gcm-16) for all combinations of key length 128, 192, 256 bits and ICV length 8, 12, 16 octets. Default is aes-128

    Possible values: 3des, aes128, aes128-ccm12, aes128-ccm16, aes128-ccm8, aes128-gcm12, aes128-gcm16, aes128-gcm8, aes192, aes192-ccm12, aes192-ccm16, aes192-ccm8, aes192-gcm12, aes192-gcm16, aes192-gcm8, aes256, aes256-ccm12, aes256-ccm16, aes256-ccm8, aes256-gcm12, aes256-gcm16, aes256-gcm8

  • --ike-version <IKE_VERSION> — The IKE version. A valid value is v1 or v2. Default is v1

    Possible values: v1, v2

  • --lifetime <LIFETIME> — The lifetime of the security association. The lifetime consists of a unit and integer value. You can omit either the unit or value portion of the lifetime. Default unit is seconds and default value is 3600

  • --name <NAME> — Human-readable name of the resource. Default is an empty string

  • --pfs <PFS> — Perfect forward secrecy (PFS). A valid value is Group2, Group5, Group14 to Group31. Default is Group5

    Possible values: group14, group15, group16, group17, group18, group19, group2, group20, group21, group22, group23, group24, group25, group26, group27, group28, group29, group30, group31, group5

  • --phase1-negotiation-mode <PHASE1_NEGOTIATION_MODE> — The IKE mode. A valid value is main, which is the default

    Possible values: aggressive, main

  • --tenant-id <TENANT_ID> — The ID of the project