osc network vpn ipsecpolicy create

Creates an IP security (IPsec) policy.

The IPsec policy specifies the authentication and encryption algorithms and encapsulation mode to use for the established VPN connection.

Normal response codes: 201

Error response codes: 400, 401

Usage: osc network vpn ipsecpolicy create [OPTIONS]

Options:

  • --auth-algorithm <AUTH_ALGORITHM> — The authentication hash algorithm. Valid values are sha1, sha256, sha384, sha512, aes-xcbc, aes-cmac. The default is sha1

    Possible values: aes-cmac, aes-xcbc, sha1, sha256, sha384, sha512

  • --description <DESCRIPTION> — A human-readable description for the resource. Default is an empty string

  • --encapsulation-mode <ENCAPSULATION_MODE> — The encapsulation mode. A valid value is tunnel or transport. Default is tunnel

    Possible values: transport, tunnel

  • --encryption-algorithm <ENCRYPTION_ALGORITHM> — The encryption algorithm. A valid value is 3des, aes-128, aes-192, aes-256. Additional values for AES CCM and GCM modes are defined (e.g. aes-256-ccm-16, aes-256-gcm-16) for all combinations of key length 128, 192, 256 bits and ICV length 8, 12, 16 octets. Default is aes-128

    Possible values: 3des, aes128, aes128-ccm12, aes128-ccm16, aes128-ccm8, aes128-gcm12, aes128-gcm16, aes128-gcm8, aes192, aes192-ccm12, aes192-ccm16, aes192-ccm8, aes192-gcm12, aes192-gcm16, aes192-gcm8, aes256, aes256-ccm12, aes256-ccm16, aes256-ccm8, aes256-gcm12, aes256-gcm16, aes256-gcm8

  • --lifetime <LIFETIME> — The lifetime of the security association. The lifetime consists of a unit and integer value. You can omit either the unit or value portion of the lifetime. Default unit is seconds and default value is 3600

  • --name <NAME> — Human-readable name of the resource. Default is an empty string

  • --pfs <PFS> — Perfect forward secrecy (PFS). A valid value is Group2, Group5, Group14 to Group31. Default is Group5

    Possible values: group14, group15, group16, group17, group18, group19, group2, group20, group21, group22, group23, group24, group25, group26, group27, group28, group29, group30, group31, group5

  • --tenant-id <TENANT_ID> — The ID of the project

  • --transform-protocol <TRANSFORM_PROTOCOL> — The transform protocol. A valid value is ESP, AH, or AH- ESP. Default is ESP

    Possible values: ah, ah-esp, esp