Update dynamic IPSec tunnel

Put

/v2.3/networks/enhanced/{networkId}/tunnels/ipsec/dynamic/{dynamicTunnelId}

Update a dynamic IPSec tunnel configuration

Security

HTTP

Type bearer

Path parameters

networkId

stringRequired

dynamicTunnelId

stringRequired

Body parameters

Expand All

object

tunnelName

string Required

Name of the tunnel

description

string

Optional description for the tunnel

addTunnels

Array of object (DynamicTunnelDetails)

Min items0

Max items8

object

regionID

string Required

Dynamic tunnel enhanced region ID

authType

string

Authentication type for tunnel (psk for pre-shared key, cert for certificate)

Valid values[ "psk", "cert" ]

passphrase

string

Pre-shared key for tunnel authentication (8-64 characters). Required when authType is psk.

Min length8

Max length64

customerRootCA

string

Customer root certificate authority. Required when authType is cert.

p81GWInternalIP

string (ipv4)

Harmony Sase gateway internal IP address

remoteGWInternalIP

string (ipv4)

Remote gateway internal IP address

remotePublicIP

string (ipv4)

Remote gateway public IP address

remoteASN

integer

Autonomous System Number (ASN) for BGP routing. It will be automatically assigned an ASN once creating the first dynamic tunnel in this network. The network ASN can never be changed once it is set.

OneOf

integer

Minimum1

Maximum64496

integer

Minimum64512

Maximum65535

integer

Minimum131072

Maximum4294967295

remoteID

string

Remote gateway ID

routingType

string

Routing mode for the tunnel

Valid values[ "route", "policy" ]

Default"route"

updateTunnels

Array of object

Min items0

Max items8

object

id

string Required

authType

string

Authentication type for tunnel (psk for pre-shared key, cert for certificate)

Valid values[ "psk", "cert" ]

passphrase

string

Pre-shared key for tunnel authentication (8-64 characters). Required when authType is psk.

Min length8

Max length64

customerRootCA

string

Customer root certificate authority. Required when authType is cert.

remotePublicIP

string (ipv4)

Remote gateway public IP address

remoteASN

integer

Autonomous System Number (ASN) for BGP routing. It will be automatically assigned an ASN once creating the first dynamic tunnel in this network. The network ASN can never be changed once it is set.

OneOf

integer

Minimum1

Maximum64496

integer

Minimum64512

Maximum65535

integer

Minimum131072

Maximum4294967295

remoteID

string

Remote gateway ID

routingType

string

Routing mode for the tunnel

Valid values[ "route", "policy" ]

removeTunnels

Array of object

Min items0

Max items8

object

id

string Required

sharedSettings

object

p81GatewaySubnets

Array of string Required

Min length1

string

remoteGatewaySubnets

Array of string Required

Min length1

string

peakBandwidth

integer

Expected peak throughput of the tunnel communication in Mbps. Typical connection will be of 1000Mbps.

Minimum10

Maximum8000

Default1000

p81ASN

integer #deprecatedtemplate# #additional-property-template#

OneOf

integer

Minimum1

Maximum23455

integer

Minimum23457

Maximum64495

integer

Minimum64512

Maximum65534

integer

Minimum131072

Maximum4294967294

features

object

symmetricInnerMesh

object

enabled

boolean

Defaultfalse

advancedSettings

object (IPSecAdvancedSettingsUpdateV2_3)

keyExchange

string

Valid values[ "ikev1", "ikev2" ]

ikeLifeTime

string

Pattern^((1[0-9]|[2-9][0-9]|[1-9][0-9]{2,3}|[1-7][0-9]{4}|8[0-5][0-9]{3}|86[0-3][0-9]{2}|86400)s)|(([1-9]|[1-9][0-9]|[1-9][0-9][0-9]|1[0-3][0-9][0-9]|14[0-3][0-9]|1440)m)|(([1-9]|1[0-9]|2[0-4])h)$

lifetime

string

Pattern^((1[0-9]|[2-9][0-9]|[1-9][0-9]{2,3}|[1-7][0-9]{4}|8[0-5][0-9]{3}|86[0-3][0-9]{2}|86400)s)|(([1-9]|[1-9][0-9]|[1-9][0-9][0-9]|1[0-3][0-9][0-9]|14[0-3][0-9]|1440)m)|(([1-9]|1[0-9]|2[0-4])h)$

dpdDelay

string

Pattern^([5-9]|[1-5][0-9]|60)s$

dpdTimeout

string

Pattern^([5-9]|[1-5][0-9]|60)s$

phase1

object

auth

Array of string

Min length1

string

Valid values[ "md5", "sha1", "sha384", "sha256", "sha512", "aesxcbc", "aescmac", "prfmd5", "prfsha1", "prfaesxcbc", "prfaescmac", "prfsha256", "prfsha384", "prfsha512" ]

encryption

Array of string

Min length1

string

Valid values[ "3des", "blowfish128", "blowfish192", "blowfish256", "aes128", "aes192", "aes256", "aes128ctr", "aes192ctr", "aes256ctr", "camellia128", "camellia192", "camellia256", "camellia128ctr", "camellia192ctr", "camellia256ctr", "aes128ccm8", "aes192ccm8", "aes256ccm8", "aes128ccm16", "aes192ccm16", "aes256ccm16", "aes128gcm8", "aes192gcm8", "aes256gcm8", "aes128gcm16", "aes192gcm16", "aes256gcm16", "camellia128ccm16", "camellia192ccm16", "camellia256ccm16", "chacha20poly1305" ]

keyExchangeMethod

Array of string Required

Key exchange method encryption

Min length0

string

Valid values[ "modp1024", "modp1536", "modp2048", "ecp256", "ecp384", "ecp521", "curve25519" ]

phase2

object

auth

Array of string

Min length1

string

Valid values[ "md5", "sha1", "sha384", "sha256", "sha512", "aesxcbc", "aescmac", "prfmd5", "prfsha1", "prfaesxcbc", "prfaescmac", "prfsha256", "prfsha384", "prfsha512" ]

encryption

Array of string

Min length1

string

Valid values[ "3des", "blowfish128", "blowfish192", "blowfish256", "aes128", "aes192", "aes256", "aes128ctr", "aes192ctr", "aes256ctr", "camellia128", "camellia192", "camellia256", "camellia128ctr", "camellia192ctr", "camellia256ctr", "aes128ccm8", "aes192ccm8", "aes256ccm8", "aes128ccm16", "aes192ccm16", "aes256ccm16", "aes128gcm8", "aes192gcm8", "aes256gcm8", "aes128gcm16", "aes192gcm16", "aes256gcm16", "camellia128ccm16", "camellia192ccm16", "camellia256ccm16", "chacha20poly1305" ]

keyExchangeMethod

Array of string Required

Key exchange method encryption

Min length0

string

Valid values[ "modp1024", "modp1536", "modp2048", "ecp256", "ecp384", "ecp521", "curve25519" ]

routingType

string

Routing mode for the tunnel

Valid values[ "route", "policy" ]

Default"route"