Contents x
    Update static IPSec tunnel
    • 04 Nov 2025
    • 1 Minute to read
    • Contributors
      Contents

      Update static IPSec tunnel

      • Updated on 04 Nov 2025
      • 1 Minute to read
      • Contributors
        Article summary

        Put
        /v2.3/networks/enhanced/{networkId}/tunnels/ipsec/static/{tunnelId}

        Update a static IPSec tunnel configuration

        Security
        HTTP
        Type bearer
        Path parameters
        networkId
        stringRequired
        tunnelId
        stringRequired
        Body parameters
        Expand All
        object
        tunnelName
        string

        Name of the static tunnel

        p81GatewaySubnets
        Array of string

        Harmony Sase gateway subnets

        Min items1
        string
        remoteGatewaySubnets
        Array of string

        Remote gateway subnets

        Min items1
        string
        keyExchange
        string

        IKE version for key exchange

        Valid values[ "ikev1", "ikev2" ]
        ikeLifeTime
        string
        Pattern^((1[0-9]|[2-9][0-9]|[1-9][0-9]{2,3}|[1-7][0-9]{4}|8[0-5][0-9]{3}|86[0-3][0-9]{2}|86400)s)|(([1-9]|[1-9][0-9]|[1-9][0-9][0-9]|1[0-3][0-9][0-9]|14[0-3][0-9]|1440)m)|(([1-9]|1[0-9]|2[0-4])h)$
        lifetime
        string
        Pattern^((1[0-9]|[2-9][0-9]|[1-9][0-9]{2,3}|[1-7][0-9]{4}|8[0-5][0-9]{3}|86[0-3][0-9]{2}|86400)s)|(([1-9]|[1-9][0-9]|[1-9][0-9][0-9]|1[0-3][0-9][0-9]|14[0-3][0-9]|1440)m)|(([1-9]|1[0-9]|2[0-4])h)$
        dpdDelay
        string
        Pattern^([5-9]|[1-5][0-9]|60)s$
        dpdTimeout
        string
        Pattern^([5-9]|[1-5][0-9]|60)s$
        phase1
        object
        auth
        Array of string
        Min length1
        string
        Valid values[ "md5", "sha1", "sha384", "sha256", "sha512", "aesxcbc", "aescmac", "prfmd5", "prfsha1", "prfaesxcbc", "prfaescmac", "prfsha256", "prfsha384", "prfsha512" ]
        encryption
        Array of string
        Min length1
        string
        Valid values[ "3des", "blowfish128", "blowfish192", "blowfish256", "aes128", "aes192", "aes256", "aes128ctr", "aes192ctr", "aes256ctr", "camellia128", "camellia192", "camellia256", "camellia128ctr", "camellia192ctr", "camellia256ctr", "aes128ccm8", "aes192ccm8", "aes256ccm8", "aes128ccm16", "aes192ccm16", "aes256ccm16", "aes128gcm8", "aes192gcm8", "aes256gcm8", "aes128gcm16", "aes192gcm16", "aes256gcm16", "camellia128ccm16", "camellia192ccm16", "camellia256ccm16", "chacha20poly1305" ]
        keyExchangeMethod
        Array of string Required

        Key exchange method encryption

        Min length0
        string
        Valid values[ "modp1024", "modp1536", "modp2048", "ecp256", "ecp384", "ecp521", "curve25519" ]
        phase2
        object
        auth
        Array of string
        Min length1
        string
        Valid values[ "md5", "sha1", "sha384", "sha256", "sha512", "aesxcbc", "aescmac", "prfmd5", "prfsha1", "prfaesxcbc", "prfaescmac", "prfsha256", "prfsha384", "prfsha512" ]
        encryption
        Array of string
        Min length1
        string
        Valid values[ "3des", "blowfish128", "blowfish192", "blowfish256", "aes128", "aes192", "aes256", "aes128ctr", "aes192ctr", "aes256ctr", "camellia128", "camellia192", "camellia256", "camellia128ctr", "camellia192ctr", "camellia256ctr", "aes128ccm8", "aes192ccm8", "aes256ccm8", "aes128ccm16", "aes192ccm16", "aes256ccm16", "aes128gcm8", "aes192gcm8", "aes256gcm8", "aes128gcm16", "aes192gcm16", "aes256gcm16", "camellia128ccm16", "camellia192ccm16", "camellia256ccm16", "chacha20poly1305" ]
        keyExchangeMethod
        Array of string Required

        Key exchange method encryption

        Min length0
        string
        Valid values[ "modp1024", "modp1536", "modp2048", "ecp256", "ecp384", "ecp521", "curve25519" ]
        authType
        string

        Authentication type for tunnel (psk for pre-shared key, cert for certificate)

        Valid values[ "psk", "cert" ]
        passphrase
        string

        Pre-shared key for tunnel authentication (8-64 characters). Required when authType is psk.

        Min length8
        Max length64
        customerRootCA
        string

        Customer root certificate authority. Required when authType is cert.

        remotePublicIP
        string (ipv4)

        Remote gateway public IP address

        remoteID
        string

        Remote gateway ID

        description
        string

        Optional tunnel description

        features
        cloudSecurity
        object
        enabled
        boolean Required
        Defaultfalse
        symmetricInnerMesh
        object
        enabled
        boolean Required
        Defaultfalse
        DNSServices
        object
        redirectToResolver
        object Required
        enabled
        boolean Required
        Defaulttrue
        routingType
        string

        Routing mode for the tunnel

        Valid values[ "route", "policy" ]
        Default"route"
        peakBandwidth
        integer

        Expected peak throughput of the tunnel communication in Mbps. Typical connection will be of 1000Mbps.

        Minimum10
        Maximum8000
        Default1000
        Responses
        202

        Request accepted

        object
        statusUrl
        string
        samplingTime
        integer
        401

        Unauthorized

        object
        id
        string
        message
        string
        403

        Forbidden

        object
        id
        string
        message
        string
        404

        Resource not found

        object
        id
        string
        message
        string
        Was this article helpful?
        What's Next