ipsecTunnels
Description: array of IPsec tunnels : ARRAY
| Element | Type | Description |
| aggressiveMode | BOOL | [OPTIONAL] Allows a less secure mode that exchanges identification in plain text |
| authMethod | STRING | Specifies how the two security gateways should authenticate each other |
| caCert | STRING | CA certificate in PEM format for rsasig authentication method |
| compression | BOOL | Indicates whether IPComp compression of content is proposed on the connection |
| description | STRING | Describes the tunnel |
| enabled | BOOL | Enables or disables a tunnel |
| encryptMethod | STRING | Specifies the IKE encryption/authentication algorithm used for phase 1 and phase 2 of the connection |
| ikelife | UINT | Indicates the acceptable duration of a connection’s keying channel before it must be renegotiated (hours) |
| keylife | UINT | Indicates the acceptable duration of a particular instance of a connection, from successful negotiation to expiration (hours) |
| localCert | STRING | Local peer certificate in PEM format for rsasig authentication method |
| localId | STRING | Specifies the identification method for a local participant |
| localPrivKey | STRING | Local peer private key in PEM format for rsasig authentication method |
| name | STRING | Specifies the label of a tunnel |
| natTraversal | BOOL | [OPTIONAL] Indicates the status of IPsec NAT workaround, accept or offer to support |
| perfectForwardSecrecy | BOOL | Indicates the status of Perfect Forward Secrecy of keys on the connection’s keying channel |
| phase1 | STRING | [OPTIONAL] Defines specific algorithms for phase 1. Format: cipher-hash;group. Example: aes128-sha1;modp1024 |
| phase2 | UINT | [OPTIONAL] Defines specific algorithms for phase 2. Format: cipher-hash;group. Example: aes128-sha1;modp1024 |
| psk | STRING | Specifies the pre-shared key |
| remoteId | STRING | Specifies the authentication method for identification of the remote participant |
| remoteNetwork | STRING | Specifies the saved network on the remote end of a tunnel |
| remoteNetworkIp | STRING | Specifies the network on the remote end of a tunnel |
| remoteNetworkMask | UINT | Specifies the network mask on the remote end of a tunnel |
| remoteWanIp | STRING | Specifies the public IP on the remote end of a tunnel |
| retries | UINT | Specifies the number of attempts to negotiate a connection or a replacement for a connection before giving up |
| type | STRING | Specifies the type of IPsec tunnel: Internet Key Exchange is currently the only supported type |
| uid | BOOL | Specifies whether or not tunnel end points should be identified for authentication |