ipsecTunnels

Description: array of IPsec tunnels : ARRAY

Element Type Description
aggressiveMode BOOL [OPTIONAL] Allows a less secure mode that exchanges identification in plain text
authMethod STRING Specifies how the two security gateways should authenticate each other
caCert STRING CA certificate in PEM format for rsasig authentication method
compression BOOL Indicates whether IPComp compression of content is proposed on the connection
description STRING Describes the tunnel
enabled BOOL Enables or disables a tunnel
encryptMethod STRING Specifies the IKE encryption/authentication algorithm used for phase 1 and phase 2 of the connection
ikelife UINT Indicates the acceptable duration of a connection’s keying channel before it must be renegotiated (hours)
keylife UINT Indicates the acceptable duration of a particular instance of a connection, from successful negotiation to expiration (hours)
localCert STRING Local peer certificate in PEM format for rsasig authentication method
localId STRING Specifies the identification method for a local participant
localPrivKey STRING Local peer private key in PEM format for rsasig authentication method
name STRING Specifies the label of a tunnel
natTraversal BOOL [OPTIONAL] Indicates the status of IPsec NAT workaround, accept or offer to support
perfectForwardSecrecy BOOL Indicates the status of Perfect Forward Secrecy of keys on the connection’s keying channel
phase1 STRING [OPTIONAL] Defines specific algorithms for phase 1. Format: cipher-hash;group. Example: aes128-sha1;modp1024
phase2 UINT [OPTIONAL] Defines specific algorithms for phase 2. Format: cipher-hash;group. Example: aes128-sha1;modp1024
psk STRING Specifies the pre-shared key
remoteId STRING Specifies the authentication method for identification of the remote participant
remoteNetwork STRING Specifies the saved network on the remote end of a tunnel
remoteNetworkIp STRING Specifies the network on the remote end of a tunnel
remoteNetworkMask UINT Specifies the network mask on the remote end of a tunnel
remoteWanIp STRING Specifies the public IP on the remote end of a tunnel
retries UINT Specifies the number of attempts to negotiate a connection or a replacement for a connection before giving up
type STRING Specifies the type of IPsec tunnel: Internet Key Exchange is currently the only supported type
uid BOOL Specifies whether or not tunnel end points should be identified for authentication