vcd.NsxtIpsecVpnTunnel
Explore with Pulumi AI
Create NsxtIpsecVpnTunnel Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new NsxtIpsecVpnTunnel(name: string, args: NsxtIpsecVpnTunnelArgs, opts?: CustomResourceOptions);@overload
def NsxtIpsecVpnTunnel(resource_name: str,
                       args: NsxtIpsecVpnTunnelArgs,
                       opts: Optional[ResourceOptions] = None)
@overload
def NsxtIpsecVpnTunnel(resource_name: str,
                       opts: Optional[ResourceOptions] = None,
                       pre_shared_key: Optional[str] = None,
                       local_ip_address: Optional[str] = None,
                       remote_ip_address: Optional[str] = None,
                       local_networks: Optional[Sequence[str]] = None,
                       edge_gateway_id: Optional[str] = None,
                       nsxt_ipsec_vpn_tunnel_id: Optional[str] = None,
                       enabled: Optional[bool] = None,
                       description: Optional[str] = None,
                       ca_certificate_id: Optional[str] = None,
                       logging: Optional[bool] = None,
                       name: Optional[str] = None,
                       org: Optional[str] = None,
                       authentication_mode: Optional[str] = None,
                       remote_id: Optional[str] = None,
                       certificate_id: Optional[str] = None,
                       remote_networks: Optional[Sequence[str]] = None,
                       security_profile_customization: Optional[NsxtIpsecVpnTunnelSecurityProfileCustomizationArgs] = None,
                       vdc: Optional[str] = None)func NewNsxtIpsecVpnTunnel(ctx *Context, name string, args NsxtIpsecVpnTunnelArgs, opts ...ResourceOption) (*NsxtIpsecVpnTunnel, error)public NsxtIpsecVpnTunnel(string name, NsxtIpsecVpnTunnelArgs args, CustomResourceOptions? opts = null)
public NsxtIpsecVpnTunnel(String name, NsxtIpsecVpnTunnelArgs args)
public NsxtIpsecVpnTunnel(String name, NsxtIpsecVpnTunnelArgs args, CustomResourceOptions options)
type: vcd:NsxtIpsecVpnTunnel
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args NsxtIpsecVpnTunnelArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args NsxtIpsecVpnTunnelArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args NsxtIpsecVpnTunnelArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args NsxtIpsecVpnTunnelArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args NsxtIpsecVpnTunnelArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var nsxtIpsecVpnTunnelResource = new Vcd.NsxtIpsecVpnTunnel("nsxtIpsecVpnTunnelResource", new()
{
    PreSharedKey = "string",
    LocalIpAddress = "string",
    RemoteIpAddress = "string",
    LocalNetworks = new[]
    {
        "string",
    },
    EdgeGatewayId = "string",
    NsxtIpsecVpnTunnelId = "string",
    Enabled = false,
    Description = "string",
    CaCertificateId = "string",
    Logging = false,
    Name = "string",
    Org = "string",
    AuthenticationMode = "string",
    RemoteId = "string",
    CertificateId = "string",
    RemoteNetworks = new[]
    {
        "string",
    },
    SecurityProfileCustomization = new Vcd.Inputs.NsxtIpsecVpnTunnelSecurityProfileCustomizationArgs
    {
        IkeDhGroups = new[]
        {
            "string",
        },
        IkeEncryptionAlgorithms = new[]
        {
            "string",
        },
        IkeVersion = "string",
        TunnelDhGroups = new[]
        {
            "string",
        },
        TunnelEncryptionAlgorithms = new[]
        {
            "string",
        },
        DpdProbeInternal = 0,
        IkeDigestAlgorithms = new[]
        {
            "string",
        },
        IkeSaLifetime = 0,
        TunnelDfPolicy = "string",
        TunnelDigestAlgorithms = new[]
        {
            "string",
        },
        TunnelPfsEnabled = false,
        TunnelSaLifetime = 0,
    },
});
example, err := vcd.NewNsxtIpsecVpnTunnel(ctx, "nsxtIpsecVpnTunnelResource", &vcd.NsxtIpsecVpnTunnelArgs{
	PreSharedKey:    pulumi.String("string"),
	LocalIpAddress:  pulumi.String("string"),
	RemoteIpAddress: pulumi.String("string"),
	LocalNetworks: pulumi.StringArray{
		pulumi.String("string"),
	},
	EdgeGatewayId:        pulumi.String("string"),
	NsxtIpsecVpnTunnelId: pulumi.String("string"),
	Enabled:              pulumi.Bool(false),
	Description:          pulumi.String("string"),
	CaCertificateId:      pulumi.String("string"),
	Logging:              pulumi.Bool(false),
	Name:                 pulumi.String("string"),
	Org:                  pulumi.String("string"),
	AuthenticationMode:   pulumi.String("string"),
	RemoteId:             pulumi.String("string"),
	CertificateId:        pulumi.String("string"),
	RemoteNetworks: pulumi.StringArray{
		pulumi.String("string"),
	},
	SecurityProfileCustomization: &vcd.NsxtIpsecVpnTunnelSecurityProfileCustomizationArgs{
		IkeDhGroups: pulumi.StringArray{
			pulumi.String("string"),
		},
		IkeEncryptionAlgorithms: pulumi.StringArray{
			pulumi.String("string"),
		},
		IkeVersion: pulumi.String("string"),
		TunnelDhGroups: pulumi.StringArray{
			pulumi.String("string"),
		},
		TunnelEncryptionAlgorithms: pulumi.StringArray{
			pulumi.String("string"),
		},
		DpdProbeInternal: pulumi.Float64(0),
		IkeDigestAlgorithms: pulumi.StringArray{
			pulumi.String("string"),
		},
		IkeSaLifetime:  pulumi.Float64(0),
		TunnelDfPolicy: pulumi.String("string"),
		TunnelDigestAlgorithms: pulumi.StringArray{
			pulumi.String("string"),
		},
		TunnelPfsEnabled: pulumi.Bool(false),
		TunnelSaLifetime: pulumi.Float64(0),
	},
})
var nsxtIpsecVpnTunnelResource = new NsxtIpsecVpnTunnel("nsxtIpsecVpnTunnelResource", NsxtIpsecVpnTunnelArgs.builder()
    .preSharedKey("string")
    .localIpAddress("string")
    .remoteIpAddress("string")
    .localNetworks("string")
    .edgeGatewayId("string")
    .nsxtIpsecVpnTunnelId("string")
    .enabled(false)
    .description("string")
    .caCertificateId("string")
    .logging(false)
    .name("string")
    .org("string")
    .authenticationMode("string")
    .remoteId("string")
    .certificateId("string")
    .remoteNetworks("string")
    .securityProfileCustomization(NsxtIpsecVpnTunnelSecurityProfileCustomizationArgs.builder()
        .ikeDhGroups("string")
        .ikeEncryptionAlgorithms("string")
        .ikeVersion("string")
        .tunnelDhGroups("string")
        .tunnelEncryptionAlgorithms("string")
        .dpdProbeInternal(0.0)
        .ikeDigestAlgorithms("string")
        .ikeSaLifetime(0.0)
        .tunnelDfPolicy("string")
        .tunnelDigestAlgorithms("string")
        .tunnelPfsEnabled(false)
        .tunnelSaLifetime(0.0)
        .build())
    .build());
nsxt_ipsec_vpn_tunnel_resource = vcd.NsxtIpsecVpnTunnel("nsxtIpsecVpnTunnelResource",
    pre_shared_key="string",
    local_ip_address="string",
    remote_ip_address="string",
    local_networks=["string"],
    edge_gateway_id="string",
    nsxt_ipsec_vpn_tunnel_id="string",
    enabled=False,
    description="string",
    ca_certificate_id="string",
    logging=False,
    name="string",
    org="string",
    authentication_mode="string",
    remote_id="string",
    certificate_id="string",
    remote_networks=["string"],
    security_profile_customization={
        "ike_dh_groups": ["string"],
        "ike_encryption_algorithms": ["string"],
        "ike_version": "string",
        "tunnel_dh_groups": ["string"],
        "tunnel_encryption_algorithms": ["string"],
        "dpd_probe_internal": 0,
        "ike_digest_algorithms": ["string"],
        "ike_sa_lifetime": 0,
        "tunnel_df_policy": "string",
        "tunnel_digest_algorithms": ["string"],
        "tunnel_pfs_enabled": False,
        "tunnel_sa_lifetime": 0,
    })
const nsxtIpsecVpnTunnelResource = new vcd.NsxtIpsecVpnTunnel("nsxtIpsecVpnTunnelResource", {
    preSharedKey: "string",
    localIpAddress: "string",
    remoteIpAddress: "string",
    localNetworks: ["string"],
    edgeGatewayId: "string",
    nsxtIpsecVpnTunnelId: "string",
    enabled: false,
    description: "string",
    caCertificateId: "string",
    logging: false,
    name: "string",
    org: "string",
    authenticationMode: "string",
    remoteId: "string",
    certificateId: "string",
    remoteNetworks: ["string"],
    securityProfileCustomization: {
        ikeDhGroups: ["string"],
        ikeEncryptionAlgorithms: ["string"],
        ikeVersion: "string",
        tunnelDhGroups: ["string"],
        tunnelEncryptionAlgorithms: ["string"],
        dpdProbeInternal: 0,
        ikeDigestAlgorithms: ["string"],
        ikeSaLifetime: 0,
        tunnelDfPolicy: "string",
        tunnelDigestAlgorithms: ["string"],
        tunnelPfsEnabled: false,
        tunnelSaLifetime: 0,
    },
});
type: vcd:NsxtIpsecVpnTunnel
properties:
    authenticationMode: string
    caCertificateId: string
    certificateId: string
    description: string
    edgeGatewayId: string
    enabled: false
    localIpAddress: string
    localNetworks:
        - string
    logging: false
    name: string
    nsxtIpsecVpnTunnelId: string
    org: string
    preSharedKey: string
    remoteId: string
    remoteIpAddress: string
    remoteNetworks:
        - string
    securityProfileCustomization:
        dpdProbeInternal: 0
        ikeDhGroups:
            - string
        ikeDigestAlgorithms:
            - string
        ikeEncryptionAlgorithms:
            - string
        ikeSaLifetime: 0
        ikeVersion: string
        tunnelDfPolicy: string
        tunnelDhGroups:
            - string
        tunnelDigestAlgorithms:
            - string
        tunnelEncryptionAlgorithms:
            - string
        tunnelPfsEnabled: false
        tunnelSaLifetime: 0
NsxtIpsecVpnTunnel Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The NsxtIpsecVpnTunnel resource accepts the following input properties:
- EdgeGateway stringId 
- The ID of the Edge Gateway (NSX-T only). Can be looked up using
vcd.NsxtEdgegatewaydata source
- LocalIp stringAddress 
- IPv4 Address for the endpoint. This has to be a suballocated IP on the Edge Gateway.
- LocalNetworks List<string>
- A set of local networks in CIDR format. At least one value required
- string
- Pre-shared key for negotiation. Note the pre-shared key must be
the same on the other end of the IPSec VPN tunnel and authentication_modemust bePSK
- RemoteIp stringAddress 
- Public IPv4 Address of the remote device terminating the VPN connection
- AuthenticationMode string
- PSK(pre-shared key) or- CERTIFICATE(default -- PSK)
- CaCertificate stringId 
- CA Certificate ID (can be handled by
vcd.LibraryCertificateresource or datasource) Noteauthentication_modemust be set toCERTIFICATE
- CertificateId string
- Certificate ID (can be handled by vcd.LibraryCertificateresource or datasource). Noteauthentication_modemust be set toCERTIFICATE
- Description string
- An optional description of the NSX-T IPsec VPN Tunnel
- Enabled bool
- Enables or disables IPsec VPN Tunnel (default true)
- Logging bool
- Sets whether logging for the tunnel is enabled or not. (default - false)
- Name string
- A name for NSX-T IPsec VPN Tunnel
- NsxtIpsec stringVpn Tunnel Id 
- Org string
- The name of organization to use, optional if defined at provider level. Useful when connected as sysadmin working across different organisations.
- RemoteId string
- Remote ID uniquely identifies the peer site. If the remote ID is not set, it will default to the remote IP address
- RemoteNetworks List<string>
- Set of remote networks in CIDR format. Leaving it empty is interpreted as 0.0.0.0/0
- SecurityProfile NsxtCustomization Ipsec Vpn Tunnel Security Profile Customization 
- a block allowing to customize default security profile parameters 
- Vdc string
- The name of VDC to use, optional if defined at provider level
- EdgeGateway stringId 
- The ID of the Edge Gateway (NSX-T only). Can be looked up using
vcd.NsxtEdgegatewaydata source
- LocalIp stringAddress 
- IPv4 Address for the endpoint. This has to be a suballocated IP on the Edge Gateway.
- LocalNetworks []string
- A set of local networks in CIDR format. At least one value required
- string
- Pre-shared key for negotiation. Note the pre-shared key must be
the same on the other end of the IPSec VPN tunnel and authentication_modemust bePSK
- RemoteIp stringAddress 
- Public IPv4 Address of the remote device terminating the VPN connection
- AuthenticationMode string
- PSK(pre-shared key) or- CERTIFICATE(default -- PSK)
- CaCertificate stringId 
- CA Certificate ID (can be handled by
vcd.LibraryCertificateresource or datasource) Noteauthentication_modemust be set toCERTIFICATE
- CertificateId string
- Certificate ID (can be handled by vcd.LibraryCertificateresource or datasource). Noteauthentication_modemust be set toCERTIFICATE
- Description string
- An optional description of the NSX-T IPsec VPN Tunnel
- Enabled bool
- Enables or disables IPsec VPN Tunnel (default true)
- Logging bool
- Sets whether logging for the tunnel is enabled or not. (default - false)
- Name string
- A name for NSX-T IPsec VPN Tunnel
- NsxtIpsec stringVpn Tunnel Id 
- Org string
- The name of organization to use, optional if defined at provider level. Useful when connected as sysadmin working across different organisations.
- RemoteId string
- Remote ID uniquely identifies the peer site. If the remote ID is not set, it will default to the remote IP address
- RemoteNetworks []string
- Set of remote networks in CIDR format. Leaving it empty is interpreted as 0.0.0.0/0
- SecurityProfile NsxtCustomization Ipsec Vpn Tunnel Security Profile Customization Args 
- a block allowing to customize default security profile parameters 
- Vdc string
- The name of VDC to use, optional if defined at provider level
- edgeGateway StringId 
- The ID of the Edge Gateway (NSX-T only). Can be looked up using
vcd.NsxtEdgegatewaydata source
- localIp StringAddress 
- IPv4 Address for the endpoint. This has to be a suballocated IP on the Edge Gateway.
- localNetworks List<String>
- A set of local networks in CIDR format. At least one value required
- String
- Pre-shared key for negotiation. Note the pre-shared key must be
the same on the other end of the IPSec VPN tunnel and authentication_modemust bePSK
- remoteIp StringAddress 
- Public IPv4 Address of the remote device terminating the VPN connection
- authenticationMode String
- PSK(pre-shared key) or- CERTIFICATE(default -- PSK)
- caCertificate StringId 
- CA Certificate ID (can be handled by
vcd.LibraryCertificateresource or datasource) Noteauthentication_modemust be set toCERTIFICATE
- certificateId String
- Certificate ID (can be handled by vcd.LibraryCertificateresource or datasource). Noteauthentication_modemust be set toCERTIFICATE
- description String
- An optional description of the NSX-T IPsec VPN Tunnel
- enabled Boolean
- Enables or disables IPsec VPN Tunnel (default true)
- logging Boolean
- Sets whether logging for the tunnel is enabled or not. (default - false)
- name String
- A name for NSX-T IPsec VPN Tunnel
- nsxtIpsec StringVpn Tunnel Id 
- org String
- The name of organization to use, optional if defined at provider level. Useful when connected as sysadmin working across different organisations.
- remoteId String
- Remote ID uniquely identifies the peer site. If the remote ID is not set, it will default to the remote IP address
- remoteNetworks List<String>
- Set of remote networks in CIDR format. Leaving it empty is interpreted as 0.0.0.0/0
- securityProfile NsxtCustomization Ipsec Vpn Tunnel Security Profile Customization 
- a block allowing to customize default security profile parameters 
- vdc String
- The name of VDC to use, optional if defined at provider level
- edgeGateway stringId 
- The ID of the Edge Gateway (NSX-T only). Can be looked up using
vcd.NsxtEdgegatewaydata source
- localIp stringAddress 
- IPv4 Address for the endpoint. This has to be a suballocated IP on the Edge Gateway.
- localNetworks string[]
- A set of local networks in CIDR format. At least one value required
- string
- Pre-shared key for negotiation. Note the pre-shared key must be
the same on the other end of the IPSec VPN tunnel and authentication_modemust bePSK
- remoteIp stringAddress 
- Public IPv4 Address of the remote device terminating the VPN connection
- authenticationMode string
- PSK(pre-shared key) or- CERTIFICATE(default -- PSK)
- caCertificate stringId 
- CA Certificate ID (can be handled by
vcd.LibraryCertificateresource or datasource) Noteauthentication_modemust be set toCERTIFICATE
- certificateId string
- Certificate ID (can be handled by vcd.LibraryCertificateresource or datasource). Noteauthentication_modemust be set toCERTIFICATE
- description string
- An optional description of the NSX-T IPsec VPN Tunnel
- enabled boolean
- Enables or disables IPsec VPN Tunnel (default true)
- logging boolean
- Sets whether logging for the tunnel is enabled or not. (default - false)
- name string
- A name for NSX-T IPsec VPN Tunnel
- nsxtIpsec stringVpn Tunnel Id 
- org string
- The name of organization to use, optional if defined at provider level. Useful when connected as sysadmin working across different organisations.
- remoteId string
- Remote ID uniquely identifies the peer site. If the remote ID is not set, it will default to the remote IP address
- remoteNetworks string[]
- Set of remote networks in CIDR format. Leaving it empty is interpreted as 0.0.0.0/0
- securityProfile NsxtCustomization Ipsec Vpn Tunnel Security Profile Customization 
- a block allowing to customize default security profile parameters 
- vdc string
- The name of VDC to use, optional if defined at provider level
- edge_gateway_ strid 
- The ID of the Edge Gateway (NSX-T only). Can be looked up using
vcd.NsxtEdgegatewaydata source
- local_ip_ straddress 
- IPv4 Address for the endpoint. This has to be a suballocated IP on the Edge Gateway.
- local_networks Sequence[str]
- A set of local networks in CIDR format. At least one value required
- str
- Pre-shared key for negotiation. Note the pre-shared key must be
the same on the other end of the IPSec VPN tunnel and authentication_modemust bePSK
- remote_ip_ straddress 
- Public IPv4 Address of the remote device terminating the VPN connection
- authentication_mode str
- PSK(pre-shared key) or- CERTIFICATE(default -- PSK)
- ca_certificate_ strid 
- CA Certificate ID (can be handled by
vcd.LibraryCertificateresource or datasource) Noteauthentication_modemust be set toCERTIFICATE
- certificate_id str
- Certificate ID (can be handled by vcd.LibraryCertificateresource or datasource). Noteauthentication_modemust be set toCERTIFICATE
- description str
- An optional description of the NSX-T IPsec VPN Tunnel
- enabled bool
- Enables or disables IPsec VPN Tunnel (default true)
- logging bool
- Sets whether logging for the tunnel is enabled or not. (default - false)
- name str
- A name for NSX-T IPsec VPN Tunnel
- nsxt_ipsec_ strvpn_ tunnel_ id 
- org str
- The name of organization to use, optional if defined at provider level. Useful when connected as sysadmin working across different organisations.
- remote_id str
- Remote ID uniquely identifies the peer site. If the remote ID is not set, it will default to the remote IP address
- remote_networks Sequence[str]
- Set of remote networks in CIDR format. Leaving it empty is interpreted as 0.0.0.0/0
- security_profile_ Nsxtcustomization Ipsec Vpn Tunnel Security Profile Customization Args 
- a block allowing to customize default security profile parameters 
- vdc str
- The name of VDC to use, optional if defined at provider level
- edgeGateway StringId 
- The ID of the Edge Gateway (NSX-T only). Can be looked up using
vcd.NsxtEdgegatewaydata source
- localIp StringAddress 
- IPv4 Address for the endpoint. This has to be a suballocated IP on the Edge Gateway.
- localNetworks List<String>
- A set of local networks in CIDR format. At least one value required
- String
- Pre-shared key for negotiation. Note the pre-shared key must be
the same on the other end of the IPSec VPN tunnel and authentication_modemust bePSK
- remoteIp StringAddress 
- Public IPv4 Address of the remote device terminating the VPN connection
- authenticationMode String
- PSK(pre-shared key) or- CERTIFICATE(default -- PSK)
- caCertificate StringId 
- CA Certificate ID (can be handled by
vcd.LibraryCertificateresource or datasource) Noteauthentication_modemust be set toCERTIFICATE
- certificateId String
- Certificate ID (can be handled by vcd.LibraryCertificateresource or datasource). Noteauthentication_modemust be set toCERTIFICATE
- description String
- An optional description of the NSX-T IPsec VPN Tunnel
- enabled Boolean
- Enables or disables IPsec VPN Tunnel (default true)
- logging Boolean
- Sets whether logging for the tunnel is enabled or not. (default - false)
- name String
- A name for NSX-T IPsec VPN Tunnel
- nsxtIpsec StringVpn Tunnel Id 
- org String
- The name of organization to use, optional if defined at provider level. Useful when connected as sysadmin working across different organisations.
- remoteId String
- Remote ID uniquely identifies the peer site. If the remote ID is not set, it will default to the remote IP address
- remoteNetworks List<String>
- Set of remote networks in CIDR format. Leaving it empty is interpreted as 0.0.0.0/0
- securityProfile Property MapCustomization 
- a block allowing to customize default security profile parameters 
- vdc String
- The name of VDC to use, optional if defined at provider level
Outputs
All input properties are implicitly available as output properties. Additionally, the NsxtIpsecVpnTunnel resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- IkeFail stringReason 
- Provides more details of failure if the IKE service is not UP
- IkeService stringStatus 
- Status for the actual IKE Session for the given tunnel
- SecurityProfile string
- DEFAULTfor system provided configuration or- CUSTOMif- security_profile_customizationis set
- Status string
- Overall IPsec VPN Tunnel Status
- Id string
- The provider-assigned unique ID for this managed resource.
- IkeFail stringReason 
- Provides more details of failure if the IKE service is not UP
- IkeService stringStatus 
- Status for the actual IKE Session for the given tunnel
- SecurityProfile string
- DEFAULTfor system provided configuration or- CUSTOMif- security_profile_customizationis set
- Status string
- Overall IPsec VPN Tunnel Status
- id String
- The provider-assigned unique ID for this managed resource.
- ikeFail StringReason 
- Provides more details of failure if the IKE service is not UP
- ikeService StringStatus 
- Status for the actual IKE Session for the given tunnel
- securityProfile String
- DEFAULTfor system provided configuration or- CUSTOMif- security_profile_customizationis set
- status String
- Overall IPsec VPN Tunnel Status
- id string
- The provider-assigned unique ID for this managed resource.
- ikeFail stringReason 
- Provides more details of failure if the IKE service is not UP
- ikeService stringStatus 
- Status for the actual IKE Session for the given tunnel
- securityProfile string
- DEFAULTfor system provided configuration or- CUSTOMif- security_profile_customizationis set
- status string
- Overall IPsec VPN Tunnel Status
- id str
- The provider-assigned unique ID for this managed resource.
- ike_fail_ strreason 
- Provides more details of failure if the IKE service is not UP
- ike_service_ strstatus 
- Status for the actual IKE Session for the given tunnel
- security_profile str
- DEFAULTfor system provided configuration or- CUSTOMif- security_profile_customizationis set
- status str
- Overall IPsec VPN Tunnel Status
- id String
- The provider-assigned unique ID for this managed resource.
- ikeFail StringReason 
- Provides more details of failure if the IKE service is not UP
- ikeService StringStatus 
- Status for the actual IKE Session for the given tunnel
- securityProfile String
- DEFAULTfor system provided configuration or- CUSTOMif- security_profile_customizationis set
- status String
- Overall IPsec VPN Tunnel Status
Look up Existing NsxtIpsecVpnTunnel Resource
Get an existing NsxtIpsecVpnTunnel resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: NsxtIpsecVpnTunnelState, opts?: CustomResourceOptions): NsxtIpsecVpnTunnel@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        authentication_mode: Optional[str] = None,
        ca_certificate_id: Optional[str] = None,
        certificate_id: Optional[str] = None,
        description: Optional[str] = None,
        edge_gateway_id: Optional[str] = None,
        enabled: Optional[bool] = None,
        ike_fail_reason: Optional[str] = None,
        ike_service_status: Optional[str] = None,
        local_ip_address: Optional[str] = None,
        local_networks: Optional[Sequence[str]] = None,
        logging: Optional[bool] = None,
        name: Optional[str] = None,
        nsxt_ipsec_vpn_tunnel_id: Optional[str] = None,
        org: Optional[str] = None,
        pre_shared_key: Optional[str] = None,
        remote_id: Optional[str] = None,
        remote_ip_address: Optional[str] = None,
        remote_networks: Optional[Sequence[str]] = None,
        security_profile: Optional[str] = None,
        security_profile_customization: Optional[NsxtIpsecVpnTunnelSecurityProfileCustomizationArgs] = None,
        status: Optional[str] = None,
        vdc: Optional[str] = None) -> NsxtIpsecVpnTunnelfunc GetNsxtIpsecVpnTunnel(ctx *Context, name string, id IDInput, state *NsxtIpsecVpnTunnelState, opts ...ResourceOption) (*NsxtIpsecVpnTunnel, error)public static NsxtIpsecVpnTunnel Get(string name, Input<string> id, NsxtIpsecVpnTunnelState? state, CustomResourceOptions? opts = null)public static NsxtIpsecVpnTunnel get(String name, Output<String> id, NsxtIpsecVpnTunnelState state, CustomResourceOptions options)resources:  _:    type: vcd:NsxtIpsecVpnTunnel    get:      id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- AuthenticationMode string
- PSK(pre-shared key) or- CERTIFICATE(default -- PSK)
- CaCertificate stringId 
- CA Certificate ID (can be handled by
vcd.LibraryCertificateresource or datasource) Noteauthentication_modemust be set toCERTIFICATE
- CertificateId string
- Certificate ID (can be handled by vcd.LibraryCertificateresource or datasource). Noteauthentication_modemust be set toCERTIFICATE
- Description string
- An optional description of the NSX-T IPsec VPN Tunnel
- EdgeGateway stringId 
- The ID of the Edge Gateway (NSX-T only). Can be looked up using
vcd.NsxtEdgegatewaydata source
- Enabled bool
- Enables or disables IPsec VPN Tunnel (default true)
- IkeFail stringReason 
- Provides more details of failure if the IKE service is not UP
- IkeService stringStatus 
- Status for the actual IKE Session for the given tunnel
- LocalIp stringAddress 
- IPv4 Address for the endpoint. This has to be a suballocated IP on the Edge Gateway.
- LocalNetworks List<string>
- A set of local networks in CIDR format. At least one value required
- Logging bool
- Sets whether logging for the tunnel is enabled or not. (default - false)
- Name string
- A name for NSX-T IPsec VPN Tunnel
- NsxtIpsec stringVpn Tunnel Id 
- Org string
- The name of organization to use, optional if defined at provider level. Useful when connected as sysadmin working across different organisations.
- string
- Pre-shared key for negotiation. Note the pre-shared key must be
the same on the other end of the IPSec VPN tunnel and authentication_modemust bePSK
- RemoteId string
- Remote ID uniquely identifies the peer site. If the remote ID is not set, it will default to the remote IP address
- RemoteIp stringAddress 
- Public IPv4 Address of the remote device terminating the VPN connection
- RemoteNetworks List<string>
- Set of remote networks in CIDR format. Leaving it empty is interpreted as 0.0.0.0/0
- SecurityProfile string
- DEFAULTfor system provided configuration or- CUSTOMif- security_profile_customizationis set
- SecurityProfile NsxtCustomization Ipsec Vpn Tunnel Security Profile Customization 
- a block allowing to customize default security profile parameters 
- Status string
- Overall IPsec VPN Tunnel Status
- Vdc string
- The name of VDC to use, optional if defined at provider level
- AuthenticationMode string
- PSK(pre-shared key) or- CERTIFICATE(default -- PSK)
- CaCertificate stringId 
- CA Certificate ID (can be handled by
vcd.LibraryCertificateresource or datasource) Noteauthentication_modemust be set toCERTIFICATE
- CertificateId string
- Certificate ID (can be handled by vcd.LibraryCertificateresource or datasource). Noteauthentication_modemust be set toCERTIFICATE
- Description string
- An optional description of the NSX-T IPsec VPN Tunnel
- EdgeGateway stringId 
- The ID of the Edge Gateway (NSX-T only). Can be looked up using
vcd.NsxtEdgegatewaydata source
- Enabled bool
- Enables or disables IPsec VPN Tunnel (default true)
- IkeFail stringReason 
- Provides more details of failure if the IKE service is not UP
- IkeService stringStatus 
- Status for the actual IKE Session for the given tunnel
- LocalIp stringAddress 
- IPv4 Address for the endpoint. This has to be a suballocated IP on the Edge Gateway.
- LocalNetworks []string
- A set of local networks in CIDR format. At least one value required
- Logging bool
- Sets whether logging for the tunnel is enabled or not. (default - false)
- Name string
- A name for NSX-T IPsec VPN Tunnel
- NsxtIpsec stringVpn Tunnel Id 
- Org string
- The name of organization to use, optional if defined at provider level. Useful when connected as sysadmin working across different organisations.
- string
- Pre-shared key for negotiation. Note the pre-shared key must be
the same on the other end of the IPSec VPN tunnel and authentication_modemust bePSK
- RemoteId string
- Remote ID uniquely identifies the peer site. If the remote ID is not set, it will default to the remote IP address
- RemoteIp stringAddress 
- Public IPv4 Address of the remote device terminating the VPN connection
- RemoteNetworks []string
- Set of remote networks in CIDR format. Leaving it empty is interpreted as 0.0.0.0/0
- SecurityProfile string
- DEFAULTfor system provided configuration or- CUSTOMif- security_profile_customizationis set
- SecurityProfile NsxtCustomization Ipsec Vpn Tunnel Security Profile Customization Args 
- a block allowing to customize default security profile parameters 
- Status string
- Overall IPsec VPN Tunnel Status
- Vdc string
- The name of VDC to use, optional if defined at provider level
- authenticationMode String
- PSK(pre-shared key) or- CERTIFICATE(default -- PSK)
- caCertificate StringId 
- CA Certificate ID (can be handled by
vcd.LibraryCertificateresource or datasource) Noteauthentication_modemust be set toCERTIFICATE
- certificateId String
- Certificate ID (can be handled by vcd.LibraryCertificateresource or datasource). Noteauthentication_modemust be set toCERTIFICATE
- description String
- An optional description of the NSX-T IPsec VPN Tunnel
- edgeGateway StringId 
- The ID of the Edge Gateway (NSX-T only). Can be looked up using
vcd.NsxtEdgegatewaydata source
- enabled Boolean
- Enables or disables IPsec VPN Tunnel (default true)
- ikeFail StringReason 
- Provides more details of failure if the IKE service is not UP
- ikeService StringStatus 
- Status for the actual IKE Session for the given tunnel
- localIp StringAddress 
- IPv4 Address for the endpoint. This has to be a suballocated IP on the Edge Gateway.
- localNetworks List<String>
- A set of local networks in CIDR format. At least one value required
- logging Boolean
- Sets whether logging for the tunnel is enabled or not. (default - false)
- name String
- A name for NSX-T IPsec VPN Tunnel
- nsxtIpsec StringVpn Tunnel Id 
- org String
- The name of organization to use, optional if defined at provider level. Useful when connected as sysadmin working across different organisations.
- String
- Pre-shared key for negotiation. Note the pre-shared key must be
the same on the other end of the IPSec VPN tunnel and authentication_modemust bePSK
- remoteId String
- Remote ID uniquely identifies the peer site. If the remote ID is not set, it will default to the remote IP address
- remoteIp StringAddress 
- Public IPv4 Address of the remote device terminating the VPN connection
- remoteNetworks List<String>
- Set of remote networks in CIDR format. Leaving it empty is interpreted as 0.0.0.0/0
- securityProfile String
- DEFAULTfor system provided configuration or- CUSTOMif- security_profile_customizationis set
- securityProfile NsxtCustomization Ipsec Vpn Tunnel Security Profile Customization 
- a block allowing to customize default security profile parameters 
- status String
- Overall IPsec VPN Tunnel Status
- vdc String
- The name of VDC to use, optional if defined at provider level
- authenticationMode string
- PSK(pre-shared key) or- CERTIFICATE(default -- PSK)
- caCertificate stringId 
- CA Certificate ID (can be handled by
vcd.LibraryCertificateresource or datasource) Noteauthentication_modemust be set toCERTIFICATE
- certificateId string
- Certificate ID (can be handled by vcd.LibraryCertificateresource or datasource). Noteauthentication_modemust be set toCERTIFICATE
- description string
- An optional description of the NSX-T IPsec VPN Tunnel
- edgeGateway stringId 
- The ID of the Edge Gateway (NSX-T only). Can be looked up using
vcd.NsxtEdgegatewaydata source
- enabled boolean
- Enables or disables IPsec VPN Tunnel (default true)
- ikeFail stringReason 
- Provides more details of failure if the IKE service is not UP
- ikeService stringStatus 
- Status for the actual IKE Session for the given tunnel
- localIp stringAddress 
- IPv4 Address for the endpoint. This has to be a suballocated IP on the Edge Gateway.
- localNetworks string[]
- A set of local networks in CIDR format. At least one value required
- logging boolean
- Sets whether logging for the tunnel is enabled or not. (default - false)
- name string
- A name for NSX-T IPsec VPN Tunnel
- nsxtIpsec stringVpn Tunnel Id 
- org string
- The name of organization to use, optional if defined at provider level. Useful when connected as sysadmin working across different organisations.
- string
- Pre-shared key for negotiation. Note the pre-shared key must be
the same on the other end of the IPSec VPN tunnel and authentication_modemust bePSK
- remoteId string
- Remote ID uniquely identifies the peer site. If the remote ID is not set, it will default to the remote IP address
- remoteIp stringAddress 
- Public IPv4 Address of the remote device terminating the VPN connection
- remoteNetworks string[]
- Set of remote networks in CIDR format. Leaving it empty is interpreted as 0.0.0.0/0
- securityProfile string
- DEFAULTfor system provided configuration or- CUSTOMif- security_profile_customizationis set
- securityProfile NsxtCustomization Ipsec Vpn Tunnel Security Profile Customization 
- a block allowing to customize default security profile parameters 
- status string
- Overall IPsec VPN Tunnel Status
- vdc string
- The name of VDC to use, optional if defined at provider level
- authentication_mode str
- PSK(pre-shared key) or- CERTIFICATE(default -- PSK)
- ca_certificate_ strid 
- CA Certificate ID (can be handled by
vcd.LibraryCertificateresource or datasource) Noteauthentication_modemust be set toCERTIFICATE
- certificate_id str
- Certificate ID (can be handled by vcd.LibraryCertificateresource or datasource). Noteauthentication_modemust be set toCERTIFICATE
- description str
- An optional description of the NSX-T IPsec VPN Tunnel
- edge_gateway_ strid 
- The ID of the Edge Gateway (NSX-T only). Can be looked up using
vcd.NsxtEdgegatewaydata source
- enabled bool
- Enables or disables IPsec VPN Tunnel (default true)
- ike_fail_ strreason 
- Provides more details of failure if the IKE service is not UP
- ike_service_ strstatus 
- Status for the actual IKE Session for the given tunnel
- local_ip_ straddress 
- IPv4 Address for the endpoint. This has to be a suballocated IP on the Edge Gateway.
- local_networks Sequence[str]
- A set of local networks in CIDR format. At least one value required
- logging bool
- Sets whether logging for the tunnel is enabled or not. (default - false)
- name str
- A name for NSX-T IPsec VPN Tunnel
- nsxt_ipsec_ strvpn_ tunnel_ id 
- org str
- The name of organization to use, optional if defined at provider level. Useful when connected as sysadmin working across different organisations.
- str
- Pre-shared key for negotiation. Note the pre-shared key must be
the same on the other end of the IPSec VPN tunnel and authentication_modemust bePSK
- remote_id str
- Remote ID uniquely identifies the peer site. If the remote ID is not set, it will default to the remote IP address
- remote_ip_ straddress 
- Public IPv4 Address of the remote device terminating the VPN connection
- remote_networks Sequence[str]
- Set of remote networks in CIDR format. Leaving it empty is interpreted as 0.0.0.0/0
- security_profile str
- DEFAULTfor system provided configuration or- CUSTOMif- security_profile_customizationis set
- security_profile_ Nsxtcustomization Ipsec Vpn Tunnel Security Profile Customization Args 
- a block allowing to customize default security profile parameters 
- status str
- Overall IPsec VPN Tunnel Status
- vdc str
- The name of VDC to use, optional if defined at provider level
- authenticationMode String
- PSK(pre-shared key) or- CERTIFICATE(default -- PSK)
- caCertificate StringId 
- CA Certificate ID (can be handled by
vcd.LibraryCertificateresource or datasource) Noteauthentication_modemust be set toCERTIFICATE
- certificateId String
- Certificate ID (can be handled by vcd.LibraryCertificateresource or datasource). Noteauthentication_modemust be set toCERTIFICATE
- description String
- An optional description of the NSX-T IPsec VPN Tunnel
- edgeGateway StringId 
- The ID of the Edge Gateway (NSX-T only). Can be looked up using
vcd.NsxtEdgegatewaydata source
- enabled Boolean
- Enables or disables IPsec VPN Tunnel (default true)
- ikeFail StringReason 
- Provides more details of failure if the IKE service is not UP
- ikeService StringStatus 
- Status for the actual IKE Session for the given tunnel
- localIp StringAddress 
- IPv4 Address for the endpoint. This has to be a suballocated IP on the Edge Gateway.
- localNetworks List<String>
- A set of local networks in CIDR format. At least one value required
- logging Boolean
- Sets whether logging for the tunnel is enabled or not. (default - false)
- name String
- A name for NSX-T IPsec VPN Tunnel
- nsxtIpsec StringVpn Tunnel Id 
- org String
- The name of organization to use, optional if defined at provider level. Useful when connected as sysadmin working across different organisations.
- String
- Pre-shared key for negotiation. Note the pre-shared key must be
the same on the other end of the IPSec VPN tunnel and authentication_modemust bePSK
- remoteId String
- Remote ID uniquely identifies the peer site. If the remote ID is not set, it will default to the remote IP address
- remoteIp StringAddress 
- Public IPv4 Address of the remote device terminating the VPN connection
- remoteNetworks List<String>
- Set of remote networks in CIDR format. Leaving it empty is interpreted as 0.0.0.0/0
- securityProfile String
- DEFAULTfor system provided configuration or- CUSTOMif- security_profile_customizationis set
- securityProfile Property MapCustomization 
- a block allowing to customize default security profile parameters 
- status String
- Overall IPsec VPN Tunnel Status
- vdc String
- The name of VDC to use, optional if defined at provider level
Supporting Types
NsxtIpsecVpnTunnelSecurityProfileCustomization, NsxtIpsecVpnTunnelSecurityProfileCustomizationArgs              
- IkeDh List<string>Groups 
- Diffie-Hellman groups to be used if Perfect Forward Secrecy is enabled. One of GROUP2, GROUP5, GROUP14, GROUP15, GROUP16, GROUP19, GROUP20, GROUP21
- IkeEncryption List<string>Algorithms 
- Encryption algorithms. One of SHA1, SHA2_256, SHA2_384, SHA2_512
- IkeVersion string
- IKE version one of IKE_V1, IKE_V2, IKE_FLEX
- TunnelDh List<string>Groups 
- Diffie-Hellman groups to be used is PFS is enabled. One of GROUP2, GROUP5, GROUP14, GROUP15, GROUP16, GROUP19, GROUP20, GROUP21
- TunnelEncryption List<string>Algorithms 
- Encryption algorithms to use in IPSec tunnel establishment. One of AES_128, AES_256, AES_GCM_128, AES_GCM_192, AES_GCM_256, NO_ENCRYPTION_AUTH_AES_GMAC_128, NO_ENCRYPTION_AUTH_AES_GMAC_192, NO_ENCRYPTION_AUTH_AES_GMAC_256, NO_ENCRYPTION
- DpdProbe doubleInternal 
- Value in seconds of dead probe detection interval. Minimum is 3 seconds and the maximum is 60 seconds
- IkeDigest List<string>Algorithms 
- Secure hashing algorithms to use during the IKE negotiation. One of SHA1, SHA2_256, SHA2_384, SHA2_512
- IkeSa doubleLifetime 
- Security Association life time (in seconds). It is number of seconds before the IPsec tunnel needs to reestablish
- TunnelDf stringPolicy 
- Policy for handling defragmentation bit. One of COPY, CLEAR
- TunnelDigest List<string>Algorithms 
- Digest algorithms to be used for message digest. One of SHA1, SHA2_256, SHA2_384, SHA2_512
- TunnelPfs boolEnabled 
- Perfect Forward Secrecy Enabled or Disabled. Default (enabled)
- TunnelSa doubleLifetime 
- Security Association life time (in seconds)
- IkeDh []stringGroups 
- Diffie-Hellman groups to be used if Perfect Forward Secrecy is enabled. One of GROUP2, GROUP5, GROUP14, GROUP15, GROUP16, GROUP19, GROUP20, GROUP21
- IkeEncryption []stringAlgorithms 
- Encryption algorithms. One of SHA1, SHA2_256, SHA2_384, SHA2_512
- IkeVersion string
- IKE version one of IKE_V1, IKE_V2, IKE_FLEX
- TunnelDh []stringGroups 
- Diffie-Hellman groups to be used is PFS is enabled. One of GROUP2, GROUP5, GROUP14, GROUP15, GROUP16, GROUP19, GROUP20, GROUP21
- TunnelEncryption []stringAlgorithms 
- Encryption algorithms to use in IPSec tunnel establishment. One of AES_128, AES_256, AES_GCM_128, AES_GCM_192, AES_GCM_256, NO_ENCRYPTION_AUTH_AES_GMAC_128, NO_ENCRYPTION_AUTH_AES_GMAC_192, NO_ENCRYPTION_AUTH_AES_GMAC_256, NO_ENCRYPTION
- DpdProbe float64Internal 
- Value in seconds of dead probe detection interval. Minimum is 3 seconds and the maximum is 60 seconds
- IkeDigest []stringAlgorithms 
- Secure hashing algorithms to use during the IKE negotiation. One of SHA1, SHA2_256, SHA2_384, SHA2_512
- IkeSa float64Lifetime 
- Security Association life time (in seconds). It is number of seconds before the IPsec tunnel needs to reestablish
- TunnelDf stringPolicy 
- Policy for handling defragmentation bit. One of COPY, CLEAR
- TunnelDigest []stringAlgorithms 
- Digest algorithms to be used for message digest. One of SHA1, SHA2_256, SHA2_384, SHA2_512
- TunnelPfs boolEnabled 
- Perfect Forward Secrecy Enabled or Disabled. Default (enabled)
- TunnelSa float64Lifetime 
- Security Association life time (in seconds)
- ikeDh List<String>Groups 
- Diffie-Hellman groups to be used if Perfect Forward Secrecy is enabled. One of GROUP2, GROUP5, GROUP14, GROUP15, GROUP16, GROUP19, GROUP20, GROUP21
- ikeEncryption List<String>Algorithms 
- Encryption algorithms. One of SHA1, SHA2_256, SHA2_384, SHA2_512
- ikeVersion String
- IKE version one of IKE_V1, IKE_V2, IKE_FLEX
- tunnelDh List<String>Groups 
- Diffie-Hellman groups to be used is PFS is enabled. One of GROUP2, GROUP5, GROUP14, GROUP15, GROUP16, GROUP19, GROUP20, GROUP21
- tunnelEncryption List<String>Algorithms 
- Encryption algorithms to use in IPSec tunnel establishment. One of AES_128, AES_256, AES_GCM_128, AES_GCM_192, AES_GCM_256, NO_ENCRYPTION_AUTH_AES_GMAC_128, NO_ENCRYPTION_AUTH_AES_GMAC_192, NO_ENCRYPTION_AUTH_AES_GMAC_256, NO_ENCRYPTION
- dpdProbe DoubleInternal 
- Value in seconds of dead probe detection interval. Minimum is 3 seconds and the maximum is 60 seconds
- ikeDigest List<String>Algorithms 
- Secure hashing algorithms to use during the IKE negotiation. One of SHA1, SHA2_256, SHA2_384, SHA2_512
- ikeSa DoubleLifetime 
- Security Association life time (in seconds). It is number of seconds before the IPsec tunnel needs to reestablish
- tunnelDf StringPolicy 
- Policy for handling defragmentation bit. One of COPY, CLEAR
- tunnelDigest List<String>Algorithms 
- Digest algorithms to be used for message digest. One of SHA1, SHA2_256, SHA2_384, SHA2_512
- tunnelPfs BooleanEnabled 
- Perfect Forward Secrecy Enabled or Disabled. Default (enabled)
- tunnelSa DoubleLifetime 
- Security Association life time (in seconds)
- ikeDh string[]Groups 
- Diffie-Hellman groups to be used if Perfect Forward Secrecy is enabled. One of GROUP2, GROUP5, GROUP14, GROUP15, GROUP16, GROUP19, GROUP20, GROUP21
- ikeEncryption string[]Algorithms 
- Encryption algorithms. One of SHA1, SHA2_256, SHA2_384, SHA2_512
- ikeVersion string
- IKE version one of IKE_V1, IKE_V2, IKE_FLEX
- tunnelDh string[]Groups 
- Diffie-Hellman groups to be used is PFS is enabled. One of GROUP2, GROUP5, GROUP14, GROUP15, GROUP16, GROUP19, GROUP20, GROUP21
- tunnelEncryption string[]Algorithms 
- Encryption algorithms to use in IPSec tunnel establishment. One of AES_128, AES_256, AES_GCM_128, AES_GCM_192, AES_GCM_256, NO_ENCRYPTION_AUTH_AES_GMAC_128, NO_ENCRYPTION_AUTH_AES_GMAC_192, NO_ENCRYPTION_AUTH_AES_GMAC_256, NO_ENCRYPTION
- dpdProbe numberInternal 
- Value in seconds of dead probe detection interval. Minimum is 3 seconds and the maximum is 60 seconds
- ikeDigest string[]Algorithms 
- Secure hashing algorithms to use during the IKE negotiation. One of SHA1, SHA2_256, SHA2_384, SHA2_512
- ikeSa numberLifetime 
- Security Association life time (in seconds). It is number of seconds before the IPsec tunnel needs to reestablish
- tunnelDf stringPolicy 
- Policy for handling defragmentation bit. One of COPY, CLEAR
- tunnelDigest string[]Algorithms 
- Digest algorithms to be used for message digest. One of SHA1, SHA2_256, SHA2_384, SHA2_512
- tunnelPfs booleanEnabled 
- Perfect Forward Secrecy Enabled or Disabled. Default (enabled)
- tunnelSa numberLifetime 
- Security Association life time (in seconds)
- ike_dh_ Sequence[str]groups 
- Diffie-Hellman groups to be used if Perfect Forward Secrecy is enabled. One of GROUP2, GROUP5, GROUP14, GROUP15, GROUP16, GROUP19, GROUP20, GROUP21
- ike_encryption_ Sequence[str]algorithms 
- Encryption algorithms. One of SHA1, SHA2_256, SHA2_384, SHA2_512
- ike_version str
- IKE version one of IKE_V1, IKE_V2, IKE_FLEX
- tunnel_dh_ Sequence[str]groups 
- Diffie-Hellman groups to be used is PFS is enabled. One of GROUP2, GROUP5, GROUP14, GROUP15, GROUP16, GROUP19, GROUP20, GROUP21
- tunnel_encryption_ Sequence[str]algorithms 
- Encryption algorithms to use in IPSec tunnel establishment. One of AES_128, AES_256, AES_GCM_128, AES_GCM_192, AES_GCM_256, NO_ENCRYPTION_AUTH_AES_GMAC_128, NO_ENCRYPTION_AUTH_AES_GMAC_192, NO_ENCRYPTION_AUTH_AES_GMAC_256, NO_ENCRYPTION
- dpd_probe_ floatinternal 
- Value in seconds of dead probe detection interval. Minimum is 3 seconds and the maximum is 60 seconds
- ike_digest_ Sequence[str]algorithms 
- Secure hashing algorithms to use during the IKE negotiation. One of SHA1, SHA2_256, SHA2_384, SHA2_512
- ike_sa_ floatlifetime 
- Security Association life time (in seconds). It is number of seconds before the IPsec tunnel needs to reestablish
- tunnel_df_ strpolicy 
- Policy for handling defragmentation bit. One of COPY, CLEAR
- tunnel_digest_ Sequence[str]algorithms 
- Digest algorithms to be used for message digest. One of SHA1, SHA2_256, SHA2_384, SHA2_512
- tunnel_pfs_ boolenabled 
- Perfect Forward Secrecy Enabled or Disabled. Default (enabled)
- tunnel_sa_ floatlifetime 
- Security Association life time (in seconds)
- ikeDh List<String>Groups 
- Diffie-Hellman groups to be used if Perfect Forward Secrecy is enabled. One of GROUP2, GROUP5, GROUP14, GROUP15, GROUP16, GROUP19, GROUP20, GROUP21
- ikeEncryption List<String>Algorithms 
- Encryption algorithms. One of SHA1, SHA2_256, SHA2_384, SHA2_512
- ikeVersion String
- IKE version one of IKE_V1, IKE_V2, IKE_FLEX
- tunnelDh List<String>Groups 
- Diffie-Hellman groups to be used is PFS is enabled. One of GROUP2, GROUP5, GROUP14, GROUP15, GROUP16, GROUP19, GROUP20, GROUP21
- tunnelEncryption List<String>Algorithms 
- Encryption algorithms to use in IPSec tunnel establishment. One of AES_128, AES_256, AES_GCM_128, AES_GCM_192, AES_GCM_256, NO_ENCRYPTION_AUTH_AES_GMAC_128, NO_ENCRYPTION_AUTH_AES_GMAC_192, NO_ENCRYPTION_AUTH_AES_GMAC_256, NO_ENCRYPTION
- dpdProbe NumberInternal 
- Value in seconds of dead probe detection interval. Minimum is 3 seconds and the maximum is 60 seconds
- ikeDigest List<String>Algorithms 
- Secure hashing algorithms to use during the IKE negotiation. One of SHA1, SHA2_256, SHA2_384, SHA2_512
- ikeSa NumberLifetime 
- Security Association life time (in seconds). It is number of seconds before the IPsec tunnel needs to reestablish
- tunnelDf StringPolicy 
- Policy for handling defragmentation bit. One of COPY, CLEAR
- tunnelDigest List<String>Algorithms 
- Digest algorithms to be used for message digest. One of SHA1, SHA2_256, SHA2_384, SHA2_512
- tunnelPfs BooleanEnabled 
- Perfect Forward Secrecy Enabled or Disabled. Default (enabled)
- tunnelSa NumberLifetime 
- Security Association life time (in seconds)
Package Details
- Repository
- vcd vmware/terraform-provider-vcd
- License
- Notes
- This Pulumi package is based on the vcdTerraform Provider.