NSX-T Data Center REST API

IPSecVPNPolicyRule (type)

{
  "additionalProperties": false, 
  "description": "For policy-based IPsec VPNs, a security policy specifies as its action the VPN tunnel to be used for transit traffic that meets the policy's match criteria.", 
  "extends": {
    "$ref": "EmbeddedResource
  }, 
  "id": "IPSecVPNPolicyRule", 
  "module_id": "IPSecVPN", 
  "properties": {
    "_links": {
      "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", 
      "items": {
        "$ref": "ResourceLink
      }, 
      "readonly": true, 
      "title": "References related to this resource", 
      "type": "array"
    }, 
    "_owner": {
      "$ref": "OwnerResourceLink, 
      "readonly": true, 
      "title": "Owner of this resource"
    }, 
    "_revision": {
      "computed": true, 
      "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", 
      "title": "Generation of this resource config", 
      "type": "int"
    }, 
    "_schema": {
      "readonly": true, 
      "title": "Schema for this resource", 
      "type": "string"
    }, 
    "_self": {
      "$ref": "SelfResourceLink, 
      "readonly": true, 
      "title": "Link to this resource"
    }, 
    "action": {
      "default": "PROTECT", 
      "description": "PROTECT - Protect rules are defined per policy based IPSec VPN session. BYPASS - Bypass rules are defined per IPSec VPN service and affects all policy based IPSec VPN sessions. Bypass rules are prioritized over protect rules.", 
      "enum": [
        "PROTECT", 
        "BYPASS"
      ], 
      "readonly": true, 
      "title": "Action to be applied", 
      "type": "string"
    }, 
    "description": {
      "can_sort": true, 
      "maxLength": 1024, 
      "title": "Description of this resource", 
      "type": "string"
    }, 
    "destinations": {
      "description": "List of peer subnets.", 
      "items": {
        "$ref": "IPSecVPNPolicySubnet
      }, 
      "maxItems": 128, 
      "required": false, 
      "title": "Destination list", 
      "type": "array"
    }, 
    "display_name": {
      "can_sort": true, 
      "description": "Defaults to ID if not set", 
      "maxLength": 255, 
      "title": "Identifier to use when displaying entity in logs or GUI", 
      "type": "string"
    }, 
    "enabled": {
      "default": true, 
      "description": "A flag to enable/disable the policy rule.", 
      "title": "Enabled flag", 
      "type": "boolean"
    }, 
    "id": {
      "description": "Unique policy id.", 
      "title": "Unique policy id", 
      "type": "string"
    }, 
    "logged": {
      "default": false, 
      "description": "A flag to enable/disable the logging for the policy rule.", 
      "title": "Logging flag", 
      "type": "boolean"
    }, 
    "resource_type": {
      "description": "The type of this resource.", 
      "readonly": false, 
      "type": "string"
    }, 
    "sources": {
      "description": "List of local subnets.", 
      "items": {
        "$ref": "IPSecVPNPolicySubnet
      }, 
      "maxItems": 128, 
      "required": false, 
      "title": "Source list", 
      "type": "array"
    }
  }, 
  "title": "IPSec VPN policy rules", 
  "type": "object"
}