VPN IPsec Site Connection

Creates a site-to-site IPsec Site Connection for a VPN service.

Network v2

vpn ipsec site connection create

Create an IPsec site connection

openstack vpn ipsec site connection create
    [-f {json,shell,table,value,yaml}]
    [-c COLUMN]
    [--noindent]
    [--prefix PREFIX]
    [--max-width <integer>]
    [--fit-width]
    [--print-empty]
    [--description <description>]
    [--dpd action=ACTION,interval=INTERVAL,timeout=TIMEOUT]
    [--mtu MTU]
    [--initiator {bi-directional,response-only}]
    [--peer-cidr PEER_CIDRS | --local-endpoint-group LOCAL_ENDPOINT_GROUP]
    [--peer-endpoint-group PEER_ENDPOINT_GROUP]
    [--enable | --disable]
    [--local-id LOCAL_ID]
    --peer-id PEER_ID
    --peer-address PEER_ADDRESS
    --psk PSK
    --vpnservice VPNSERVICE
    --ikepolicy IKEPOLICY
    --ipsecpolicy IPSECPOLICY
    [--project <project>]
    [--project-domain <project-domain>]
    <name>
-f <FORMATTER>, --format <FORMATTER>

the output format, defaults to table

-c COLUMN, --column COLUMN

specify the column(s) to include, can be repeated

--noindent

whether to disable indenting the JSON

--prefix <PREFIX>

add a prefix to all variable names

--max-width <integer>

Maximum display width, <1 to disable. You can also use the CLIFF_MAX_TERM_WIDTH environment variable, but the parameter takes precedence.

--fit-width

Fit the table to the display width. Implied if –max-width greater than 0. Set the environment variable CLIFF_FIT_WIDTH=1 to always enable

--print-empty

Print empty table if there is no data to show.

--description <description>

Description for the connection

--dpd action=ACTION,interval=INTERVAL,timeout=TIMEOUT

Ipsec connection Dead Peer Detection attributes. ‘action’-hold,clear,disabled,restart,restart-by-peer. ‘interval’ and ‘timeout’ are non negative integers. ‘interval’ should be less than ‘timeout’ value. ‘action’, default:hold ‘interval’, default:30, ‘timeout’, default:120.

--mtu <MTU>

MTU size for the connection

--initiator <INITIATOR>

Initiator state

--peer-cidr <PEER_CIDRS>

Remote subnet(s) in CIDR format. Cannot be specified when using endpoint groups. Only applicable, if subnet provided for VPN service.

--local-endpoint-group <LOCAL_ENDPOINT_GROUP>

Local endpoint group (name or ID) with subnet(s) for IPsec connection

--peer-endpoint-group <PEER_ENDPOINT_GROUP>

Peer endpoint group (name or ID) with CIDR(s) for IPSec connection

--enable

Enable IPSec site connection

--disable

Disable IPSec site connection

--local-id <LOCAL_ID>

An ID to be used instead of the external IP address for a virtual router

--peer-id <PEER_ID>

Peer router identity for authentication. Can be IPv4/IPv6 address, e-mail address, key id, or FQDN

--peer-address <PEER_ADDRESS>

Peer gateway public IPv4/IPv6 address or FQDN

--psk <PSK>

Pre-shared key string.

--vpnservice VPNSERVICE

VPN service instance associated with this connection (name or ID)

--ikepolicy IKEPOLICY

IKE policy associated with this connection (name or ID)

--ipsecpolicy IPSECPOLICY

IPsec policy associated with this connection (name or ID)

--project <project>

Owner’s project (name or ID)

--project-domain <project-domain>

Domain the project belongs to (name or ID). This can be used in case collisions between project names exist.

name

Set friendly name for the connection

This command is provided by the python-neutronclient plugin.

vpn ipsec site connection delete

Delete IPsec site connection(s)

openstack vpn ipsec site connection delete
    <ipsec-site-connection>
    [<ipsec-site-connection> ...]
ipsec-site-connection

IPsec site connection to delete (name or ID)

This command is provided by the python-neutronclient plugin.

vpn ipsec site connection list

List IPsec site connections that belong to a given project

openstack vpn ipsec site connection list
    [-f {csv,json,table,value,yaml}]
    [-c COLUMN]
    [--quote {all,minimal,none,nonnumeric}]
    [--noindent]
    [--max-width <integer>]
    [--fit-width]
    [--print-empty]
    [--sort-column SORT_COLUMN]
    [--long]
-f <FORMATTER>, --format <FORMATTER>

the output format, defaults to table

-c COLUMN, --column COLUMN

specify the column(s) to include, can be repeated

--quote <QUOTE_MODE>

when to include quotes, defaults to nonnumeric

--noindent

whether to disable indenting the JSON

--max-width <integer>

Maximum display width, <1 to disable. You can also use the CLIFF_MAX_TERM_WIDTH environment variable, but the parameter takes precedence.

--fit-width

Fit the table to the display width. Implied if –max-width greater than 0. Set the environment variable CLIFF_FIT_WIDTH=1 to always enable

--print-empty

Print empty table if there is no data to show.

--sort-column SORT_COLUMN

specify the column(s) to sort the data (columns specified first have a priority, non-existing columns are ignored), can be repeated

--long

List additional fields in output

This command is provided by the python-neutronclient plugin.

vpn ipsec site connection set

Set IPsec site connection properties

openstack vpn ipsec site connection set
    [--description <description>]
    [--dpd action=ACTION,interval=INTERVAL,timeout=TIMEOUT]
    [--mtu MTU]
    [--initiator {bi-directional,response-only}]
    [--peer-cidr PEER_CIDRS | --local-endpoint-group LOCAL_ENDPOINT_GROUP]
    [--peer-endpoint-group PEER_ENDPOINT_GROUP]
    [--enable | --disable]
    [--local-id LOCAL_ID]
    [--peer-id PEER_ID]
    [--peer-address PEER_ADDRESS]
    [--name <name>]
    <ipsec-site-connection>
--description <description>

Description for the connection

--dpd action=ACTION,interval=INTERVAL,timeout=TIMEOUT

Ipsec connection Dead Peer Detection attributes. ‘action’-hold,clear,disabled,restart,restart-by-peer. ‘interval’ and ‘timeout’ are non negative integers. ‘interval’ should be less than ‘timeout’ value. ‘action’, default:hold ‘interval’, default:30, ‘timeout’, default:120.

--mtu <MTU>

MTU size for the connection

--initiator <INITIATOR>

Initiator state

--peer-cidr <PEER_CIDRS>

Remote subnet(s) in CIDR format. Cannot be specified when using endpoint groups. Only applicable, if subnet provided for VPN service.

--local-endpoint-group <LOCAL_ENDPOINT_GROUP>

Local endpoint group (name or ID) with subnet(s) for IPsec connection

--peer-endpoint-group <PEER_ENDPOINT_GROUP>

Peer endpoint group (name or ID) with CIDR(s) for IPSec connection

--enable

Enable IPSec site connection

--disable

Disable IPSec site connection

--local-id <LOCAL_ID>

An ID to be used instead of the external IP address for a virtual router

--peer-id <PEER_ID>

Peer router identity for authentication. Can be IPv4/IPv6 address, e-mail address, key id, or FQDN

--peer-address <PEER_ADDRESS>

Peer gateway public IPv4/IPv6 address or FQDN

--name <name>

Set friendly name for the connection

ipsec-site-connection

IPsec site connection to set (name or ID)

This command is provided by the python-neutronclient plugin.

vpn ipsec site connection show

Show information of a given IPsec site connection

openstack vpn ipsec site connection show
    [-f {json,shell,table,value,yaml}]
    [-c COLUMN]
    [--noindent]
    [--prefix PREFIX]
    [--max-width <integer>]
    [--fit-width]
    [--print-empty]
    <ipsec-site-connection>
-f <FORMATTER>, --format <FORMATTER>

the output format, defaults to table

-c COLUMN, --column COLUMN

specify the column(s) to include, can be repeated

--noindent

whether to disable indenting the JSON

--prefix <PREFIX>

add a prefix to all variable names

--max-width <integer>

Maximum display width, <1 to disable. You can also use the CLIFF_MAX_TERM_WIDTH environment variable, but the parameter takes precedence.

--fit-width

Fit the table to the display width. Implied if –max-width greater than 0. Set the environment variable CLIFF_FIT_WIDTH=1 to always enable

--print-empty

Print empty table if there is no data to show.

ipsec-site-connection

IPsec site connection to display (name or ID)

This command is provided by the python-neutronclient plugin.