Function

This API is used to update an IKE policy.

If the IKE policy is updated, the IPsec VPN connection also needs to be updated.

URI

PUT /v2.0/vpn/ikepolicies/{ikepolicy_id}

**Table 1** Parameter description
Parameter	Type	Mandatory	Description
ikepolicy_id	String	Yes	Specifies the IKE policy ID.

Request

Table 2 describes the request parameters.

**Table 2** Request parameters
Parameter	Type	Mandatory	Description
auth_algorithm	String	No	Specifies the authentication hash algorithm, which can be md5, sha1, sha2-256, sha2-384, or sha2-512.
description	String	No	Provides supplementary information about the IKE policy. The description can contain up to 255 characters.
encryption_algorithm	String	No	Specifies the encryption algorithm, which can be 3des, aes-128, aes-192, or aes-256. The default algorithm is aes-128.
ike_version	String	No	Specifies the IKE version, which can be v1 or v2. The default version is v1.
ikepolicy	Object	Yes	Specifies the IKE policy object.
lifetime	Object	No	Specifies the lifetime object of SA.
name	String	No	Specifies the IKE policy name. The name can contain 1 to 64 characters.
pfs	String	No	Specifies the PFS, which can be group1, group2, group5, group14, group15, group16, group19, group20, group21, or disable. The default PFS is group5.
phase1_negotiation_mode	String	No	Specifies the IKE mode, which is main by default.
value	Integer	No	Specifies the lifetime value of the SA, which is 3600 by default. The default unit is seconds. Supported range: 60 to 604800
units	String	No	Specifies the lifecycle unit, which is seconds by default.

Response

Table 3 describes the response parameters.

**Table 3** Response parameters
Parameter	Type	Description
auth_algorithm	String	Specifies the authentication hash algorithm, which can be md5, sha1, sha2-256, sha2-384, or sha2-512.
description	String	Provides supplementary information about the IKE policy.
encryption_algorithm	String	Specifies the encryption algorithm, which can be 3des, aes-128, aes-192, or aes-256. The default algorithm is aes-128.
id	String	Specifies the IKE policy ID.
ike_version	String	Specifies the IKE version, which can be v1 or v2. The default version is v1.
lifetime	Object	Specifies the lifetime object of SA.
name	String	Specifies the IKE policy name.
pfs	String	Specifies the PFS, which can be group1, group2, group5, group14, group15, group16, group19, group20, group21, or disable. The default PFS is group5.
phase1_negotiation_mode	String	Specifies the IKE mode, which is main by default.
tenant_id	String	Specifies the project ID.
ikepolicy	Object	Specifies the IKE policy object.
value	Integer	Specifies the lifetime value of the SA, which is 3600 by default. The default unit is seconds.
units	String	Specifies the lifetime value of the SA, which is 3600 by default. The default unit is seconds.

Example

Example request

{
  "ikepolicy" : {
    "encryption_algorithm" : "aes-256"
  }
}

Example response

{
  "ikepolicy" : {
    "name" : "ikepolicy1",
    "tenant_id" : "ccb81365fe36411a9011e90491fe1330",
    "auth_algorithm" : "sha1",
    "encryption_algorithm" : "aes-256",
    "pfs" : "group5",
    "phase1_negotiation_mode" : "main",
    "lifetime" : {
      "units" : "seconds",
      "value" : 3600
    },
    "ike_version" : "v1",
    "id" : "5522aff7-1b3c-48dd-9c3c-b50f016b73db",
    "description" : ""
  }
}

Returned Values

For details, see Common Returned Values.

Updating an IKE Policy

Function

URI

Request

Response

Example

Returned Values