Ensure IPSec Tunnel

Ensures that the IPSec Tunnel with the provided ID is created or modified. The full IPSec Tunnel needs to be provided to ensure (either update or create) the IPSec Tunnel. Non present data will only be filled with defaults or left empty, but not take previous values into consideration.s

To ensure that the IPSec Tunnel with the provided ID is created or modified, perform PUT request.

Note: If IPSec Tunnel for a given tunnelId does not exist, a new one is created instead.

Endpoint

Use the following endpoint to ensure that IPSec Tunnel is created or modified: https://vpn.de-fra.ionos.com/ipsecgateways/{gatewayId}/tunnels/{tunnelId}.

Request

Note: The following request contains a sample gatewayId and tunnelId. Replace them with the gatewayId and tunnelId values whose information you want to update.

curl --location \
--request PUT 'https://vpn.de-fra.ionos.com/ipsecgateways/66a114c7-2ddd-5119-9ddf-5a789f5a5a44/tunnels/c28b2d3e-7b15-53ca-ae88-6ae9378d6efe' \
--header 'Authorization: Bearer eyJ0eXAiOiJKV1QiLCJraWQiO' \
--header 'Content-Type: application/json' \
--data-raw '{
  "id": "c28b2d3e-7b15-53ca-ae88-6ae9378d6efe",
  "metadata": {},
  "properties": {
    "name": "My Company Gateway Tunnel",
    "description": "Allows local subnet X to connect to virtual network Y.",
    "remoteHost": "vpn.mycompany.com",
    "auth": {
      "method": "PSK",
      "psk": {
        "key": "X2wosbaw74M8hQGbK3jCCaEusR6CCFRa"
      }
    },
    "ike": {
      "diffieHellmanGroup": "16-MODP4096",
      "encryptionAlgorithm": "AES256",
      "integrityAlgorithm": "SHA256",
      "lifetime": 86400
    },
    "esp": {
      "diffieHellmanGroup": "16-MODP4096",
      "encryptionAlgorithm": "AES256",
      "integrityAlgorithm": "SHA256",
      "lifetime": 3600
    },
    "cloudNetworkCIDRs": [
      "203.0.113.0/24"
    ],
    "peerNetworkCIDRs": [
      "198.51.100.0/24"
    ]
  }
}'

You can update the gatewayId and tunnelId values to specify the IPSec Gateway and Tunnel:

Path ParameterTypeDescriptionExample

gatewayId

string

The ID (UUID) of the IPSec Gateway.

66a114c7-2ddd-5119-9ddf-5a789f5a5a44

tunnelId

string

The ID (UUID) of the IPSec Tunnel.

c28b2d3e-7b15-53ca-ae88-6ae9378d6efe

Response

200 Successful operation

Following is an example of when a IPSec Tunnel is successfully created.

{
  "id": "c28b2d3e-7b15-53ca-ae88-6ae9378d6efe",
  "type": "ipsectunnel",
  "href": "/ipsecgateways/{gatewayId}/tunnels/c28b2d3e-7b15-53ca-ae88-6ae9378d6efe",
  "metadata": {
    "createdDate": "2020-12-10T13:37:50+01:00",
    "createdBy": "ionos:identity:::users/87f9a82e-b28d-49ed-9d04-fba2c0459cd3",
    "createdByUserId": "87f9a82e-b28d-49ed-9d04-fba2c0459cd3",
    "lastModifiedDate": "2020-12-11T13:37:50+01:00",
    "lastModifiedBy": "ionos:identity:::users/87f9a82e-b28d-49ed-9d04-fba2c0459cd3",
    "lastModifiedByUserId": "87f9a82e-b28d-49ed-9d04-fba2c0459cd3",
    "resourceURN": "ionos:<product>:<location>:<contract>:<resource-path>",
    "status": "AVAILABLE",
    "statusMessage": null
  },
  "properties": {
    "name": "My Company Gateway Tunnel",
    "description": "Allows local subnet X to connect to virtual network Y.",
    "remoteHost": "vpn.mycompany.com",
    "auth": {
      "method": "PSK",
      "psk": {}
    },
    "ike": {
      "diffieHellmanGroup": "16-MODP4096",
      "encryptionAlgorithm": "AES256",
      "integrityAlgorithm": "SHA256",
      "lifetime": 86400
    },
    "esp": {
      "diffieHellmanGroup": "16-MODP4096",
      "encryptionAlgorithm": "AES256",
      "integrityAlgorithm": "SHA256",
      "lifetime": 3600
    },
    "cloudNetworkCIDRs": [
      "203.0.113.0/24"
    ],
    "peerNetworkCIDRs": [
      "198.51.100.0/24"
    ]
  }
}

Result: The IPSec Tunnel is successfully updated or created.

Last updated