# IPSecTunnels

Operations to create and manage IPSec VPN Gateway Tunnels.

This tag groups all operations for ipsectunnels.

## Retrieve all IPSecTunnels

> This endpoint enables retrieving all IPSecTunnels using\
> pagination and optional filters.<br>

```json
{"openapi":"3.0.3","info":{"title":"IONOS Cloud VPN Gateway API","version":"1.0.0"},"tags":[{"name":"IPSecTunnels","description":"Operations to create and manage IPSec VPN Gateway Tunnels.\n\nThis tag groups all operations for ipsectunnels.\n"}],"servers":[{"url":"https://vpn.de-fra.ionos.com","description":"Production de-fra"},{"url":"https://vpn.de-txl.ionos.com","description":"Production de-txl"},{"url":"https://vpn.es-vit.ionos.com","description":"Production es-vit"},{"url":"https://vpn.gb-bhx.ionos.com","description":"Production gb-bhx"},{"url":"https://vpn.gb-lhr.ionos.com","description":"Production gb-lhr"},{"url":"https://vpn.us-ewr.ionos.com","description":"Production us-ewr"},{"url":"https://vpn.us-las.ionos.com","description":"Production us-las"},{"url":"https://vpn.us-mci.ionos.com","description":"Production us-mci"},{"url":"https://vpn.fr-par.ionos.com","description":"Production fr-par"}],"security":[{"tokenAuth":[]}],"components":{"securitySchemes":{"tokenAuth":{"type":"http","scheme":"bearer","bearerFormat":"JWT","description":"The token can be generated using the \n[Authentication API](https://api.ionos.com/docs/authentication/v1/#tag/tokens/operation/tokensGenerate).\n"}},"parameters":{"paginationOffset":{"name":"offset","in":"query","description":"The first element (of the total list of elements) to include in the response. Use together with limit for pagination.","required":false,"schema":{"type":"integer","format":"int32","default":0,"minimum":0}},"paginationLimit":{"name":"limit","in":"query","description":"The maximum number of elements to return. Use together with offset for pagination.","required":false,"schema":{"type":"integer","format":"int32","default":100,"minimum":1,"maximum":1000}}},"schemas":{"IPSecTunnelReadList":{"allOf":[{"type":"object","required":["id","type","href"],"properties":{"id":{"description":"ID of the list of IPSecTunnel resources.","type":"string","format":"uuid"},"type":{"description":"The type of the resource.","type":"string","enum":["collection"]},"href":{"description":"The URL of the list of IPSecTunnel resources.","type":"string"},"items":{"description":"The list of IPSecTunnel resources.","type":"array","items":{"$ref":"#/components/schemas/IPSecTunnelRead"}}}},{"$ref":"#/components/schemas/Pagination"}]},"IPSecTunnelRead":{"type":"object","required":["id","type","href","metadata","properties"],"properties":{"id":{"type":"string","description":"The ID (UUID) of the IPSecTunnel.","format":"uuid"},"type":{"description":"The type of the resource.","type":"string","enum":["ipsectunnel"]},"href":{"description":"The URL of the IPSecTunnel.","type":"string"},"metadata":{"$ref":"#/components/schemas/IPSecTunnelMetadata"},"properties":{"$ref":"#/components/schemas/IPSecTunnel"}}},"IPSecTunnelMetadata":{"description":"IPSec Tunnel Metadata","readOnly":true,"allOf":[{"$ref":"#/components/schemas/Metadata"},{"$ref":"#/components/schemas/ResourceStatus"}]},"Metadata":{"type":"object","description":"Metadata of the resource.","properties":{"createdDate":{"type":"string","format":"date-time","description":"The ISO 8601 creation timestamp.","readOnly":true},"createdBy":{"type":"string","description":"Unique name of the identity that created the resource.","readOnly":true},"createdByUserId":{"type":"string","description":"Unique id of the identity that created the resource.","readOnly":true},"lastModifiedDate":{"type":"string","format":"date-time","description":"The ISO 8601 modified timestamp.","readOnly":true},"lastModifiedBy":{"type":"string","description":"Unique name of the identity that last modified the resource.","readOnly":true},"lastModifiedByUserId":{"type":"string","description":"Unique id of the identity that last modified the resource.","readOnly":true},"resourceURN":{"type":"string","description":"Unique name of the resource.","readOnly":true}}},"ResourceStatus":{"type":"object","description":"The current status of the resource.","required":["status"],"properties":{"status":{"$ref":"#/components/schemas/Status"},"statusMessage":{"$ref":"#/components/schemas/StatusMessage"}}},"Status":{"type":"string","description":"The current status of the resource. The status can be:\n\n* `AVAILABLE` - resource exists and is healthy.\n* `PROVISIONING` - resource is being created or updated.\n* `DESTROYING` - delete command was issued, the resource is being deleted.\n* `FAILED`: - resource failed, details in `statusMessage`.\n","readOnly":true},"StatusMessage":{"type":"string","description":"The message of the failure if the status is `FAILED`.\n","readOnly":true},"IPSecTunnel":{"description":"Properties with all data needed to create a new IPSec Gateway Tunnel.\\\n__Note__: there is a limit to the total number of tunnels.  Please refer to product documentation.\n","required":["name","remoteHost","auth","cloudNetworkCIDRs","peerNetworkCIDRs","ike","esp"],"type":"object","properties":{"name":{"type":"string","description":"The human readable name of your IPSec Gateway Tunnel.","maxLength":255},"description":{"type":"string","description":"Human readable description of the IPSec Gateway Tunnel.","maxLength":1024},"remoteHost":{"type":"string","description":"The remote peer host fully qualified domain name or IPV4 IP to connect to.\n* __Note__: This should be the public IP of the remote peer.\n* Tunnels only support IPV4 or hostname (fully qualified DNS name).\n","anyOf":[{"format":"ipv4"},{"format":"hostname"}]},"auth":{"$ref":"#/components/schemas/IPSecTunnelAuth"},"ike":{"$ref":"#/components/schemas/IKEEncryption"},"esp":{"$ref":"#/components/schemas/ESPEncryption"},"cloudNetworkCIDRs":{"type":"array","minItems":1,"maxItems":20,"description":"The network CIDRs on the \"Left\" side that are allowed to connect to the IPSec tunnel,\ni.e the CIDRs within your IONOS Cloud LAN.  Specify \"0.0.0.0/0\" or \"::/0\" for all addresses.\n","items":{"$ref":"#/components/schemas/CIDR"}},"peerNetworkCIDRs":{"type":"array","minItems":1,"maxItems":20,"description":"The network CIDRs on the \"Right\" side that are allowed to connect to the IPSec tunnel.  Specify \"0.0.0.0/0\" or \"::/0\" for all addresses.","items":{"$ref":"#/components/schemas/CIDR"}}}},"IPSecTunnelAuth":{"description":"Properties with all data needed to define IPSec Authentication.\n","required":["method"],"type":"object","properties":{"method":{"type":"string","description":"The Authentication Method to use for IPSec Authentication.\\\nOptions:\n  - PSK\n","default":"PSK"},"psk":{"$ref":"#/components/schemas/IPSecPSK"}}},"IPSecPSK":{"description":"Properties with all data needed to define IPSec Authentication PSK. This is required if the method is PSK.\n","required":["key"],"type":"object","properties":{"key":{"type":"string","writeOnly":true,"description":"The Pre-Shared Key used for IPSec Authentication."}}},"IKEEncryption":{"type":"object","description":"Settings for the initial security exchange phase.","properties":{"diffieHellmanGroup":{"allOf":[{"$ref":"#/components/schemas/DiffieHellmanGroup"}]},"encryptionAlgorithm":{"allOf":[{"$ref":"#/components/schemas/EncryptionAlgorithm"}]},"integrityAlgorithm":{"allOf":[{"$ref":"#/components/schemas/IntegrityAlgorithm"}]},"lifetime":{"type":"integer","description":"The phase lifetime in seconds.","default":86400,"minimum":3600,"maximum":86400}}},"DiffieHellmanGroup":{"type":"string","description":"The Diffie-Hellman Group to use for IPSec Encryption.\\\nOptions:\n  - 15-MODP3072\n  - 16-MODP4096\n  - 19-ECP256\n  - 20-ECP384\n  - 21-ECP521\n  - 28-ECP256BP\n  - 29-ECP384BP\n  - 30-ECP512BP\n","default":"16-MODP4096"},"EncryptionAlgorithm":{"type":"string","description":"The encryption algorithm to use for IPSec Encryption.\\\nOptions:\n- AES128-CTR\n- AES256-CTR\n- AES128-GCM-16\n- AES256-GCM-16\n- AES128-GCM-12\n- AES256-GCM-12\n- AES128-CCM-12\n- AES256-CCM-12\n- AES128\n- AES256\n","default":"AES256"},"IntegrityAlgorithm":{"type":"string","description":"The integrity algorithm to use for IPSec Encryption.\\\nOptions:\n- SHA256\n- SHA384\n- SHA512\n- AES-XCBC\n","default":"SHA256"},"ESPEncryption":{"type":"object","description":"Settings for the IPSec SA (ESP) phase.","properties":{"diffieHellmanGroup":{"allOf":[{"$ref":"#/components/schemas/DiffieHellmanGroup"}]},"encryptionAlgorithm":{"allOf":[{"$ref":"#/components/schemas/EncryptionAlgorithm"}]},"integrityAlgorithm":{"allOf":[{"$ref":"#/components/schemas/IntegrityAlgorithm"}]},"lifetime":{"type":"integer","description":"The phase lifetime in seconds.","default":3600,"minimum":600,"maximum":14400}}},"CIDR":{"type":"string","anyOf":[{"$ref":"#/components/schemas/IPV4CIDR"},{"$ref":"#/components/schemas/IPV6CIDR"}]},"IPV4CIDR":{"type":"string","pattern":"^((([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5]))\\/([0-9]|[1-2][0-9]|3[0-2])$","description":"Describes a range of IP V4 addresses in CIDR notation.\n"},"IPV6CIDR":{"type":"string","pattern":"^(([0-9a-fA-F]{1,4}:){7,7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|:((:[0-9a-fA-F]{1,4}){1,7}|:))\\/([0-9]|[0-9][0-9]|1[0-1][0-9]|12[0-8])$","description":"Describes a range of IP V6 addresses in CIDR notation.\n"},"Pagination":{"required":["offset","limit","_links"],"description":"Pagination information. The offset and limit parameters are used to\nnavigate the list of elements. The _links object contains URLs to\nnavigate the different pages.\n","type":"object","properties":{"offset":{"$ref":"#/components/schemas/Offset"},"limit":{"$ref":"#/components/schemas/Limit"},"_links":{"$ref":"#/components/schemas/Links"}}},"Offset":{"description":"The offset specified in the request (if none was specified, the default\noffset is 0).\n","type":"integer","minimum":0,"readOnly":true},"Limit":{"description":"The limit specified in the request (if none was specified, use the\nendpoint's default pagination limit).\n","type":"integer","minimum":0,"readOnly":true},"Links":{"description":"URLs to navigate the different pages. As of now we always only return a\nsingle page.\n","type":"object","properties":{"prev":{"description":"URL (with offset and limit parameters) of the previous page; only\npresent if offset is greater than 0.\n","type":"string","format":"uri","readOnly":true},"self":{"description":"URL (with offset and limit parameters) of the current page.\n","type":"string","format":"uri","readOnly":true},"next":{"description":"URL (with offset and limit parameters) of the next page; only\npresent if offset + limit is less than the total number of elements.\n","type":"string","format":"uri","readOnly":true}}},"Error":{"description":"The Error object is used to represent an error response from the API.\n","type":"object","properties":{"httpStatus":{"type":"integer","description":"The HTTP status code of the operation."},"messages":{"type":"array","description":"A list of error messages.\n","items":{"type":"object","properties":{"errorCode":{"type":"string","description":"Application internal error code\n"},"message":{"type":"string","description":"A human readable explanation specific to this occurrence of the\nproblem.\n"}}}}}}},"responses":{"BadRequest":{"description":"### Bad Request\nThe request send to the API was malformed.\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}}},"Unauthorized":{"description":"### Unauthorized\nThe request is missing authorization information or the authorization information provided are expired.\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}}},"NotAllowed":{"description":"### Not Allowed\nThe user issuing the request does not have the needed permissions.\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}}},"TooManyRequests":{"description":"### Too Many Requests\nThe user has sent too many requests in a given amount of time.\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}}},"InternalError":{"description":"### Internal Server Error\nAn internal error occurred. We apologize for the inconvenience!\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}}},"ServiceUnavailable":{"description":"### Service Unavailable\nThe server is currently unable to handle the request due to a temporary overloading or maintenance of the server.\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}}},"UnexpectedError":{"description":"### Unexpected Internal Server Error\nAn unexpected internal error occurred. We apologize for the inconvenience!\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}}}}},"paths":{"/ipsecgateways/{gatewayId}/tunnels":{"get":{"operationId":"ipsecgatewaysTunnelsGet","summary":"Retrieve all IPSecTunnels","description":"This endpoint enables retrieving all IPSecTunnels using\npagination and optional filters.\n","parameters":[{"name":"gatewayId","in":"path","schema":{"type":"string","format":"uuid"},"required":true,"description":"The ID (UUID) of the IPSecGateway."},{"$ref":"#/components/parameters/paginationOffset"},{"$ref":"#/components/parameters/paginationLimit"}],"tags":["IPSecTunnels"],"responses":{"200":{"description":"Returned all requested IPSecTunnels successfully.\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/IPSecTunnelReadList"}}}},"400":{"$ref":"#/components/responses/BadRequest"},"401":{"$ref":"#/components/responses/Unauthorized"},"403":{"$ref":"#/components/responses/NotAllowed"},"429":{"$ref":"#/components/responses/TooManyRequests"},"500":{"$ref":"#/components/responses/InternalError"},"503":{"$ref":"#/components/responses/ServiceUnavailable"},"default":{"$ref":"#/components/responses/UnexpectedError"}}}}}}
```

## Create IPSecTunnel

> Creates a new IPSecTunnel.\
> \
> The full IPSecTunnel needs to be provided to create the object.\
> Optional data will be filled with defaults or left empty.<br>

```json
{"openapi":"3.0.3","info":{"title":"IONOS Cloud VPN Gateway API","version":"1.0.0"},"tags":[{"name":"IPSecTunnels","description":"Operations to create and manage IPSec VPN Gateway Tunnels.\n\nThis tag groups all operations for ipsectunnels.\n"}],"servers":[{"url":"https://vpn.de-fra.ionos.com","description":"Production de-fra"},{"url":"https://vpn.de-txl.ionos.com","description":"Production de-txl"},{"url":"https://vpn.es-vit.ionos.com","description":"Production es-vit"},{"url":"https://vpn.gb-bhx.ionos.com","description":"Production gb-bhx"},{"url":"https://vpn.gb-lhr.ionos.com","description":"Production gb-lhr"},{"url":"https://vpn.us-ewr.ionos.com","description":"Production us-ewr"},{"url":"https://vpn.us-las.ionos.com","description":"Production us-las"},{"url":"https://vpn.us-mci.ionos.com","description":"Production us-mci"},{"url":"https://vpn.fr-par.ionos.com","description":"Production fr-par"}],"security":[{"tokenAuth":[]}],"components":{"securitySchemes":{"tokenAuth":{"type":"http","scheme":"bearer","bearerFormat":"JWT","description":"The token can be generated using the \n[Authentication API](https://api.ionos.com/docs/authentication/v1/#tag/tokens/operation/tokensGenerate).\n"}},"schemas":{"IPSecTunnelCreate":{"type":"object","required":["properties"],"properties":{"metadata":{"description":"Metadata","additionalProperties":true},"properties":{"$ref":"#/components/schemas/IPSecTunnel"}}},"IPSecTunnel":{"description":"Properties with all data needed to create a new IPSec Gateway Tunnel.\\\n__Note__: there is a limit to the total number of tunnels.  Please refer to product documentation.\n","required":["name","remoteHost","auth","cloudNetworkCIDRs","peerNetworkCIDRs","ike","esp"],"type":"object","properties":{"name":{"type":"string","description":"The human readable name of your IPSec Gateway Tunnel.","maxLength":255},"description":{"type":"string","description":"Human readable description of the IPSec Gateway Tunnel.","maxLength":1024},"remoteHost":{"type":"string","description":"The remote peer host fully qualified domain name or IPV4 IP to connect to.\n* __Note__: This should be the public IP of the remote peer.\n* Tunnels only support IPV4 or hostname (fully qualified DNS name).\n","anyOf":[{"format":"ipv4"},{"format":"hostname"}]},"auth":{"$ref":"#/components/schemas/IPSecTunnelAuth"},"ike":{"$ref":"#/components/schemas/IKEEncryption"},"esp":{"$ref":"#/components/schemas/ESPEncryption"},"cloudNetworkCIDRs":{"type":"array","minItems":1,"maxItems":20,"description":"The network CIDRs on the \"Left\" side that are allowed to connect to the IPSec tunnel,\ni.e the CIDRs within your IONOS Cloud LAN.  Specify \"0.0.0.0/0\" or \"::/0\" for all addresses.\n","items":{"$ref":"#/components/schemas/CIDR"}},"peerNetworkCIDRs":{"type":"array","minItems":1,"maxItems":20,"description":"The network CIDRs on the \"Right\" side that are allowed to connect to the IPSec tunnel.  Specify \"0.0.0.0/0\" or \"::/0\" for all addresses.","items":{"$ref":"#/components/schemas/CIDR"}}}},"IPSecTunnelAuth":{"description":"Properties with all data needed to define IPSec Authentication.\n","required":["method"],"type":"object","properties":{"method":{"type":"string","description":"The Authentication Method to use for IPSec Authentication.\\\nOptions:\n  - PSK\n","default":"PSK"},"psk":{"$ref":"#/components/schemas/IPSecPSK"}}},"IPSecPSK":{"description":"Properties with all data needed to define IPSec Authentication PSK. This is required if the method is PSK.\n","required":["key"],"type":"object","properties":{"key":{"type":"string","writeOnly":true,"description":"The Pre-Shared Key used for IPSec Authentication."}}},"IKEEncryption":{"type":"object","description":"Settings for the initial security exchange phase.","properties":{"diffieHellmanGroup":{"allOf":[{"$ref":"#/components/schemas/DiffieHellmanGroup"}]},"encryptionAlgorithm":{"allOf":[{"$ref":"#/components/schemas/EncryptionAlgorithm"}]},"integrityAlgorithm":{"allOf":[{"$ref":"#/components/schemas/IntegrityAlgorithm"}]},"lifetime":{"type":"integer","description":"The phase lifetime in seconds.","default":86400,"minimum":3600,"maximum":86400}}},"DiffieHellmanGroup":{"type":"string","description":"The Diffie-Hellman Group to use for IPSec Encryption.\\\nOptions:\n  - 15-MODP3072\n  - 16-MODP4096\n  - 19-ECP256\n  - 20-ECP384\n  - 21-ECP521\n  - 28-ECP256BP\n  - 29-ECP384BP\n  - 30-ECP512BP\n","default":"16-MODP4096"},"EncryptionAlgorithm":{"type":"string","description":"The encryption algorithm to use for IPSec Encryption.\\\nOptions:\n- AES128-CTR\n- AES256-CTR\n- AES128-GCM-16\n- AES256-GCM-16\n- AES128-GCM-12\n- AES256-GCM-12\n- AES128-CCM-12\n- AES256-CCM-12\n- AES128\n- AES256\n","default":"AES256"},"IntegrityAlgorithm":{"type":"string","description":"The integrity algorithm to use for IPSec Encryption.\\\nOptions:\n- SHA256\n- SHA384\n- SHA512\n- AES-XCBC\n","default":"SHA256"},"ESPEncryption":{"type":"object","description":"Settings for the IPSec SA (ESP) phase.","properties":{"diffieHellmanGroup":{"allOf":[{"$ref":"#/components/schemas/DiffieHellmanGroup"}]},"encryptionAlgorithm":{"allOf":[{"$ref":"#/components/schemas/EncryptionAlgorithm"}]},"integrityAlgorithm":{"allOf":[{"$ref":"#/components/schemas/IntegrityAlgorithm"}]},"lifetime":{"type":"integer","description":"The phase lifetime in seconds.","default":3600,"minimum":600,"maximum":14400}}},"CIDR":{"type":"string","anyOf":[{"$ref":"#/components/schemas/IPV4CIDR"},{"$ref":"#/components/schemas/IPV6CIDR"}]},"IPV4CIDR":{"type":"string","pattern":"^((([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5]))\\/([0-9]|[1-2][0-9]|3[0-2])$","description":"Describes a range of IP V4 addresses in CIDR notation.\n"},"IPV6CIDR":{"type":"string","pattern":"^(([0-9a-fA-F]{1,4}:){7,7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|:((:[0-9a-fA-F]{1,4}){1,7}|:))\\/([0-9]|[0-9][0-9]|1[0-1][0-9]|12[0-8])$","description":"Describes a range of IP V6 addresses in CIDR notation.\n"},"IPSecTunnelRead":{"type":"object","required":["id","type","href","metadata","properties"],"properties":{"id":{"type":"string","description":"The ID (UUID) of the IPSecTunnel.","format":"uuid"},"type":{"description":"The type of the resource.","type":"string","enum":["ipsectunnel"]},"href":{"description":"The URL of the IPSecTunnel.","type":"string"},"metadata":{"$ref":"#/components/schemas/IPSecTunnelMetadata"},"properties":{"$ref":"#/components/schemas/IPSecTunnel"}}},"IPSecTunnelMetadata":{"description":"IPSec Tunnel Metadata","readOnly":true,"allOf":[{"$ref":"#/components/schemas/Metadata"},{"$ref":"#/components/schemas/ResourceStatus"}]},"Metadata":{"type":"object","description":"Metadata of the resource.","properties":{"createdDate":{"type":"string","format":"date-time","description":"The ISO 8601 creation timestamp.","readOnly":true},"createdBy":{"type":"string","description":"Unique name of the identity that created the resource.","readOnly":true},"createdByUserId":{"type":"string","description":"Unique id of the identity that created the resource.","readOnly":true},"lastModifiedDate":{"type":"string","format":"date-time","description":"The ISO 8601 modified timestamp.","readOnly":true},"lastModifiedBy":{"type":"string","description":"Unique name of the identity that last modified the resource.","readOnly":true},"lastModifiedByUserId":{"type":"string","description":"Unique id of the identity that last modified the resource.","readOnly":true},"resourceURN":{"type":"string","description":"Unique name of the resource.","readOnly":true}}},"ResourceStatus":{"type":"object","description":"The current status of the resource.","required":["status"],"properties":{"status":{"$ref":"#/components/schemas/Status"},"statusMessage":{"$ref":"#/components/schemas/StatusMessage"}}},"Status":{"type":"string","description":"The current status of the resource. The status can be:\n\n* `AVAILABLE` - resource exists and is healthy.\n* `PROVISIONING` - resource is being created or updated.\n* `DESTROYING` - delete command was issued, the resource is being deleted.\n* `FAILED`: - resource failed, details in `statusMessage`.\n","readOnly":true},"StatusMessage":{"type":"string","description":"The message of the failure if the status is `FAILED`.\n","readOnly":true},"Error":{"description":"The Error object is used to represent an error response from the API.\n","type":"object","properties":{"httpStatus":{"type":"integer","description":"The HTTP status code of the operation."},"messages":{"type":"array","description":"A list of error messages.\n","items":{"type":"object","properties":{"errorCode":{"type":"string","description":"Application internal error code\n"},"message":{"type":"string","description":"A human readable explanation specific to this occurrence of the\nproblem.\n"}}}}}}},"responses":{"BadRequest":{"description":"### Bad Request\nThe request send to the API was malformed.\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}}},"Unauthorized":{"description":"### Unauthorized\nThe request is missing authorization information or the authorization information provided are expired.\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}}},"NotAllowed":{"description":"### Not Allowed\nThe user issuing the request does not have the needed permissions.\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}}},"UnsupportedMediaType":{"description":"### Unsupported Media Type\nThe request has an unsupported media type.\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}}},"UnprocessableEntity":{"description":"### Unprocessable Entity\nThe request was well-formed but was unable to be followed due to semantic errors.\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}}},"TooManyRequests":{"description":"### Too Many Requests\nThe user has sent too many requests in a given amount of time.\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}}},"InternalError":{"description":"### Internal Server Error\nAn internal error occurred. We apologize for the inconvenience!\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}}},"ServiceUnavailable":{"description":"### Service Unavailable\nThe server is currently unable to handle the request due to a temporary overloading or maintenance of the server.\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}}},"UnexpectedError":{"description":"### Unexpected Internal Server Error\nAn unexpected internal error occurred. We apologize for the inconvenience!\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}}}}},"paths":{"/ipsecgateways/{gatewayId}/tunnels":{"post":{"operationId":"ipsecgatewaysTunnelsPost","summary":"Create IPSecTunnel","tags":["IPSecTunnels"],"description":"Creates a new IPSecTunnel.\n\nThe full IPSecTunnel needs to be provided to create the object.\nOptional data will be filled with defaults or left empty.\n","parameters":[{"name":"gatewayId","in":"path","schema":{"type":"string","format":"uuid"},"required":true,"description":"The ID (UUID) of the IPSecGateway."}],"requestBody":{"description":"IPSecTunnel to create.","required":true,"content":{"application/json":{"schema":{"$ref":"#/components/schemas/IPSecTunnelCreate"}}}},"responses":{"201":{"description":"IPSecTunnel successfully created.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/IPSecTunnelRead"}}}},"400":{"$ref":"#/components/responses/BadRequest"},"401":{"$ref":"#/components/responses/Unauthorized"},"403":{"$ref":"#/components/responses/NotAllowed"},"415":{"$ref":"#/components/responses/UnsupportedMediaType"},"422":{"$ref":"#/components/responses/UnprocessableEntity"},"429":{"$ref":"#/components/responses/TooManyRequests"},"500":{"$ref":"#/components/responses/InternalError"},"503":{"$ref":"#/components/responses/ServiceUnavailable"},"default":{"$ref":"#/components/responses/UnexpectedError"}}}}}}
```

## Retrieve IPSecTunnel

> Returns the IPSecTunnel by ID.

```json
{"openapi":"3.0.3","info":{"title":"IONOS Cloud VPN Gateway API","version":"1.0.0"},"tags":[{"name":"IPSecTunnels","description":"Operations to create and manage IPSec VPN Gateway Tunnels.\n\nThis tag groups all operations for ipsectunnels.\n"}],"servers":[{"url":"https://vpn.de-fra.ionos.com","description":"Production de-fra"},{"url":"https://vpn.de-txl.ionos.com","description":"Production de-txl"},{"url":"https://vpn.es-vit.ionos.com","description":"Production es-vit"},{"url":"https://vpn.gb-bhx.ionos.com","description":"Production gb-bhx"},{"url":"https://vpn.gb-lhr.ionos.com","description":"Production gb-lhr"},{"url":"https://vpn.us-ewr.ionos.com","description":"Production us-ewr"},{"url":"https://vpn.us-las.ionos.com","description":"Production us-las"},{"url":"https://vpn.us-mci.ionos.com","description":"Production us-mci"},{"url":"https://vpn.fr-par.ionos.com","description":"Production fr-par"}],"security":[{"tokenAuth":[]}],"components":{"securitySchemes":{"tokenAuth":{"type":"http","scheme":"bearer","bearerFormat":"JWT","description":"The token can be generated using the \n[Authentication API](https://api.ionos.com/docs/authentication/v1/#tag/tokens/operation/tokensGenerate).\n"}},"schemas":{"IPSecTunnelRead":{"type":"object","required":["id","type","href","metadata","properties"],"properties":{"id":{"type":"string","description":"The ID (UUID) of the IPSecTunnel.","format":"uuid"},"type":{"description":"The type of the resource.","type":"string","enum":["ipsectunnel"]},"href":{"description":"The URL of the IPSecTunnel.","type":"string"},"metadata":{"$ref":"#/components/schemas/IPSecTunnelMetadata"},"properties":{"$ref":"#/components/schemas/IPSecTunnel"}}},"IPSecTunnelMetadata":{"description":"IPSec Tunnel Metadata","readOnly":true,"allOf":[{"$ref":"#/components/schemas/Metadata"},{"$ref":"#/components/schemas/ResourceStatus"}]},"Metadata":{"type":"object","description":"Metadata of the resource.","properties":{"createdDate":{"type":"string","format":"date-time","description":"The ISO 8601 creation timestamp.","readOnly":true},"createdBy":{"type":"string","description":"Unique name of the identity that created the resource.","readOnly":true},"createdByUserId":{"type":"string","description":"Unique id of the identity that created the resource.","readOnly":true},"lastModifiedDate":{"type":"string","format":"date-time","description":"The ISO 8601 modified timestamp.","readOnly":true},"lastModifiedBy":{"type":"string","description":"Unique name of the identity that last modified the resource.","readOnly":true},"lastModifiedByUserId":{"type":"string","description":"Unique id of the identity that last modified the resource.","readOnly":true},"resourceURN":{"type":"string","description":"Unique name of the resource.","readOnly":true}}},"ResourceStatus":{"type":"object","description":"The current status of the resource.","required":["status"],"properties":{"status":{"$ref":"#/components/schemas/Status"},"statusMessage":{"$ref":"#/components/schemas/StatusMessage"}}},"Status":{"type":"string","description":"The current status of the resource. The status can be:\n\n* `AVAILABLE` - resource exists and is healthy.\n* `PROVISIONING` - resource is being created or updated.\n* `DESTROYING` - delete command was issued, the resource is being deleted.\n* `FAILED`: - resource failed, details in `statusMessage`.\n","readOnly":true},"StatusMessage":{"type":"string","description":"The message of the failure if the status is `FAILED`.\n","readOnly":true},"IPSecTunnel":{"description":"Properties with all data needed to create a new IPSec Gateway Tunnel.\\\n__Note__: there is a limit to the total number of tunnels.  Please refer to product documentation.\n","required":["name","remoteHost","auth","cloudNetworkCIDRs","peerNetworkCIDRs","ike","esp"],"type":"object","properties":{"name":{"type":"string","description":"The human readable name of your IPSec Gateway Tunnel.","maxLength":255},"description":{"type":"string","description":"Human readable description of the IPSec Gateway Tunnel.","maxLength":1024},"remoteHost":{"type":"string","description":"The remote peer host fully qualified domain name or IPV4 IP to connect to.\n* __Note__: This should be the public IP of the remote peer.\n* Tunnels only support IPV4 or hostname (fully qualified DNS name).\n","anyOf":[{"format":"ipv4"},{"format":"hostname"}]},"auth":{"$ref":"#/components/schemas/IPSecTunnelAuth"},"ike":{"$ref":"#/components/schemas/IKEEncryption"},"esp":{"$ref":"#/components/schemas/ESPEncryption"},"cloudNetworkCIDRs":{"type":"array","minItems":1,"maxItems":20,"description":"The network CIDRs on the \"Left\" side that are allowed to connect to the IPSec tunnel,\ni.e the CIDRs within your IONOS Cloud LAN.  Specify \"0.0.0.0/0\" or \"::/0\" for all addresses.\n","items":{"$ref":"#/components/schemas/CIDR"}},"peerNetworkCIDRs":{"type":"array","minItems":1,"maxItems":20,"description":"The network CIDRs on the \"Right\" side that are allowed to connect to the IPSec tunnel.  Specify \"0.0.0.0/0\" or \"::/0\" for all addresses.","items":{"$ref":"#/components/schemas/CIDR"}}}},"IPSecTunnelAuth":{"description":"Properties with all data needed to define IPSec Authentication.\n","required":["method"],"type":"object","properties":{"method":{"type":"string","description":"The Authentication Method to use for IPSec Authentication.\\\nOptions:\n  - PSK\n","default":"PSK"},"psk":{"$ref":"#/components/schemas/IPSecPSK"}}},"IPSecPSK":{"description":"Properties with all data needed to define IPSec Authentication PSK. This is required if the method is PSK.\n","required":["key"],"type":"object","properties":{"key":{"type":"string","writeOnly":true,"description":"The Pre-Shared Key used for IPSec Authentication."}}},"IKEEncryption":{"type":"object","description":"Settings for the initial security exchange phase.","properties":{"diffieHellmanGroup":{"allOf":[{"$ref":"#/components/schemas/DiffieHellmanGroup"}]},"encryptionAlgorithm":{"allOf":[{"$ref":"#/components/schemas/EncryptionAlgorithm"}]},"integrityAlgorithm":{"allOf":[{"$ref":"#/components/schemas/IntegrityAlgorithm"}]},"lifetime":{"type":"integer","description":"The phase lifetime in seconds.","default":86400,"minimum":3600,"maximum":86400}}},"DiffieHellmanGroup":{"type":"string","description":"The Diffie-Hellman Group to use for IPSec Encryption.\\\nOptions:\n  - 15-MODP3072\n  - 16-MODP4096\n  - 19-ECP256\n  - 20-ECP384\n  - 21-ECP521\n  - 28-ECP256BP\n  - 29-ECP384BP\n  - 30-ECP512BP\n","default":"16-MODP4096"},"EncryptionAlgorithm":{"type":"string","description":"The encryption algorithm to use for IPSec Encryption.\\\nOptions:\n- AES128-CTR\n- AES256-CTR\n- AES128-GCM-16\n- AES256-GCM-16\n- AES128-GCM-12\n- AES256-GCM-12\n- AES128-CCM-12\n- AES256-CCM-12\n- AES128\n- AES256\n","default":"AES256"},"IntegrityAlgorithm":{"type":"string","description":"The integrity algorithm to use for IPSec Encryption.\\\nOptions:\n- SHA256\n- SHA384\n- SHA512\n- AES-XCBC\n","default":"SHA256"},"ESPEncryption":{"type":"object","description":"Settings for the IPSec SA (ESP) phase.","properties":{"diffieHellmanGroup":{"allOf":[{"$ref":"#/components/schemas/DiffieHellmanGroup"}]},"encryptionAlgorithm":{"allOf":[{"$ref":"#/components/schemas/EncryptionAlgorithm"}]},"integrityAlgorithm":{"allOf":[{"$ref":"#/components/schemas/IntegrityAlgorithm"}]},"lifetime":{"type":"integer","description":"The phase lifetime in seconds.","default":3600,"minimum":600,"maximum":14400}}},"CIDR":{"type":"string","anyOf":[{"$ref":"#/components/schemas/IPV4CIDR"},{"$ref":"#/components/schemas/IPV6CIDR"}]},"IPV4CIDR":{"type":"string","pattern":"^((([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5]))\\/([0-9]|[1-2][0-9]|3[0-2])$","description":"Describes a range of IP V4 addresses in CIDR notation.\n"},"IPV6CIDR":{"type":"string","pattern":"^(([0-9a-fA-F]{1,4}:){7,7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|:((:[0-9a-fA-F]{1,4}){1,7}|:))\\/([0-9]|[0-9][0-9]|1[0-1][0-9]|12[0-8])$","description":"Describes a range of IP V6 addresses in CIDR notation.\n"},"Error":{"description":"The Error object is used to represent an error response from the API.\n","type":"object","properties":{"httpStatus":{"type":"integer","description":"The HTTP status code of the operation."},"messages":{"type":"array","description":"A list of error messages.\n","items":{"type":"object","properties":{"errorCode":{"type":"string","description":"Application internal error code\n"},"message":{"type":"string","description":"A human readable explanation specific to this occurrence of the\nproblem.\n"}}}}}}},"responses":{"BadRequest":{"description":"### Bad Request\nThe request send to the API was malformed.\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}}},"Unauthorized":{"description":"### Unauthorized\nThe request is missing authorization information or the authorization information provided are expired.\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}}},"NotAllowed":{"description":"### Not Allowed\nThe user issuing the request does not have the needed permissions.\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}}},"NotFound":{"description":"### Not Found\nThe resource that was requested could not be found.\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}}},"TooManyRequests":{"description":"### Too Many Requests\nThe user has sent too many requests in a given amount of time.\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}}},"InternalError":{"description":"### Internal Server Error\nAn internal error occurred. We apologize for the inconvenience!\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}}},"ServiceUnavailable":{"description":"### Service Unavailable\nThe server is currently unable to handle the request due to a temporary overloading or maintenance of the server.\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}}},"UnexpectedError":{"description":"### Unexpected Internal Server Error\nAn unexpected internal error occurred. We apologize for the inconvenience!\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}}}}},"paths":{"/ipsecgateways/{gatewayId}/tunnels/{tunnelId}":{"get":{"operationId":"ipsecgatewaysTunnelsFindById","summary":"Retrieve IPSecTunnel","tags":["IPSecTunnels"],"description":"Returns the IPSecTunnel by ID.","parameters":[{"name":"gatewayId","in":"path","schema":{"type":"string","format":"uuid"},"required":true,"description":"The ID (UUID) of the IPSecGateway."},{"name":"tunnelId","in":"path","schema":{"type":"string","format":"uuid"},"required":true,"description":"The ID (UUID) of the IPSecTunnel."}],"responses":{"200":{"description":"Getting IPSecTunnel was successful.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/IPSecTunnelRead"}}}},"400":{"$ref":"#/components/responses/BadRequest"},"401":{"$ref":"#/components/responses/Unauthorized"},"403":{"$ref":"#/components/responses/NotAllowed"},"404":{"$ref":"#/components/responses/NotFound"},"429":{"$ref":"#/components/responses/TooManyRequests"},"500":{"$ref":"#/components/responses/InternalError"},"503":{"$ref":"#/components/responses/ServiceUnavailable"},"default":{"$ref":"#/components/responses/UnexpectedError"}}}}}}
```

## Ensure IPSecTunnel

> Ensures that the IPSecTunnel with the provided ID is created or modified.\
> The full IPSecTunnel needs to be provided to ensure\
> (either update or create) the IPSecTunnel. Non present data will\
> only be filled with defaults or left empty, but not take\
> previous values into consideration.<br>

```json
{"openapi":"3.0.3","info":{"title":"IONOS Cloud VPN Gateway API","version":"1.0.0"},"tags":[{"name":"IPSecTunnels","description":"Operations to create and manage IPSec VPN Gateway Tunnels.\n\nThis tag groups all operations for ipsectunnels.\n"}],"servers":[{"url":"https://vpn.de-fra.ionos.com","description":"Production de-fra"},{"url":"https://vpn.de-txl.ionos.com","description":"Production de-txl"},{"url":"https://vpn.es-vit.ionos.com","description":"Production es-vit"},{"url":"https://vpn.gb-bhx.ionos.com","description":"Production gb-bhx"},{"url":"https://vpn.gb-lhr.ionos.com","description":"Production gb-lhr"},{"url":"https://vpn.us-ewr.ionos.com","description":"Production us-ewr"},{"url":"https://vpn.us-las.ionos.com","description":"Production us-las"},{"url":"https://vpn.us-mci.ionos.com","description":"Production us-mci"},{"url":"https://vpn.fr-par.ionos.com","description":"Production fr-par"}],"security":[{"tokenAuth":[]}],"components":{"securitySchemes":{"tokenAuth":{"type":"http","scheme":"bearer","bearerFormat":"JWT","description":"The token can be generated using the \n[Authentication API](https://api.ionos.com/docs/authentication/v1/#tag/tokens/operation/tokensGenerate).\n"}},"schemas":{"IPSecTunnelEnsure":{"type":"object","required":["id","properties"],"properties":{"id":{"type":"string","description":"The ID (UUID) of the IPSecTunnel.","format":"uuid"},"metadata":{"description":"Metadata","additionalProperties":true},"properties":{"$ref":"#/components/schemas/IPSecTunnel"}}},"IPSecTunnel":{"description":"Properties with all data needed to create a new IPSec Gateway Tunnel.\\\n__Note__: there is a limit to the total number of tunnels.  Please refer to product documentation.\n","required":["name","remoteHost","auth","cloudNetworkCIDRs","peerNetworkCIDRs","ike","esp"],"type":"object","properties":{"name":{"type":"string","description":"The human readable name of your IPSec Gateway Tunnel.","maxLength":255},"description":{"type":"string","description":"Human readable description of the IPSec Gateway Tunnel.","maxLength":1024},"remoteHost":{"type":"string","description":"The remote peer host fully qualified domain name or IPV4 IP to connect to.\n* __Note__: This should be the public IP of the remote peer.\n* Tunnels only support IPV4 or hostname (fully qualified DNS name).\n","anyOf":[{"format":"ipv4"},{"format":"hostname"}]},"auth":{"$ref":"#/components/schemas/IPSecTunnelAuth"},"ike":{"$ref":"#/components/schemas/IKEEncryption"},"esp":{"$ref":"#/components/schemas/ESPEncryption"},"cloudNetworkCIDRs":{"type":"array","minItems":1,"maxItems":20,"description":"The network CIDRs on the \"Left\" side that are allowed to connect to the IPSec tunnel,\ni.e the CIDRs within your IONOS Cloud LAN.  Specify \"0.0.0.0/0\" or \"::/0\" for all addresses.\n","items":{"$ref":"#/components/schemas/CIDR"}},"peerNetworkCIDRs":{"type":"array","minItems":1,"maxItems":20,"description":"The network CIDRs on the \"Right\" side that are allowed to connect to the IPSec tunnel.  Specify \"0.0.0.0/0\" or \"::/0\" for all addresses.","items":{"$ref":"#/components/schemas/CIDR"}}}},"IPSecTunnelAuth":{"description":"Properties with all data needed to define IPSec Authentication.\n","required":["method"],"type":"object","properties":{"method":{"type":"string","description":"The Authentication Method to use for IPSec Authentication.\\\nOptions:\n  - PSK\n","default":"PSK"},"psk":{"$ref":"#/components/schemas/IPSecPSK"}}},"IPSecPSK":{"description":"Properties with all data needed to define IPSec Authentication PSK. This is required if the method is PSK.\n","required":["key"],"type":"object","properties":{"key":{"type":"string","writeOnly":true,"description":"The Pre-Shared Key used for IPSec Authentication."}}},"IKEEncryption":{"type":"object","description":"Settings for the initial security exchange phase.","properties":{"diffieHellmanGroup":{"allOf":[{"$ref":"#/components/schemas/DiffieHellmanGroup"}]},"encryptionAlgorithm":{"allOf":[{"$ref":"#/components/schemas/EncryptionAlgorithm"}]},"integrityAlgorithm":{"allOf":[{"$ref":"#/components/schemas/IntegrityAlgorithm"}]},"lifetime":{"type":"integer","description":"The phase lifetime in seconds.","default":86400,"minimum":3600,"maximum":86400}}},"DiffieHellmanGroup":{"type":"string","description":"The Diffie-Hellman Group to use for IPSec Encryption.\\\nOptions:\n  - 15-MODP3072\n  - 16-MODP4096\n  - 19-ECP256\n  - 20-ECP384\n  - 21-ECP521\n  - 28-ECP256BP\n  - 29-ECP384BP\n  - 30-ECP512BP\n","default":"16-MODP4096"},"EncryptionAlgorithm":{"type":"string","description":"The encryption algorithm to use for IPSec Encryption.\\\nOptions:\n- AES128-CTR\n- AES256-CTR\n- AES128-GCM-16\n- AES256-GCM-16\n- AES128-GCM-12\n- AES256-GCM-12\n- AES128-CCM-12\n- AES256-CCM-12\n- AES128\n- AES256\n","default":"AES256"},"IntegrityAlgorithm":{"type":"string","description":"The integrity algorithm to use for IPSec Encryption.\\\nOptions:\n- SHA256\n- SHA384\n- SHA512\n- AES-XCBC\n","default":"SHA256"},"ESPEncryption":{"type":"object","description":"Settings for the IPSec SA (ESP) phase.","properties":{"diffieHellmanGroup":{"allOf":[{"$ref":"#/components/schemas/DiffieHellmanGroup"}]},"encryptionAlgorithm":{"allOf":[{"$ref":"#/components/schemas/EncryptionAlgorithm"}]},"integrityAlgorithm":{"allOf":[{"$ref":"#/components/schemas/IntegrityAlgorithm"}]},"lifetime":{"type":"integer","description":"The phase lifetime in seconds.","default":3600,"minimum":600,"maximum":14400}}},"CIDR":{"type":"string","anyOf":[{"$ref":"#/components/schemas/IPV4CIDR"},{"$ref":"#/components/schemas/IPV6CIDR"}]},"IPV4CIDR":{"type":"string","pattern":"^((([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5]))\\/([0-9]|[1-2][0-9]|3[0-2])$","description":"Describes a range of IP V4 addresses in CIDR notation.\n"},"IPV6CIDR":{"type":"string","pattern":"^(([0-9a-fA-F]{1,4}:){7,7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|:((:[0-9a-fA-F]{1,4}){1,7}|:))\\/([0-9]|[0-9][0-9]|1[0-1][0-9]|12[0-8])$","description":"Describes a range of IP V6 addresses in CIDR notation.\n"},"IPSecTunnelRead":{"type":"object","required":["id","type","href","metadata","properties"],"properties":{"id":{"type":"string","description":"The ID (UUID) of the IPSecTunnel.","format":"uuid"},"type":{"description":"The type of the resource.","type":"string","enum":["ipsectunnel"]},"href":{"description":"The URL of the IPSecTunnel.","type":"string"},"metadata":{"$ref":"#/components/schemas/IPSecTunnelMetadata"},"properties":{"$ref":"#/components/schemas/IPSecTunnel"}}},"IPSecTunnelMetadata":{"description":"IPSec Tunnel Metadata","readOnly":true,"allOf":[{"$ref":"#/components/schemas/Metadata"},{"$ref":"#/components/schemas/ResourceStatus"}]},"Metadata":{"type":"object","description":"Metadata of the resource.","properties":{"createdDate":{"type":"string","format":"date-time","description":"The ISO 8601 creation timestamp.","readOnly":true},"createdBy":{"type":"string","description":"Unique name of the identity that created the resource.","readOnly":true},"createdByUserId":{"type":"string","description":"Unique id of the identity that created the resource.","readOnly":true},"lastModifiedDate":{"type":"string","format":"date-time","description":"The ISO 8601 modified timestamp.","readOnly":true},"lastModifiedBy":{"type":"string","description":"Unique name of the identity that last modified the resource.","readOnly":true},"lastModifiedByUserId":{"type":"string","description":"Unique id of the identity that last modified the resource.","readOnly":true},"resourceURN":{"type":"string","description":"Unique name of the resource.","readOnly":true}}},"ResourceStatus":{"type":"object","description":"The current status of the resource.","required":["status"],"properties":{"status":{"$ref":"#/components/schemas/Status"},"statusMessage":{"$ref":"#/components/schemas/StatusMessage"}}},"Status":{"type":"string","description":"The current status of the resource. The status can be:\n\n* `AVAILABLE` - resource exists and is healthy.\n* `PROVISIONING` - resource is being created or updated.\n* `DESTROYING` - delete command was issued, the resource is being deleted.\n* `FAILED`: - resource failed, details in `statusMessage`.\n","readOnly":true},"StatusMessage":{"type":"string","description":"The message of the failure if the status is `FAILED`.\n","readOnly":true},"Error":{"description":"The Error object is used to represent an error response from the API.\n","type":"object","properties":{"httpStatus":{"type":"integer","description":"The HTTP status code of the operation."},"messages":{"type":"array","description":"A list of error messages.\n","items":{"type":"object","properties":{"errorCode":{"type":"string","description":"Application internal error code\n"},"message":{"type":"string","description":"A human readable explanation specific to this occurrence of the\nproblem.\n"}}}}}}},"responses":{"BadRequest":{"description":"### Bad Request\nThe request send to the API was malformed.\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}}},"Unauthorized":{"description":"### Unauthorized\nThe request is missing authorization information or the authorization information provided are expired.\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}}},"NotAllowed":{"description":"### Not Allowed\nThe user issuing the request does not have the needed permissions.\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}}},"NotFound":{"description":"### Not Found\nThe resource that was requested could not be found.\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}}},"Conflict":{"description":"### Conflict\nThe UUID is already taken by another party, follow the guides to generate UUIDs uniquely.\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}}},"UnsupportedMediaType":{"description":"### Unsupported Media Type\nThe request has an unsupported media type.\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}}},"UnprocessableEntity":{"description":"### Unprocessable Entity\nThe request was well-formed but was unable to be followed due to semantic errors.\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}}},"TooManyRequests":{"description":"### Too Many Requests\nThe user has sent too many requests in a given amount of time.\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}}},"InternalError":{"description":"### Internal Server Error\nAn internal error occurred. We apologize for the inconvenience!\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}}},"ServiceUnavailable":{"description":"### Service Unavailable\nThe server is currently unable to handle the request due to a temporary overloading or maintenance of the server.\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}}},"UnexpectedError":{"description":"### Unexpected Internal Server Error\nAn unexpected internal error occurred. We apologize for the inconvenience!\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}}}}},"paths":{"/ipsecgateways/{gatewayId}/tunnels/{tunnelId}":{"put":{"operationId":"ipsecgatewaysTunnelsPut","summary":"Ensure IPSecTunnel","tags":["IPSecTunnels"],"description":"Ensures that the IPSecTunnel with the provided ID is created or modified.\nThe full IPSecTunnel needs to be provided to ensure\n(either update or create) the IPSecTunnel. Non present data will\nonly be filled with defaults or left empty, but not take\nprevious values into consideration.\n","parameters":[{"name":"gatewayId","in":"path","schema":{"type":"string","format":"uuid"},"required":true,"description":"The ID (UUID) of the IPSecGateway."},{"name":"tunnelId","in":"path","schema":{"type":"string","format":"uuid"},"required":true,"description":"The ID (UUID) of the IPSecTunnel."}],"requestBody":{"description":"update IPSecTunnel","required":true,"content":{"application/json":{"schema":{"$ref":"#/components/schemas/IPSecTunnelEnsure"}}}},"responses":{"200":{"description":"IPSecTunnel successfully updated.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/IPSecTunnelRead"}}}},"201":{"description":"IPSecTunnel successfully ensured.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/IPSecTunnelRead"}}}},"400":{"$ref":"#/components/responses/BadRequest"},"401":{"$ref":"#/components/responses/Unauthorized"},"403":{"$ref":"#/components/responses/NotAllowed"},"404":{"$ref":"#/components/responses/NotFound"},"409":{"$ref":"#/components/responses/Conflict"},"415":{"$ref":"#/components/responses/UnsupportedMediaType"},"422":{"$ref":"#/components/responses/UnprocessableEntity"},"429":{"$ref":"#/components/responses/TooManyRequests"},"500":{"$ref":"#/components/responses/InternalError"},"503":{"$ref":"#/components/responses/ServiceUnavailable"},"default":{"$ref":"#/components/responses/UnexpectedError"}}}}}}
```

## Delete IPSecTunnel

> Deletes the specified IPSecTunnel.

```json
{"openapi":"3.0.3","info":{"title":"IONOS Cloud VPN Gateway API","version":"1.0.0"},"tags":[{"name":"IPSecTunnels","description":"Operations to create and manage IPSec VPN Gateway Tunnels.\n\nThis tag groups all operations for ipsectunnels.\n"}],"servers":[{"url":"https://vpn.de-fra.ionos.com","description":"Production de-fra"},{"url":"https://vpn.de-txl.ionos.com","description":"Production de-txl"},{"url":"https://vpn.es-vit.ionos.com","description":"Production es-vit"},{"url":"https://vpn.gb-bhx.ionos.com","description":"Production gb-bhx"},{"url":"https://vpn.gb-lhr.ionos.com","description":"Production gb-lhr"},{"url":"https://vpn.us-ewr.ionos.com","description":"Production us-ewr"},{"url":"https://vpn.us-las.ionos.com","description":"Production us-las"},{"url":"https://vpn.us-mci.ionos.com","description":"Production us-mci"},{"url":"https://vpn.fr-par.ionos.com","description":"Production fr-par"}],"security":[{"tokenAuth":[]}],"components":{"securitySchemes":{"tokenAuth":{"type":"http","scheme":"bearer","bearerFormat":"JWT","description":"The token can be generated using the \n[Authentication API](https://api.ionos.com/docs/authentication/v1/#tag/tokens/operation/tokensGenerate).\n"}},"responses":{"BadRequest":{"description":"### Bad Request\nThe request send to the API was malformed.\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}}},"Unauthorized":{"description":"### Unauthorized\nThe request is missing authorization information or the authorization information provided are expired.\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}}},"NotAllowed":{"description":"### Not Allowed\nThe user issuing the request does not have the needed permissions.\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}}},"NotFound":{"description":"### Not Found\nThe resource that was requested could not be found.\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}}},"TooManyRequests":{"description":"### Too Many Requests\nThe user has sent too many requests in a given amount of time.\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}}},"InternalError":{"description":"### Internal Server Error\nAn internal error occurred. We apologize for the inconvenience!\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}}},"ServiceUnavailable":{"description":"### Service Unavailable\nThe server is currently unable to handle the request due to a temporary overloading or maintenance of the server.\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}}},"UnexpectedError":{"description":"### Unexpected Internal Server Error\nAn unexpected internal error occurred. We apologize for the inconvenience!\n","content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}}}},"schemas":{"Error":{"description":"The Error object is used to represent an error response from the API.\n","type":"object","properties":{"httpStatus":{"type":"integer","description":"The HTTP status code of the operation."},"messages":{"type":"array","description":"A list of error messages.\n","items":{"type":"object","properties":{"errorCode":{"type":"string","description":"Application internal error code\n"},"message":{"type":"string","description":"A human readable explanation specific to this occurrence of the\nproblem.\n"}}}}}}}},"paths":{"/ipsecgateways/{gatewayId}/tunnels/{tunnelId}":{"delete":{"operationId":"ipsecgatewaysTunnelsDelete","summary":"Delete IPSecTunnel","tags":["IPSecTunnels"],"description":"Deletes the specified IPSecTunnel.","parameters":[{"name":"gatewayId","in":"path","schema":{"type":"string","format":"uuid"},"required":true,"description":"The ID (UUID) of the IPSecGateway."},{"name":"tunnelId","in":"path","schema":{"type":"string","format":"uuid"},"required":true,"description":"The ID (UUID) of the IPSecTunnel."}],"responses":{"202":{"description":"Deleting IPSecTunnel was successful."},"400":{"$ref":"#/components/responses/BadRequest"},"401":{"$ref":"#/components/responses/Unauthorized"},"403":{"$ref":"#/components/responses/NotAllowed"},"404":{"$ref":"#/components/responses/NotFound"},"429":{"$ref":"#/components/responses/TooManyRequests"},"500":{"$ref":"#/components/responses/InternalError"},"503":{"$ref":"#/components/responses/ServiceUnavailable"},"default":{"$ref":"#/components/responses/UnexpectedError"}}}}}}
```