# Retrieve IPSec Tunnel

Returns the IPSec Tunnel by ID.

To retrieve the IPSec Tunnel, perform a `GET` request.

## Endpoint

Use a [<mark style="color:blue;">region-specific</mark>](https://docs.ionos.com/sections-test/guides/network-services/vpn-gateway/api-how-tos/..#endpoints) endpoint to retrieve IPSec Tunnel: `https://vpn.{region}.ionos.com/ipsecgateways/{gatewayId}/tunnels/{tunnelId}`.

## Request

```bash
curl --location \
--request GET 'https://vpn.de-fra.ionos.coms/ipsecgateways/66a114c7-2ddd-5119-9ddf-5a789f5a5a44/tunnels/c28b2d3e-7b15-53ca-ae88-6ae9378d6efe' \
--header 'Authorization: Bearer eyJ0eXAiOiJKV1QiLCJraWQiO'
```

{% tabs %}
{% tab title="Path Parameters" %}
You can update the `gatewayId` and `tunnelId` values to get a specific IPSec Tunnel for a given gateway:

| Path Parameter | Type   | Description                         | Example                                |
| -------------- | ------ | ----------------------------------- | -------------------------------------- |
| **gatewayId**  | string | The ID (UUID) of the IPSec Gateway. | `66a114c7-2ddd-5119-9ddf-5a789f5a5a44` |
| **tunnelId**   | string | The ID (UUID) of the IPSec Tunnel.  | `c28b2d3e-7b15-53ca-ae88-6ae9378d6efe` |
| {% endtab %}   |        |                                     |                                        |

{% tab title="Request Header Parameters" %}
To make authenticated requests to the API, the following fields are mandatory in the request header:

| Header Parameter | Required | Type   | Description                                                                       |
| ---------------- | -------- | ------ | --------------------------------------------------------------------------------- |
| `Authorization`  | yes      | string | The Bearer token to enable requests to authenticate using a JSON Web Token (JWT). |
| `Content-Type`   | no       | string | Set this to `application/json`.                                                   |
| {% endtab %}     |          |        |                                                                                   |
| {% endtabs %}    |          |        |                                                                                   |

## Response

**200 Successful operation**

```json
{
  "id": "c28b2d3e-7b15-53ca-ae88-6ae9378d6efe",
  "type": "ipsectunnel",
  "href": "/ipsecgateways/{gatewayId}/tunnels/c28b2d3e-7b15-53ca-ae88-6ae9378d6efe",
  "metadata": {
    "createdDate": "2020-12-10T13:37:50+01:00",
    "createdBy": "ionos:identity:::users/87f9a82e-b28d-49ed-9d04-fba2c0459cd3",
    "createdByUserId": "87f9a82e-b28d-49ed-9d04-fba2c0459cd3",
    "lastModifiedDate": "2020-12-11T13:37:50+01:00",
    "lastModifiedBy": "ionos:identity:::users/87f9a82e-b28d-49ed-9d04-fba2c0459cd3",
    "lastModifiedByUserId": "87f9a82e-b28d-49ed-9d04-fba2c0459cd3",
    "resourceURN": "ionos:<product>:<location>:<contract>:<resource-path>",
    "status": "AVAILABLE",
    "statusMessage": null
  },
  "properties": {
    "name": "My Company Gateway Tunnel",
    "description": "Allows local subnet X to connect to virtual network Y.",
    "remoteHost": "vpn.mycompany.com",
    "auth": {
      "method": "PSK",
      "psk": {}
    },
    "ike": {
      "diffieHellmanGroup": "16-MODP4096",
      "encryptionAlgorithm": "AES256",
      "integrityAlgorithm": "SHA256",
      "lifetime": 86400
    },
    "esp": {
      "diffieHellmanGroup": "16-MODP4096",
      "encryptionAlgorithm": "AES256",
      "integrityAlgorithm": "SHA256",
      "lifetime": 3600
    },
    "cloudNetworkCIDRs": [
      "203.0.113.0/24"
    ],
    "peerNetworkCIDRs": [
      "198.51.100.0/24"
    ]
  }
}
```

{% hint style="success" %}
**Result:** The IPSec Tunnel and its details for the specified `gatewayId` and `tunnelId` are successfully obtained.
{% endhint %}