com.iland.core.web.rest.response.nsx

Class EdgeGatewayIPsecResponse.Site

java.lang.Object

com.iland.core.web.rest.response.nsx.EdgeGatewayIPsecResponse.Site

Enclosing class:

EdgeGatewayIPsecResponse

public static class EdgeGatewayIPsecResponse.Site
extends Object

IPsec VPN Site.

Nested Class Summary

Nested Classes

Modifier and Type	Class and Description
static class	EdgeGatewayIPsecResponse.Site.TunnelInterface Tunnel Interface.

Constructor Summary

Constructors

Constructor and Description

Site(boolean enabled, String name, String localId, String localIp, String peerId, String peerIp, IPsecSessionType ipsecSessionType, IPsecEncryptionAlgorithmType encryptionAlgorithm, boolean enablePfs, String dhGroup, List<String> localSubnets, List<String> peerSubnets, String psk, String authenticationMode, String extension, IPsecIkeOptionType ikeOption, IPsecDigestAlgorithmType digestAlgorithm, boolean responderOnly, EdgeGatewayIPsecResponse.Site.TunnelInterface tunnelInterface) Instantiates a new IPsec VPN Site.

Method Summary

Modifier and Type	Method and Description
String	getAuthenticationMode() Gets authentication mode.
String	getDhGroup() Gets dh group.
IPsecDigestAlgorithmType	getDigestAlgorithm() Gets digest algorithm.
IPsecEncryptionAlgorithmType	getEncryptionAlgorithm() Gets encryption algorithm.
String	getExtension() Gets extension.
IPsecIkeOptionType	getIkeOption() Gets ike option.
IPsecSessionType	getIPsecSessionType() Gets IPsec session type.
String	getLocalId() Gets local Id.
String	getLocalIp() Gets local Ip.
List<String>	getLocalSubnets() Gets local subnets.
String	getName() Gets name.
String	getPeerId() Gets peer Id.
String	getPeerIp() Gets peer Ip.
List<String>	getPeerSubnets() Gets peer subnets.
String	getPsk() Gets psk.
EdgeGatewayIPsecResponse.Site.TunnelInterface	getTunnelInterface() Gets tunnel interface.
boolean	isEnabled() Gets enabled.
boolean	isEnablePfs() Gets enable Pfs.
boolean	isResponderOnly() Gets responder only.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

Site

public Site(boolean enabled,
            String name,
            String localId,
            String localIp,
            String peerId,
            String peerIp,
            IPsecSessionType ipsecSessionType,
            IPsecEncryptionAlgorithmType encryptionAlgorithm,
            boolean enablePfs,
            String dhGroup,
            List<String> localSubnets,
            List<String> peerSubnets,
            String psk,
            String authenticationMode,
            String extension,
            IPsecIkeOptionType ikeOption,
            IPsecDigestAlgorithmType digestAlgorithm,
            boolean responderOnly,
            EdgeGatewayIPsecResponse.Site.TunnelInterface tunnelInterface)

Instantiates a new IPsec VPN Site.

Parameters:

enabled - the enabled

name - the name

localId - the local Id

localIp - the local Ip

peerId - the peer Id

peerIp - the peer Ip

ipsecSessionType - the IPsec session type

encryptionAlgorithm - the encryption algorithm

enablePfs - the enable PFS

dhGroup - the dh group

localSubnets - the local subnets

peerSubnets - the peer subnets

psk - the psk

authenticationMode - the authentication mode

extension - the extension

ikeOption - the ike option

digestAlgorithm - the digest algorithm

responderOnly - the responder only

tunnelInterface - the tunnel interface

Method Detail

isEnabled

public boolean isEnabled()

Gets enabled. Default: True.

Returns:

the boolean

getName

public String getName()

Gets name.

Returns:

String the name

getLocalId

public String getLocalId()

Gets local Id.

Enter the IP address of the NSX Edge instance

Returns:

String the localId

getLocalIp

public String getLocalIp()

Gets local Ip.

Enter the IP address of the local endpoint

Returns:

String the localIp

getPeerId

public String getPeerId()

Gets peer Id.

Enter the peer ID to uniquely identify the peer site. This should be a Distinguishing Name (DN) if authentication mode is x.509

Returns:

String the peerId

getPeerIp

public String getPeerIp()

Gets peer Ip.

Enter the IP address of the peer endpoint

Returns:

String the peerIp

getIPsecSessionType

public IPsecSessionType getIPsecSessionType()

Gets IPsec session type.

Configure whether the site is used for policy-based VPN or route-based VPN. Default value is policybasedsession

Returns:

IPsecSessionType the ipsecSessionType

getEncryptionAlgorithm

public IPsecEncryptionAlgorithmType getEncryptionAlgorithm()

Gets encryption algorithm.

Encryption algorithm for communication. Default is AES

Returns:

IPsecEncryptionAlgorithmType the encryptionAlgorithm

isEnablePfs

public boolean isEnablePfs()

Gets enable Pfs.

Perfect Forward Secrecy (PFS) ensures that each new cryptographic key is unrelated to any previous key. Default is True

Returns:

the boolean

getDhGroup

public String getDhGroup()

Gets dh group.

In Diffie-Hellman (DH) Group, select the cryptography scheme that will allow the peer site and the NSX Edge to establish a shared secret over an insecure communications channel. dh14 is selected by default

Returns:

String the dhGroup

getLocalSubnets

public List<String> getLocalSubnets()

Gets local subnets.

The subnets to share between the sites in CIDR format. Required if ipsecSessionType parameter value is policybasedsession. For route-based IPSec site, the default and only valid subnet is 0.0.0.0/0

Returns:

List of String the localSubents

getPeerSubnets

public List<String> getPeerSubnets()

Gets peer subnets.

The subnets to share between the sites in CIDR format. Required if ipsecSessionType parameter value is policybasedsession. For route-based IPSec site, the default and only valid subnet is 0.0.0.0/0

Returns:

List of String the peerSubnets

getPsk

public String getPsk()

Gets psk.

Indicates that the secret key shared between NSX Edge and the peer site is to be used for authentication. Required when site > AuthenticationMode is specified psk. Optional only when peerIp is specified as Any in site configuration

Returns:

String the psk

getAuthenticationMode

public String getAuthenticationMode()

Gets authentication mode.

Select authentication mode as psk or x.509

Returns:

String the authenticationMode

getExtension

public String getExtension()

Gets extension.

Configurable per site level: securelocaltrafficbyip= and passthroughSubnets=. By default, securelocaltrafficbyip= is enabled and set to one of the local IP addresses configured on the local subnets of Edge. To disable securelocaltrafficbyip=, replace with securelocaltrafficbyip=0. Users can explicitly set this value to one of the other local IP addresses configured in the local subnets of Edge. passthroughSubnets is used to exclude specific subnets from VPN policy enforcement if they overlap with the peerSubnets configured for the same site

Returns:

String the extension

getIkeOption

public IPsecIkeOptionType getIkeOption()

Gets ike option.

IKE protocol version to be used. Use IKEFlex to always initiate using IKEv2, and while responding accept any of IKEv1 and IKEv2. Default is IKEv1

Returns:

IPsecIkeOptionType the ikeOption

getDigestAlgorithm

public IPsecDigestAlgorithmType getDigestAlgorithm()

Gets digest algorithm.

Secure Hashing Algorithm (SHA) used for digitial signatures. Default is sha1

Returns:

IPsecDigestAlgorithmType the digestAlgorithm

isResponderOnly

public boolean isResponderOnly()

Gets responder only.

When set to true, the edge doesn't initiate negotiation, instead it waits for peer to initiate negotiation. Default is False

Returns:

the boolean

getTunnelInterface

public EdgeGatewayIPsecResponse.Site.TunnelInterface getTunnelInterface()

Gets tunnel interface.

Configure tunnel interface parameters. Required if ipsecSessionType parameter value is routebasedsession

Returns:

EdgeGatewayIPsecResponse.Site.TunnelInterface the tunnelInterface