Versions Compared

Old Version 13

changes.mady.by.user ruoyu.ying

Saved on

compared with

New Version 14

changes.mady.by.user ruoyu.ying

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
languageyml
titleSDEWAN IPSec CRD
apiVersion: sdewan.akraino.org/v1alpha1 
kind: IPSecSite 
metadata: 
  name: site1 
spec:
  node: node1
  gateway: 10.0.1.1
  pre_shared_key:
  auth_method: psk
  local_identifier: "C=CH, O=strongSwan, CN=peer"
  remote_identifier: "C=CH, O=strongSwan, CN=peerB"
  crypto_proposal: "proposal1"
  force_crypto_proposal: true
  connection:
  - type: tunnel/transport
    mode: start
    local_subnet: 192.168.1.1/24
    local_nat:
    local_sourceip: 10.0.1.1
    local_updown: 
    local_firewall:
    remote_subnet: 192.168.0.1/24
    remote_sourceip: 10.0.1.2
    remote_updown:
    remote_firewall:
    keyexchange: "ikev2"
    inactivity: 30m
    crypto_proposal: "proposal1 proposal2"
  proposal:
  - encryption_algorithm: aes128
    hash_algorithm: sha256
    dh_group: modp3072

IPSec Rest API

SD-EWAN IPSec Restful API provides support to get/create/update/delete IPSec Site, Proposal.

...