1. Packages
  2. F5 BIG-IP
  3. API Docs
  4. NetIkePeer
f5 BIG-IP v3.17.2 published on Wednesday, Jun 26, 2024 by Pulumi

f5bigip.NetIkePeer

Explore with Pulumi AI

f5bigip logo
f5 BIG-IP v3.17.2 published on Wednesday, Jun 26, 2024 by Pulumi

    f5bigip.NetIkePeer Manages a ike_peer configuration

    Example Usage

    Coming soon!
    
    Coming soon!
    
    Coming soon!
    
    Coming soon!
    
    Coming soon!
    
    resources:
      example1:
        type: f5bigip:NetIkePeer
        properties:
          name: example1
          localAddress: 192.16.81.240
          profile: /Common/dslite
    

    Create NetIkePeer Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new NetIkePeer(name: string, args: NetIkePeerArgs, opts?: CustomResourceOptions);
    @overload
    def NetIkePeer(resource_name: str,
                   args: NetIkePeerArgs,
                   opts: Optional[ResourceOptions] = None)
    
    @overload
    def NetIkePeer(resource_name: str,
                   opts: Optional[ResourceOptions] = None,
                   name: Optional[str] = None,
                   remote_address: Optional[str] = None,
                   peers_cert_file: Optional[str] = None,
                   traffic_selectors: Optional[Sequence[str]] = None,
                   dpd_delay: Optional[int] = None,
                   generate_policy: Optional[str] = None,
                   lifetime: Optional[int] = None,
                   mode: Optional[str] = None,
                   peers_id_type: Optional[str] = None,
                   my_cert_key_file: Optional[str] = None,
                   my_cert_key_passphrase: Optional[str] = None,
                   my_id_type: Optional[str] = None,
                   my_id_value: Optional[str] = None,
                   crl_file: Optional[str] = None,
                   nat_traversal: Optional[str] = None,
                   passive: Optional[str] = None,
                   versions: Optional[Sequence[str]] = None,
                   description: Optional[str] = None,
                   my_cert_file: Optional[str] = None,
                   peers_id_value: Optional[str] = None,
                   phase1_auth_method: Optional[str] = None,
                   phase1_encrypt_algorithm: Optional[str] = None,
                   phase1_hash_algorithm: Optional[str] = None,
                   phase1_perfect_forward_secrecy: Optional[str] = None,
                   preshared_key: Optional[str] = None,
                   preshared_key_encrypted: Optional[str] = None,
                   prf: Optional[str] = None,
                   proxy_support: Optional[str] = None,
                   ca_cert_file: Optional[str] = None,
                   replay_window_size: Optional[int] = None,
                   state: Optional[str] = None,
                   peers_cert_type: Optional[str] = None,
                   verify_cert: Optional[str] = None,
                   app_service: Optional[str] = None)
    func NewNetIkePeer(ctx *Context, name string, args NetIkePeerArgs, opts ...ResourceOption) (*NetIkePeer, error)
    public NetIkePeer(string name, NetIkePeerArgs args, CustomResourceOptions? opts = null)
    public NetIkePeer(String name, NetIkePeerArgs args)
    public NetIkePeer(String name, NetIkePeerArgs args, CustomResourceOptions options)
    
    type: f5bigip:NetIkePeer
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args NetIkePeerArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args NetIkePeerArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args NetIkePeerArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args NetIkePeerArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args NetIkePeerArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Constructor example

    The following reference example uses placeholder values for all input properties.

    var netIkePeerResource = new F5BigIP.NetIkePeer("netIkePeerResource", new()
    {
        Name = "string",
        RemoteAddress = "string",
        PeersCertFile = "string",
        TrafficSelectors = new[]
        {
            "string",
        },
        DpdDelay = 0,
        GeneratePolicy = "string",
        Lifetime = 0,
        Mode = "string",
        PeersIdType = "string",
        MyCertKeyFile = "string",
        MyCertKeyPassphrase = "string",
        MyIdType = "string",
        MyIdValue = "string",
        CrlFile = "string",
        NatTraversal = "string",
        Passive = "string",
        Versions = new[]
        {
            "string",
        },
        Description = "string",
        MyCertFile = "string",
        PeersIdValue = "string",
        Phase1AuthMethod = "string",
        Phase1EncryptAlgorithm = "string",
        Phase1HashAlgorithm = "string",
        Phase1PerfectForwardSecrecy = "string",
        PresharedKey = "string",
        PresharedKeyEncrypted = "string",
        Prf = "string",
        ProxySupport = "string",
        CaCertFile = "string",
        ReplayWindowSize = 0,
        State = "string",
        PeersCertType = "string",
        VerifyCert = "string",
        AppService = "string",
    });
    
    example, err := f5bigip.NewNetIkePeer(ctx, "netIkePeerResource", &f5bigip.NetIkePeerArgs{
    	Name:          pulumi.String("string"),
    	RemoteAddress: pulumi.String("string"),
    	PeersCertFile: pulumi.String("string"),
    	TrafficSelectors: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	DpdDelay:            pulumi.Int(0),
    	GeneratePolicy:      pulumi.String("string"),
    	Lifetime:            pulumi.Int(0),
    	Mode:                pulumi.String("string"),
    	PeersIdType:         pulumi.String("string"),
    	MyCertKeyFile:       pulumi.String("string"),
    	MyCertKeyPassphrase: pulumi.String("string"),
    	MyIdType:            pulumi.String("string"),
    	MyIdValue:           pulumi.String("string"),
    	CrlFile:             pulumi.String("string"),
    	NatTraversal:        pulumi.String("string"),
    	Passive:             pulumi.String("string"),
    	Versions: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	Description:                 pulumi.String("string"),
    	MyCertFile:                  pulumi.String("string"),
    	PeersIdValue:                pulumi.String("string"),
    	Phase1AuthMethod:            pulumi.String("string"),
    	Phase1EncryptAlgorithm:      pulumi.String("string"),
    	Phase1HashAlgorithm:         pulumi.String("string"),
    	Phase1PerfectForwardSecrecy: pulumi.String("string"),
    	PresharedKey:                pulumi.String("string"),
    	PresharedKeyEncrypted:       pulumi.String("string"),
    	Prf:                         pulumi.String("string"),
    	ProxySupport:                pulumi.String("string"),
    	CaCertFile:                  pulumi.String("string"),
    	ReplayWindowSize:            pulumi.Int(0),
    	State:                       pulumi.String("string"),
    	PeersCertType:               pulumi.String("string"),
    	VerifyCert:                  pulumi.String("string"),
    	AppService:                  pulumi.String("string"),
    })
    
    var netIkePeerResource = new NetIkePeer("netIkePeerResource", NetIkePeerArgs.builder()
        .name("string")
        .remoteAddress("string")
        .peersCertFile("string")
        .trafficSelectors("string")
        .dpdDelay(0)
        .generatePolicy("string")
        .lifetime(0)
        .mode("string")
        .peersIdType("string")
        .myCertKeyFile("string")
        .myCertKeyPassphrase("string")
        .myIdType("string")
        .myIdValue("string")
        .crlFile("string")
        .natTraversal("string")
        .passive("string")
        .versions("string")
        .description("string")
        .myCertFile("string")
        .peersIdValue("string")
        .phase1AuthMethod("string")
        .phase1EncryptAlgorithm("string")
        .phase1HashAlgorithm("string")
        .phase1PerfectForwardSecrecy("string")
        .presharedKey("string")
        .presharedKeyEncrypted("string")
        .prf("string")
        .proxySupport("string")
        .caCertFile("string")
        .replayWindowSize(0)
        .state("string")
        .peersCertType("string")
        .verifyCert("string")
        .appService("string")
        .build());
    
    net_ike_peer_resource = f5bigip.NetIkePeer("netIkePeerResource",
        name="string",
        remote_address="string",
        peers_cert_file="string",
        traffic_selectors=["string"],
        dpd_delay=0,
        generate_policy="string",
        lifetime=0,
        mode="string",
        peers_id_type="string",
        my_cert_key_file="string",
        my_cert_key_passphrase="string",
        my_id_type="string",
        my_id_value="string",
        crl_file="string",
        nat_traversal="string",
        passive="string",
        versions=["string"],
        description="string",
        my_cert_file="string",
        peers_id_value="string",
        phase1_auth_method="string",
        phase1_encrypt_algorithm="string",
        phase1_hash_algorithm="string",
        phase1_perfect_forward_secrecy="string",
        preshared_key="string",
        preshared_key_encrypted="string",
        prf="string",
        proxy_support="string",
        ca_cert_file="string",
        replay_window_size=0,
        state="string",
        peers_cert_type="string",
        verify_cert="string",
        app_service="string")
    
    const netIkePeerResource = new f5bigip.NetIkePeer("netIkePeerResource", {
        name: "string",
        remoteAddress: "string",
        peersCertFile: "string",
        trafficSelectors: ["string"],
        dpdDelay: 0,
        generatePolicy: "string",
        lifetime: 0,
        mode: "string",
        peersIdType: "string",
        myCertKeyFile: "string",
        myCertKeyPassphrase: "string",
        myIdType: "string",
        myIdValue: "string",
        crlFile: "string",
        natTraversal: "string",
        passive: "string",
        versions: ["string"],
        description: "string",
        myCertFile: "string",
        peersIdValue: "string",
        phase1AuthMethod: "string",
        phase1EncryptAlgorithm: "string",
        phase1HashAlgorithm: "string",
        phase1PerfectForwardSecrecy: "string",
        presharedKey: "string",
        presharedKeyEncrypted: "string",
        prf: "string",
        proxySupport: "string",
        caCertFile: "string",
        replayWindowSize: 0,
        state: "string",
        peersCertType: "string",
        verifyCert: "string",
        appService: "string",
    });
    
    type: f5bigip:NetIkePeer
    properties:
        appService: string
        caCertFile: string
        crlFile: string
        description: string
        dpdDelay: 0
        generatePolicy: string
        lifetime: 0
        mode: string
        myCertFile: string
        myCertKeyFile: string
        myCertKeyPassphrase: string
        myIdType: string
        myIdValue: string
        name: string
        natTraversal: string
        passive: string
        peersCertFile: string
        peersCertType: string
        peersIdType: string
        peersIdValue: string
        phase1AuthMethod: string
        phase1EncryptAlgorithm: string
        phase1HashAlgorithm: string
        phase1PerfectForwardSecrecy: string
        presharedKey: string
        presharedKeyEncrypted: string
        prf: string
        proxySupport: string
        remoteAddress: string
        replayWindowSize: 0
        state: string
        trafficSelectors:
            - string
        verifyCert: string
        versions:
            - string
    

    NetIkePeer Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The NetIkePeer resource accepts the following input properties:

    Name string
    Name of the ike_peer
    RemoteAddress string
    Specifies the IP address of the IKE remote node
    AppService string
    The application service that the object belongs to
    CaCertFile string
    the trusted root and intermediate certificate authorities
    CrlFile string
    Specifies the file name of the Certificate Revocation List. Only supported in IKEv1
    Description string
    User defined description
    DpdDelay int
    Specifies the number of seconds between Dead Peer Detection messages
    GeneratePolicy string
    Enable or disable the generation of Security Policy Database entries(SPD) when the device is the responder of the IKE remote node
    Lifetime int
    Defines the lifetime in minutes of an IKE SA which will be proposed in the phase 1 negotiations
    Mode string
    Defines the exchange mode for phase 1 when racoon is the initiator, or the acceptable exchange mode when racoon is the responder
    MyCertFile string
    Specifies the name of the certificate file object
    MyCertKeyFile string
    Specifies the name of the certificate key file object
    MyCertKeyPassphrase string
    Specifies the passphrase of the key used for my-cert-key-file
    MyIdType string
    Specifies the identifier type sent to the remote host to use in the phase 1 negotiation
    MyIdValue string
    Specifies the identifier value sent to the remote host in the phase 1 negotiation
    NatTraversal string
    Enables use of the NAT-Traversal IPsec extension
    Passive string
    Specifies whether the local IKE agent can be the initiator of the IKE negotiation with this ike-peer
    PeersCertFile string
    Specifies the peer’s certificate for authentication
    PeersCertType string
    Specifies that the only peers-cert-type supported is certfile
    PeersIdType string
    Specifies which of address, fqdn, asn1dn, user-fqdn or keyid-tag types to use as peers-id-type
    PeersIdValue string
    Specifies the peer’s identifier to be received
    Phase1AuthMethod string
    Specifies the authentication method used for phase 1 negotiation
    Phase1EncryptAlgorithm string
    Specifies the encryption algorithm used for the isakmp phase 1 negotiation
    Phase1HashAlgorithm string
    Defines the hash algorithm used for the isakmp phase 1 negotiation
    Phase1PerfectForwardSecrecy string
    Defines the Diffie-Hellman group for key exchange to provide perfect forward secrecy
    PresharedKey string
    Specifies the preshared key for ISAKMP SAs
    PresharedKeyEncrypted string
    Display the encrypted preshared-key for the IKE remote node
    Prf string
    Specifies the pseudo-random function used to derive keying material for all cryptographic operations
    ProxySupport string
    If this value is enabled, both values of ID payloads in the phase 2 exchange are used as the addresses of end-point of IPsec-SAs
    ReplayWindowSize int
    Specifies the replay window size of the IPsec SAs negotiated with the IKE remote node
    State string
    Enables or disables this IKE remote node
    TrafficSelectors List<string>
    Specifies the names of the traffic-selector objects associated with this ike-peer
    VerifyCert string
    Specifies whether to verify the certificate chain of the remote peer based on the trusted certificates in ca-cert-file
    Versions List<string>
    Specifies which version of IKE to be used
    Name string
    Name of the ike_peer
    RemoteAddress string
    Specifies the IP address of the IKE remote node
    AppService string
    The application service that the object belongs to
    CaCertFile string
    the trusted root and intermediate certificate authorities
    CrlFile string
    Specifies the file name of the Certificate Revocation List. Only supported in IKEv1
    Description string
    User defined description
    DpdDelay int
    Specifies the number of seconds between Dead Peer Detection messages
    GeneratePolicy string
    Enable or disable the generation of Security Policy Database entries(SPD) when the device is the responder of the IKE remote node
    Lifetime int
    Defines the lifetime in minutes of an IKE SA which will be proposed in the phase 1 negotiations
    Mode string
    Defines the exchange mode for phase 1 when racoon is the initiator, or the acceptable exchange mode when racoon is the responder
    MyCertFile string
    Specifies the name of the certificate file object
    MyCertKeyFile string
    Specifies the name of the certificate key file object
    MyCertKeyPassphrase string
    Specifies the passphrase of the key used for my-cert-key-file
    MyIdType string
    Specifies the identifier type sent to the remote host to use in the phase 1 negotiation
    MyIdValue string
    Specifies the identifier value sent to the remote host in the phase 1 negotiation
    NatTraversal string
    Enables use of the NAT-Traversal IPsec extension
    Passive string
    Specifies whether the local IKE agent can be the initiator of the IKE negotiation with this ike-peer
    PeersCertFile string
    Specifies the peer’s certificate for authentication
    PeersCertType string
    Specifies that the only peers-cert-type supported is certfile
    PeersIdType string
    Specifies which of address, fqdn, asn1dn, user-fqdn or keyid-tag types to use as peers-id-type
    PeersIdValue string
    Specifies the peer’s identifier to be received
    Phase1AuthMethod string
    Specifies the authentication method used for phase 1 negotiation
    Phase1EncryptAlgorithm string
    Specifies the encryption algorithm used for the isakmp phase 1 negotiation
    Phase1HashAlgorithm string
    Defines the hash algorithm used for the isakmp phase 1 negotiation
    Phase1PerfectForwardSecrecy string
    Defines the Diffie-Hellman group for key exchange to provide perfect forward secrecy
    PresharedKey string
    Specifies the preshared key for ISAKMP SAs
    PresharedKeyEncrypted string
    Display the encrypted preshared-key for the IKE remote node
    Prf string
    Specifies the pseudo-random function used to derive keying material for all cryptographic operations
    ProxySupport string
    If this value is enabled, both values of ID payloads in the phase 2 exchange are used as the addresses of end-point of IPsec-SAs
    ReplayWindowSize int
    Specifies the replay window size of the IPsec SAs negotiated with the IKE remote node
    State string
    Enables or disables this IKE remote node
    TrafficSelectors []string
    Specifies the names of the traffic-selector objects associated with this ike-peer
    VerifyCert string
    Specifies whether to verify the certificate chain of the remote peer based on the trusted certificates in ca-cert-file
    Versions []string
    Specifies which version of IKE to be used
    name String
    Name of the ike_peer
    remoteAddress String
    Specifies the IP address of the IKE remote node
    appService String
    The application service that the object belongs to
    caCertFile String
    the trusted root and intermediate certificate authorities
    crlFile String
    Specifies the file name of the Certificate Revocation List. Only supported in IKEv1
    description String
    User defined description
    dpdDelay Integer
    Specifies the number of seconds between Dead Peer Detection messages
    generatePolicy String
    Enable or disable the generation of Security Policy Database entries(SPD) when the device is the responder of the IKE remote node
    lifetime Integer
    Defines the lifetime in minutes of an IKE SA which will be proposed in the phase 1 negotiations
    mode String
    Defines the exchange mode for phase 1 when racoon is the initiator, or the acceptable exchange mode when racoon is the responder
    myCertFile String
    Specifies the name of the certificate file object
    myCertKeyFile String
    Specifies the name of the certificate key file object
    myCertKeyPassphrase String
    Specifies the passphrase of the key used for my-cert-key-file
    myIdType String
    Specifies the identifier type sent to the remote host to use in the phase 1 negotiation
    myIdValue String
    Specifies the identifier value sent to the remote host in the phase 1 negotiation
    natTraversal String
    Enables use of the NAT-Traversal IPsec extension
    passive String
    Specifies whether the local IKE agent can be the initiator of the IKE negotiation with this ike-peer
    peersCertFile String
    Specifies the peer’s certificate for authentication
    peersCertType String
    Specifies that the only peers-cert-type supported is certfile
    peersIdType String
    Specifies which of address, fqdn, asn1dn, user-fqdn or keyid-tag types to use as peers-id-type
    peersIdValue String
    Specifies the peer’s identifier to be received
    phase1AuthMethod String
    Specifies the authentication method used for phase 1 negotiation
    phase1EncryptAlgorithm String
    Specifies the encryption algorithm used for the isakmp phase 1 negotiation
    phase1HashAlgorithm String
    Defines the hash algorithm used for the isakmp phase 1 negotiation
    phase1PerfectForwardSecrecy String
    Defines the Diffie-Hellman group for key exchange to provide perfect forward secrecy
    presharedKey String
    Specifies the preshared key for ISAKMP SAs
    presharedKeyEncrypted String
    Display the encrypted preshared-key for the IKE remote node
    prf String
    Specifies the pseudo-random function used to derive keying material for all cryptographic operations
    proxySupport String
    If this value is enabled, both values of ID payloads in the phase 2 exchange are used as the addresses of end-point of IPsec-SAs
    replayWindowSize Integer
    Specifies the replay window size of the IPsec SAs negotiated with the IKE remote node
    state String
    Enables or disables this IKE remote node
    trafficSelectors List<String>
    Specifies the names of the traffic-selector objects associated with this ike-peer
    verifyCert String
    Specifies whether to verify the certificate chain of the remote peer based on the trusted certificates in ca-cert-file
    versions List<String>
    Specifies which version of IKE to be used
    name string
    Name of the ike_peer
    remoteAddress string
    Specifies the IP address of the IKE remote node
    appService string
    The application service that the object belongs to
    caCertFile string
    the trusted root and intermediate certificate authorities
    crlFile string
    Specifies the file name of the Certificate Revocation List. Only supported in IKEv1
    description string
    User defined description
    dpdDelay number
    Specifies the number of seconds between Dead Peer Detection messages
    generatePolicy string
    Enable or disable the generation of Security Policy Database entries(SPD) when the device is the responder of the IKE remote node
    lifetime number
    Defines the lifetime in minutes of an IKE SA which will be proposed in the phase 1 negotiations
    mode string
    Defines the exchange mode for phase 1 when racoon is the initiator, or the acceptable exchange mode when racoon is the responder
    myCertFile string
    Specifies the name of the certificate file object
    myCertKeyFile string
    Specifies the name of the certificate key file object
    myCertKeyPassphrase string
    Specifies the passphrase of the key used for my-cert-key-file
    myIdType string
    Specifies the identifier type sent to the remote host to use in the phase 1 negotiation
    myIdValue string
    Specifies the identifier value sent to the remote host in the phase 1 negotiation
    natTraversal string
    Enables use of the NAT-Traversal IPsec extension
    passive string
    Specifies whether the local IKE agent can be the initiator of the IKE negotiation with this ike-peer
    peersCertFile string
    Specifies the peer’s certificate for authentication
    peersCertType string
    Specifies that the only peers-cert-type supported is certfile
    peersIdType string
    Specifies which of address, fqdn, asn1dn, user-fqdn or keyid-tag types to use as peers-id-type
    peersIdValue string
    Specifies the peer’s identifier to be received
    phase1AuthMethod string
    Specifies the authentication method used for phase 1 negotiation
    phase1EncryptAlgorithm string
    Specifies the encryption algorithm used for the isakmp phase 1 negotiation
    phase1HashAlgorithm string
    Defines the hash algorithm used for the isakmp phase 1 negotiation
    phase1PerfectForwardSecrecy string
    Defines the Diffie-Hellman group for key exchange to provide perfect forward secrecy
    presharedKey string
    Specifies the preshared key for ISAKMP SAs
    presharedKeyEncrypted string
    Display the encrypted preshared-key for the IKE remote node
    prf string
    Specifies the pseudo-random function used to derive keying material for all cryptographic operations
    proxySupport string
    If this value is enabled, both values of ID payloads in the phase 2 exchange are used as the addresses of end-point of IPsec-SAs
    replayWindowSize number
    Specifies the replay window size of the IPsec SAs negotiated with the IKE remote node
    state string
    Enables or disables this IKE remote node
    trafficSelectors string[]
    Specifies the names of the traffic-selector objects associated with this ike-peer
    verifyCert string
    Specifies whether to verify the certificate chain of the remote peer based on the trusted certificates in ca-cert-file
    versions string[]
    Specifies which version of IKE to be used
    name str
    Name of the ike_peer
    remote_address str
    Specifies the IP address of the IKE remote node
    app_service str
    The application service that the object belongs to
    ca_cert_file str
    the trusted root and intermediate certificate authorities
    crl_file str
    Specifies the file name of the Certificate Revocation List. Only supported in IKEv1
    description str
    User defined description
    dpd_delay int
    Specifies the number of seconds between Dead Peer Detection messages
    generate_policy str
    Enable or disable the generation of Security Policy Database entries(SPD) when the device is the responder of the IKE remote node
    lifetime int
    Defines the lifetime in minutes of an IKE SA which will be proposed in the phase 1 negotiations
    mode str
    Defines the exchange mode for phase 1 when racoon is the initiator, or the acceptable exchange mode when racoon is the responder
    my_cert_file str
    Specifies the name of the certificate file object
    my_cert_key_file str
    Specifies the name of the certificate key file object
    my_cert_key_passphrase str
    Specifies the passphrase of the key used for my-cert-key-file
    my_id_type str
    Specifies the identifier type sent to the remote host to use in the phase 1 negotiation
    my_id_value str
    Specifies the identifier value sent to the remote host in the phase 1 negotiation
    nat_traversal str
    Enables use of the NAT-Traversal IPsec extension
    passive str
    Specifies whether the local IKE agent can be the initiator of the IKE negotiation with this ike-peer
    peers_cert_file str
    Specifies the peer’s certificate for authentication
    peers_cert_type str
    Specifies that the only peers-cert-type supported is certfile
    peers_id_type str
    Specifies which of address, fqdn, asn1dn, user-fqdn or keyid-tag types to use as peers-id-type
    peers_id_value str
    Specifies the peer’s identifier to be received
    phase1_auth_method str
    Specifies the authentication method used for phase 1 negotiation
    phase1_encrypt_algorithm str
    Specifies the encryption algorithm used for the isakmp phase 1 negotiation
    phase1_hash_algorithm str
    Defines the hash algorithm used for the isakmp phase 1 negotiation
    phase1_perfect_forward_secrecy str
    Defines the Diffie-Hellman group for key exchange to provide perfect forward secrecy
    preshared_key str
    Specifies the preshared key for ISAKMP SAs
    preshared_key_encrypted str
    Display the encrypted preshared-key for the IKE remote node
    prf str
    Specifies the pseudo-random function used to derive keying material for all cryptographic operations
    proxy_support str
    If this value is enabled, both values of ID payloads in the phase 2 exchange are used as the addresses of end-point of IPsec-SAs
    replay_window_size int
    Specifies the replay window size of the IPsec SAs negotiated with the IKE remote node
    state str
    Enables or disables this IKE remote node
    traffic_selectors Sequence[str]
    Specifies the names of the traffic-selector objects associated with this ike-peer
    verify_cert str
    Specifies whether to verify the certificate chain of the remote peer based on the trusted certificates in ca-cert-file
    versions Sequence[str]
    Specifies which version of IKE to be used
    name String
    Name of the ike_peer
    remoteAddress String
    Specifies the IP address of the IKE remote node
    appService String
    The application service that the object belongs to
    caCertFile String
    the trusted root and intermediate certificate authorities
    crlFile String
    Specifies the file name of the Certificate Revocation List. Only supported in IKEv1
    description String
    User defined description
    dpdDelay Number
    Specifies the number of seconds between Dead Peer Detection messages
    generatePolicy String
    Enable or disable the generation of Security Policy Database entries(SPD) when the device is the responder of the IKE remote node
    lifetime Number
    Defines the lifetime in minutes of an IKE SA which will be proposed in the phase 1 negotiations
    mode String
    Defines the exchange mode for phase 1 when racoon is the initiator, or the acceptable exchange mode when racoon is the responder
    myCertFile String
    Specifies the name of the certificate file object
    myCertKeyFile String
    Specifies the name of the certificate key file object
    myCertKeyPassphrase String
    Specifies the passphrase of the key used for my-cert-key-file
    myIdType String
    Specifies the identifier type sent to the remote host to use in the phase 1 negotiation
    myIdValue String
    Specifies the identifier value sent to the remote host in the phase 1 negotiation
    natTraversal String
    Enables use of the NAT-Traversal IPsec extension
    passive String
    Specifies whether the local IKE agent can be the initiator of the IKE negotiation with this ike-peer
    peersCertFile String
    Specifies the peer’s certificate for authentication
    peersCertType String
    Specifies that the only peers-cert-type supported is certfile
    peersIdType String
    Specifies which of address, fqdn, asn1dn, user-fqdn or keyid-tag types to use as peers-id-type
    peersIdValue String
    Specifies the peer’s identifier to be received
    phase1AuthMethod String
    Specifies the authentication method used for phase 1 negotiation
    phase1EncryptAlgorithm String
    Specifies the encryption algorithm used for the isakmp phase 1 negotiation
    phase1HashAlgorithm String
    Defines the hash algorithm used for the isakmp phase 1 negotiation
    phase1PerfectForwardSecrecy String
    Defines the Diffie-Hellman group for key exchange to provide perfect forward secrecy
    presharedKey String
    Specifies the preshared key for ISAKMP SAs
    presharedKeyEncrypted String
    Display the encrypted preshared-key for the IKE remote node
    prf String
    Specifies the pseudo-random function used to derive keying material for all cryptographic operations
    proxySupport String
    If this value is enabled, both values of ID payloads in the phase 2 exchange are used as the addresses of end-point of IPsec-SAs
    replayWindowSize Number
    Specifies the replay window size of the IPsec SAs negotiated with the IKE remote node
    state String
    Enables or disables this IKE remote node
    trafficSelectors List<String>
    Specifies the names of the traffic-selector objects associated with this ike-peer
    verifyCert String
    Specifies whether to verify the certificate chain of the remote peer based on the trusted certificates in ca-cert-file
    versions List<String>
    Specifies which version of IKE to be used

    Outputs

    All input properties are implicitly available as output properties. Additionally, the NetIkePeer resource produces the following output properties:

    Id string
    The provider-assigned unique ID for this managed resource.
    Id string
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.
    id string
    The provider-assigned unique ID for this managed resource.
    id str
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.

    Look up Existing NetIkePeer Resource

    Get an existing NetIkePeer resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: NetIkePeerState, opts?: CustomResourceOptions): NetIkePeer
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            app_service: Optional[str] = None,
            ca_cert_file: Optional[str] = None,
            crl_file: Optional[str] = None,
            description: Optional[str] = None,
            dpd_delay: Optional[int] = None,
            generate_policy: Optional[str] = None,
            lifetime: Optional[int] = None,
            mode: Optional[str] = None,
            my_cert_file: Optional[str] = None,
            my_cert_key_file: Optional[str] = None,
            my_cert_key_passphrase: Optional[str] = None,
            my_id_type: Optional[str] = None,
            my_id_value: Optional[str] = None,
            name: Optional[str] = None,
            nat_traversal: Optional[str] = None,
            passive: Optional[str] = None,
            peers_cert_file: Optional[str] = None,
            peers_cert_type: Optional[str] = None,
            peers_id_type: Optional[str] = None,
            peers_id_value: Optional[str] = None,
            phase1_auth_method: Optional[str] = None,
            phase1_encrypt_algorithm: Optional[str] = None,
            phase1_hash_algorithm: Optional[str] = None,
            phase1_perfect_forward_secrecy: Optional[str] = None,
            preshared_key: Optional[str] = None,
            preshared_key_encrypted: Optional[str] = None,
            prf: Optional[str] = None,
            proxy_support: Optional[str] = None,
            remote_address: Optional[str] = None,
            replay_window_size: Optional[int] = None,
            state: Optional[str] = None,
            traffic_selectors: Optional[Sequence[str]] = None,
            verify_cert: Optional[str] = None,
            versions: Optional[Sequence[str]] = None) -> NetIkePeer
    func GetNetIkePeer(ctx *Context, name string, id IDInput, state *NetIkePeerState, opts ...ResourceOption) (*NetIkePeer, error)
    public static NetIkePeer Get(string name, Input<string> id, NetIkePeerState? state, CustomResourceOptions? opts = null)
    public static NetIkePeer get(String name, Output<String> id, NetIkePeerState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    AppService string
    The application service that the object belongs to
    CaCertFile string
    the trusted root and intermediate certificate authorities
    CrlFile string
    Specifies the file name of the Certificate Revocation List. Only supported in IKEv1
    Description string
    User defined description
    DpdDelay int
    Specifies the number of seconds between Dead Peer Detection messages
    GeneratePolicy string
    Enable or disable the generation of Security Policy Database entries(SPD) when the device is the responder of the IKE remote node
    Lifetime int
    Defines the lifetime in minutes of an IKE SA which will be proposed in the phase 1 negotiations
    Mode string
    Defines the exchange mode for phase 1 when racoon is the initiator, or the acceptable exchange mode when racoon is the responder
    MyCertFile string
    Specifies the name of the certificate file object
    MyCertKeyFile string
    Specifies the name of the certificate key file object
    MyCertKeyPassphrase string
    Specifies the passphrase of the key used for my-cert-key-file
    MyIdType string
    Specifies the identifier type sent to the remote host to use in the phase 1 negotiation
    MyIdValue string
    Specifies the identifier value sent to the remote host in the phase 1 negotiation
    Name string
    Name of the ike_peer
    NatTraversal string
    Enables use of the NAT-Traversal IPsec extension
    Passive string
    Specifies whether the local IKE agent can be the initiator of the IKE negotiation with this ike-peer
    PeersCertFile string
    Specifies the peer’s certificate for authentication
    PeersCertType string
    Specifies that the only peers-cert-type supported is certfile
    PeersIdType string
    Specifies which of address, fqdn, asn1dn, user-fqdn or keyid-tag types to use as peers-id-type
    PeersIdValue string
    Specifies the peer’s identifier to be received
    Phase1AuthMethod string
    Specifies the authentication method used for phase 1 negotiation
    Phase1EncryptAlgorithm string
    Specifies the encryption algorithm used for the isakmp phase 1 negotiation
    Phase1HashAlgorithm string
    Defines the hash algorithm used for the isakmp phase 1 negotiation
    Phase1PerfectForwardSecrecy string
    Defines the Diffie-Hellman group for key exchange to provide perfect forward secrecy
    PresharedKey string
    Specifies the preshared key for ISAKMP SAs
    PresharedKeyEncrypted string
    Display the encrypted preshared-key for the IKE remote node
    Prf string
    Specifies the pseudo-random function used to derive keying material for all cryptographic operations
    ProxySupport string
    If this value is enabled, both values of ID payloads in the phase 2 exchange are used as the addresses of end-point of IPsec-SAs
    RemoteAddress string
    Specifies the IP address of the IKE remote node
    ReplayWindowSize int
    Specifies the replay window size of the IPsec SAs negotiated with the IKE remote node
    State string
    Enables or disables this IKE remote node
    TrafficSelectors List<string>
    Specifies the names of the traffic-selector objects associated with this ike-peer
    VerifyCert string
    Specifies whether to verify the certificate chain of the remote peer based on the trusted certificates in ca-cert-file
    Versions List<string>
    Specifies which version of IKE to be used
    AppService string
    The application service that the object belongs to
    CaCertFile string
    the trusted root and intermediate certificate authorities
    CrlFile string
    Specifies the file name of the Certificate Revocation List. Only supported in IKEv1
    Description string
    User defined description
    DpdDelay int
    Specifies the number of seconds between Dead Peer Detection messages
    GeneratePolicy string
    Enable or disable the generation of Security Policy Database entries(SPD) when the device is the responder of the IKE remote node
    Lifetime int
    Defines the lifetime in minutes of an IKE SA which will be proposed in the phase 1 negotiations
    Mode string
    Defines the exchange mode for phase 1 when racoon is the initiator, or the acceptable exchange mode when racoon is the responder
    MyCertFile string
    Specifies the name of the certificate file object
    MyCertKeyFile string
    Specifies the name of the certificate key file object
    MyCertKeyPassphrase string
    Specifies the passphrase of the key used for my-cert-key-file
    MyIdType string
    Specifies the identifier type sent to the remote host to use in the phase 1 negotiation
    MyIdValue string
    Specifies the identifier value sent to the remote host in the phase 1 negotiation
    Name string
    Name of the ike_peer
    NatTraversal string
    Enables use of the NAT-Traversal IPsec extension
    Passive string
    Specifies whether the local IKE agent can be the initiator of the IKE negotiation with this ike-peer
    PeersCertFile string
    Specifies the peer’s certificate for authentication
    PeersCertType string
    Specifies that the only peers-cert-type supported is certfile
    PeersIdType string
    Specifies which of address, fqdn, asn1dn, user-fqdn or keyid-tag types to use as peers-id-type
    PeersIdValue string
    Specifies the peer’s identifier to be received
    Phase1AuthMethod string
    Specifies the authentication method used for phase 1 negotiation
    Phase1EncryptAlgorithm string
    Specifies the encryption algorithm used for the isakmp phase 1 negotiation
    Phase1HashAlgorithm string
    Defines the hash algorithm used for the isakmp phase 1 negotiation
    Phase1PerfectForwardSecrecy string
    Defines the Diffie-Hellman group for key exchange to provide perfect forward secrecy
    PresharedKey string
    Specifies the preshared key for ISAKMP SAs
    PresharedKeyEncrypted string
    Display the encrypted preshared-key for the IKE remote node
    Prf string
    Specifies the pseudo-random function used to derive keying material for all cryptographic operations
    ProxySupport string
    If this value is enabled, both values of ID payloads in the phase 2 exchange are used as the addresses of end-point of IPsec-SAs
    RemoteAddress string
    Specifies the IP address of the IKE remote node
    ReplayWindowSize int
    Specifies the replay window size of the IPsec SAs negotiated with the IKE remote node
    State string
    Enables or disables this IKE remote node
    TrafficSelectors []string
    Specifies the names of the traffic-selector objects associated with this ike-peer
    VerifyCert string
    Specifies whether to verify the certificate chain of the remote peer based on the trusted certificates in ca-cert-file
    Versions []string
    Specifies which version of IKE to be used
    appService String
    The application service that the object belongs to
    caCertFile String
    the trusted root and intermediate certificate authorities
    crlFile String
    Specifies the file name of the Certificate Revocation List. Only supported in IKEv1
    description String
    User defined description
    dpdDelay Integer
    Specifies the number of seconds between Dead Peer Detection messages
    generatePolicy String
    Enable or disable the generation of Security Policy Database entries(SPD) when the device is the responder of the IKE remote node
    lifetime Integer
    Defines the lifetime in minutes of an IKE SA which will be proposed in the phase 1 negotiations
    mode String
    Defines the exchange mode for phase 1 when racoon is the initiator, or the acceptable exchange mode when racoon is the responder
    myCertFile String
    Specifies the name of the certificate file object
    myCertKeyFile String
    Specifies the name of the certificate key file object
    myCertKeyPassphrase String
    Specifies the passphrase of the key used for my-cert-key-file
    myIdType String
    Specifies the identifier type sent to the remote host to use in the phase 1 negotiation
    myIdValue String
    Specifies the identifier value sent to the remote host in the phase 1 negotiation
    name String
    Name of the ike_peer
    natTraversal String
    Enables use of the NAT-Traversal IPsec extension
    passive String
    Specifies whether the local IKE agent can be the initiator of the IKE negotiation with this ike-peer
    peersCertFile String
    Specifies the peer’s certificate for authentication
    peersCertType String
    Specifies that the only peers-cert-type supported is certfile
    peersIdType String
    Specifies which of address, fqdn, asn1dn, user-fqdn or keyid-tag types to use as peers-id-type
    peersIdValue String
    Specifies the peer’s identifier to be received
    phase1AuthMethod String
    Specifies the authentication method used for phase 1 negotiation
    phase1EncryptAlgorithm String
    Specifies the encryption algorithm used for the isakmp phase 1 negotiation
    phase1HashAlgorithm String
    Defines the hash algorithm used for the isakmp phase 1 negotiation
    phase1PerfectForwardSecrecy String
    Defines the Diffie-Hellman group for key exchange to provide perfect forward secrecy
    presharedKey String
    Specifies the preshared key for ISAKMP SAs
    presharedKeyEncrypted String
    Display the encrypted preshared-key for the IKE remote node
    prf String
    Specifies the pseudo-random function used to derive keying material for all cryptographic operations
    proxySupport String
    If this value is enabled, both values of ID payloads in the phase 2 exchange are used as the addresses of end-point of IPsec-SAs
    remoteAddress String
    Specifies the IP address of the IKE remote node
    replayWindowSize Integer
    Specifies the replay window size of the IPsec SAs negotiated with the IKE remote node
    state String
    Enables or disables this IKE remote node
    trafficSelectors List<String>
    Specifies the names of the traffic-selector objects associated with this ike-peer
    verifyCert String
    Specifies whether to verify the certificate chain of the remote peer based on the trusted certificates in ca-cert-file
    versions List<String>
    Specifies which version of IKE to be used
    appService string
    The application service that the object belongs to
    caCertFile string
    the trusted root and intermediate certificate authorities
    crlFile string
    Specifies the file name of the Certificate Revocation List. Only supported in IKEv1
    description string
    User defined description
    dpdDelay number
    Specifies the number of seconds between Dead Peer Detection messages
    generatePolicy string
    Enable or disable the generation of Security Policy Database entries(SPD) when the device is the responder of the IKE remote node
    lifetime number
    Defines the lifetime in minutes of an IKE SA which will be proposed in the phase 1 negotiations
    mode string
    Defines the exchange mode for phase 1 when racoon is the initiator, or the acceptable exchange mode when racoon is the responder
    myCertFile string
    Specifies the name of the certificate file object
    myCertKeyFile string
    Specifies the name of the certificate key file object
    myCertKeyPassphrase string
    Specifies the passphrase of the key used for my-cert-key-file
    myIdType string
    Specifies the identifier type sent to the remote host to use in the phase 1 negotiation
    myIdValue string
    Specifies the identifier value sent to the remote host in the phase 1 negotiation
    name string
    Name of the ike_peer
    natTraversal string
    Enables use of the NAT-Traversal IPsec extension
    passive string
    Specifies whether the local IKE agent can be the initiator of the IKE negotiation with this ike-peer
    peersCertFile string
    Specifies the peer’s certificate for authentication
    peersCertType string
    Specifies that the only peers-cert-type supported is certfile
    peersIdType string
    Specifies which of address, fqdn, asn1dn, user-fqdn or keyid-tag types to use as peers-id-type
    peersIdValue string
    Specifies the peer’s identifier to be received
    phase1AuthMethod string
    Specifies the authentication method used for phase 1 negotiation
    phase1EncryptAlgorithm string
    Specifies the encryption algorithm used for the isakmp phase 1 negotiation
    phase1HashAlgorithm string
    Defines the hash algorithm used for the isakmp phase 1 negotiation
    phase1PerfectForwardSecrecy string
    Defines the Diffie-Hellman group for key exchange to provide perfect forward secrecy
    presharedKey string
    Specifies the preshared key for ISAKMP SAs
    presharedKeyEncrypted string
    Display the encrypted preshared-key for the IKE remote node
    prf string
    Specifies the pseudo-random function used to derive keying material for all cryptographic operations
    proxySupport string
    If this value is enabled, both values of ID payloads in the phase 2 exchange are used as the addresses of end-point of IPsec-SAs
    remoteAddress string
    Specifies the IP address of the IKE remote node
    replayWindowSize number
    Specifies the replay window size of the IPsec SAs negotiated with the IKE remote node
    state string
    Enables or disables this IKE remote node
    trafficSelectors string[]
    Specifies the names of the traffic-selector objects associated with this ike-peer
    verifyCert string
    Specifies whether to verify the certificate chain of the remote peer based on the trusted certificates in ca-cert-file
    versions string[]
    Specifies which version of IKE to be used
    app_service str
    The application service that the object belongs to
    ca_cert_file str
    the trusted root and intermediate certificate authorities
    crl_file str
    Specifies the file name of the Certificate Revocation List. Only supported in IKEv1
    description str
    User defined description
    dpd_delay int
    Specifies the number of seconds between Dead Peer Detection messages
    generate_policy str
    Enable or disable the generation of Security Policy Database entries(SPD) when the device is the responder of the IKE remote node
    lifetime int
    Defines the lifetime in minutes of an IKE SA which will be proposed in the phase 1 negotiations
    mode str
    Defines the exchange mode for phase 1 when racoon is the initiator, or the acceptable exchange mode when racoon is the responder
    my_cert_file str
    Specifies the name of the certificate file object
    my_cert_key_file str
    Specifies the name of the certificate key file object
    my_cert_key_passphrase str
    Specifies the passphrase of the key used for my-cert-key-file
    my_id_type str
    Specifies the identifier type sent to the remote host to use in the phase 1 negotiation
    my_id_value str
    Specifies the identifier value sent to the remote host in the phase 1 negotiation
    name str
    Name of the ike_peer
    nat_traversal str
    Enables use of the NAT-Traversal IPsec extension
    passive str
    Specifies whether the local IKE agent can be the initiator of the IKE negotiation with this ike-peer
    peers_cert_file str
    Specifies the peer’s certificate for authentication
    peers_cert_type str
    Specifies that the only peers-cert-type supported is certfile
    peers_id_type str
    Specifies which of address, fqdn, asn1dn, user-fqdn or keyid-tag types to use as peers-id-type
    peers_id_value str
    Specifies the peer’s identifier to be received
    phase1_auth_method str
    Specifies the authentication method used for phase 1 negotiation
    phase1_encrypt_algorithm str
    Specifies the encryption algorithm used for the isakmp phase 1 negotiation
    phase1_hash_algorithm str
    Defines the hash algorithm used for the isakmp phase 1 negotiation
    phase1_perfect_forward_secrecy str
    Defines the Diffie-Hellman group for key exchange to provide perfect forward secrecy
    preshared_key str
    Specifies the preshared key for ISAKMP SAs
    preshared_key_encrypted str
    Display the encrypted preshared-key for the IKE remote node
    prf str
    Specifies the pseudo-random function used to derive keying material for all cryptographic operations
    proxy_support str
    If this value is enabled, both values of ID payloads in the phase 2 exchange are used as the addresses of end-point of IPsec-SAs
    remote_address str
    Specifies the IP address of the IKE remote node
    replay_window_size int
    Specifies the replay window size of the IPsec SAs negotiated with the IKE remote node
    state str
    Enables or disables this IKE remote node
    traffic_selectors Sequence[str]
    Specifies the names of the traffic-selector objects associated with this ike-peer
    verify_cert str
    Specifies whether to verify the certificate chain of the remote peer based on the trusted certificates in ca-cert-file
    versions Sequence[str]
    Specifies which version of IKE to be used
    appService String
    The application service that the object belongs to
    caCertFile String
    the trusted root and intermediate certificate authorities
    crlFile String
    Specifies the file name of the Certificate Revocation List. Only supported in IKEv1
    description String
    User defined description
    dpdDelay Number
    Specifies the number of seconds between Dead Peer Detection messages
    generatePolicy String
    Enable or disable the generation of Security Policy Database entries(SPD) when the device is the responder of the IKE remote node
    lifetime Number
    Defines the lifetime in minutes of an IKE SA which will be proposed in the phase 1 negotiations
    mode String
    Defines the exchange mode for phase 1 when racoon is the initiator, or the acceptable exchange mode when racoon is the responder
    myCertFile String
    Specifies the name of the certificate file object
    myCertKeyFile String
    Specifies the name of the certificate key file object
    myCertKeyPassphrase String
    Specifies the passphrase of the key used for my-cert-key-file
    myIdType String
    Specifies the identifier type sent to the remote host to use in the phase 1 negotiation
    myIdValue String
    Specifies the identifier value sent to the remote host in the phase 1 negotiation
    name String
    Name of the ike_peer
    natTraversal String
    Enables use of the NAT-Traversal IPsec extension
    passive String
    Specifies whether the local IKE agent can be the initiator of the IKE negotiation with this ike-peer
    peersCertFile String
    Specifies the peer’s certificate for authentication
    peersCertType String
    Specifies that the only peers-cert-type supported is certfile
    peersIdType String
    Specifies which of address, fqdn, asn1dn, user-fqdn or keyid-tag types to use as peers-id-type
    peersIdValue String
    Specifies the peer’s identifier to be received
    phase1AuthMethod String
    Specifies the authentication method used for phase 1 negotiation
    phase1EncryptAlgorithm String
    Specifies the encryption algorithm used for the isakmp phase 1 negotiation
    phase1HashAlgorithm String
    Defines the hash algorithm used for the isakmp phase 1 negotiation
    phase1PerfectForwardSecrecy String
    Defines the Diffie-Hellman group for key exchange to provide perfect forward secrecy
    presharedKey String
    Specifies the preshared key for ISAKMP SAs
    presharedKeyEncrypted String
    Display the encrypted preshared-key for the IKE remote node
    prf String
    Specifies the pseudo-random function used to derive keying material for all cryptographic operations
    proxySupport String
    If this value is enabled, both values of ID payloads in the phase 2 exchange are used as the addresses of end-point of IPsec-SAs
    remoteAddress String
    Specifies the IP address of the IKE remote node
    replayWindowSize Number
    Specifies the replay window size of the IPsec SAs negotiated with the IKE remote node
    state String
    Enables or disables this IKE remote node
    trafficSelectors List<String>
    Specifies the names of the traffic-selector objects associated with this ike-peer
    verifyCert String
    Specifies whether to verify the certificate chain of the remote peer based on the trusted certificates in ca-cert-file
    versions List<String>
    Specifies which version of IKE to be used

    Package Details

    Repository
    f5 BIG-IP pulumi/pulumi-f5bigip
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the bigip Terraform Provider.
    f5bigip logo
    f5 BIG-IP v3.17.2 published on Wednesday, Jun 26, 2024 by Pulumi