CreateIPSecConnection

POST {{baseUrl}}/ipsecConnections

Creates a new IPSec connection between the specified DRG and CPE. For more information, see Site-to-Site VPN Overview.

If you configure at least one tunnel to use static routing, then in the request you must provide at least one valid static route (you're allowed a maximum of 10). For example: 10.0.0.0/16. If you configure both tunnels to use BGP dynamic routing, you can provide an empty list for the static routes. For more information, see the important note in IPSecConnection.

For the purposes of access control, you must provide the OCID of the compartment where you want the IPSec connection to reside. Notice that the IPSec connection doesn't have to be in the same compartment as the DRG, CPE, or other Networking Service components. If you're not sure which compartment to use, put the IPSec connection in the same compartment as the DRG. For more information about compartments and access control, see Overview of the IAM Service.

You may optionally specify a display name for the IPSec connection, otherwise a default is provided. It does not have to be unique, and you can change it. Avoid entering confidential information.

After creating the IPSec connection, you need to configure your on-premises router with tunnel-specific information. For tunnel status and the required configuration information, see:

For each tunnel, you need the IP address of Oracle's VPN headend and the shared secret (that is, the pre-shared key). For more information, see CPE Configuration.

Request Body

{"compartmentId"=>"{{compartment_ocid}}", "drgId"=>"cillum minim ut fugiat", "cpeId"=>"et nostrud veniam eiusmod est", "staticRoutes"=>["id consectetur sed ad aute", "in esse"], "cpeLocalIdentifier"=>"tempor nisi", "cpeLocalIdentifierType"=>"HOSTNAME", "displayName"=>"et nulla esse nisi", "tunnelConfiguration"=>[{"value"=>"<Error: Too many levels of nesting to fake this schema>"}, {"value"=>"<Error: Too many levels of nesting to fake this schema>"}]}

HEADERS

KeyDatatypeRequiredDescription
opc-retry-tokenstringA token that uniquely identifies a request so it can be retried in case of a timeout or
server error without risk of executing that same action again. Retry tokens expire after 24
hours, but can be invalidated before then due to conflicting operations (for example, if a resource
has been deleted and purged from the system, then a retry of the original creation request
may be rejected).
Content-Typestring
Datestring(Required) Current Date
Authorizationstring(Required) Signature Authentication on Authorization header
x-content-sha256string(Required) Content sha256 for POST, PUT and PATCH operations

RESPONSES

status: OK

{&quot;compartmentId&quot;:&quot;et deserunt exercitation&quot;,&quot;id&quot;:&quot;dolore adipisicing dolor proident sed&quot;,&quot;drgId&quot;:&quot;id enim ipsum&quot;,&quot;cpeId&quot;:&quot;voluptate velit reprehenderit&quot;,&quot;lifecycleState&quot;:&quot;PROVISIONING&quot;,&quot;staticRoutes&quot;:[&quot;dolor&quot;,&quot;a&quot;],&quot;cpeLocalIdentifier&quot;:&quot;Ut ea adipisicing cillum&quot;,&quot;cpeLocalIdentifierType&quot;:&quot;IP_ADDRESS&quot;,&quot;definedTags&quot;:{},&quot;displayName&quot;:&quot;esse enim quis consectetur&quot;,&quot;freeformTags&quot;:{},&quot;timeCreated&quot;:&quot;1978-07-23T18:57:03.593Z&quot;}