Share via

IpsecPolicy Class

  • Reference

An IPSec Policy configuration for a virtual network gateway connection.

All required parameters must be populated in order to send to server.

Inheritance
azure.mgmt.network._serialization.Model
IpsecPolicy

Constructor

IpsecPolicy(*, sa_life_time_seconds: int, sa_data_size_kilobytes: int, ipsec_encryption: str | _models.IpsecEncryption, ipsec_integrity: str | _models.IpsecIntegrity, ike_encryption: str | _models.IkeEncryption, ike_integrity: str | _models.IkeIntegrity, dh_group: str | _models.DhGroup, pfs_group: str | _models.PfsGroup, **kwargs: Any)

Keyword-Only Parameters

Name Description
sa_life_time_seconds
int

The IPSec Security Association (also called Quick Mode or Phase 2 SA) lifetime in seconds for a site to site VPN tunnel. Required.
sa_data_size_kilobytes
int

The IPSec Security Association (also called Quick Mode or Phase 2 SA) payload size in KB for a site to site VPN tunnel. Required.
ipsec_encryption
str or IpsecEncryption

The IPSec encryption algorithm (IKE phase 1). Required. Known values are: "None", "DES", "DES3", "AES128", "AES192", "AES256", "GCMAES128", "GCMAES192", and "GCMAES256".
ipsec_integrity
str or IpsecIntegrity

The IPSec integrity algorithm (IKE phase 1). Required. Known values are: "MD5", "SHA1", "SHA256", "GCMAES128", "GCMAES192", and "GCMAES256".
ike_encryption
str or IkeEncryption

The IKE encryption algorithm (IKE phase 2). Required. Known values are: "DES", "DES3", "AES128", "AES192", "AES256", "GCMAES256", and "GCMAES128".
ike_integrity
str or IkeIntegrity

The IKE integrity algorithm (IKE phase 2). Required. Known values are: "MD5", "SHA1", "SHA256", "SHA384", "GCMAES256", and "GCMAES128".
dh_group
str or DhGroup

The DH Group used in IKE Phase 1 for initial SA. Required. Known values are: "None", "DHGroup1", "DHGroup2", "DHGroup14", "DHGroup2048", "ECP256", "ECP384", and "DHGroup24".
pfs_group
str or PfsGroup

The Pfs Group used in IKE Phase 2 for new child SA. Required. Known values are: "None", "PFS1", "PFS2", "PFS2048", "ECP256", "ECP384", "PFS24", "PFS14", and "PFSMM".

Variables

Name Description
sa_life_time_seconds
int

The IPSec Security Association (also called Quick Mode or Phase 2 SA) lifetime in seconds for a site to site VPN tunnel. Required.
sa_data_size_kilobytes
int

The IPSec Security Association (also called Quick Mode or Phase 2 SA) payload size in KB for a site to site VPN tunnel. Required.
ipsec_encryption
str or IpsecEncryption

The IPSec encryption algorithm (IKE phase 1). Required. Known values are: "None", "DES", "DES3", "AES128", "AES192", "AES256", "GCMAES128", "GCMAES192", and "GCMAES256".
ipsec_integrity
str or IpsecIntegrity

The IPSec integrity algorithm (IKE phase 1). Required. Known values are: "MD5", "SHA1", "SHA256", "GCMAES128", "GCMAES192", and "GCMAES256".
ike_encryption
str or IkeEncryption

The IKE encryption algorithm (IKE phase 2). Required. Known values are: "DES", "DES3", "AES128", "AES192", "AES256", "GCMAES256", and "GCMAES128".
ike_integrity
str or IkeIntegrity

The IKE integrity algorithm (IKE phase 2). Required. Known values are: "MD5", "SHA1", "SHA256", "SHA384", "GCMAES256", and "GCMAES128".
dh_group
str or DhGroup

The DH Group used in IKE Phase 1 for initial SA. Required. Known values are: "None", "DHGroup1", "DHGroup2", "DHGroup14", "DHGroup2048", "ECP256", "ECP384", and "DHGroup24".
pfs_group
str or PfsGroup

The Pfs Group used in IKE Phase 2 for new child SA. Required. Known values are: "None", "PFS1", "PFS2", "PFS2048", "ECP256", "ECP384", "PFS24", "PFS14", and "PFSMM".