IPSecConnection

class oci.core.models.IPSecConnection(**kwargs)

Bases: object

A connection between a DRG and CPE. This connection consists of multiple IPSec tunnels. Creating this connection is one of the steps required when setting up an IPSec VPN.

Important: Each tunnel in an IPSec connection can use either static routing or BGP dynamic routing (see the IPSecConnectionTunnel object's routing attribute). Originally only static routing was supported and every IPSec connection was required to have at least one static route configured. To maintain backward compatibility in the API when support for BPG dynamic routing was introduced, the API accepts an empty list of static routes if you configure both of the IPSec tunnels to use BGP dynamic routing. If you switch a tunnel's routing from BGP to STATIC, you must first ensure that the IPSec connection is configured with at least one valid CIDR block static route. Oracle uses the IPSec connection's static routes when routing a tunnel's traffic only if that tunnel's routing attribute = STATIC. Otherwise the static routes are ignored.

For more information about the workflow for setting up an IPSec connection, see IPSec VPN.

To use any of the API operations, you must be authorized in an IAM policy. If you're not authorized, talk to an administrator. If you're an administrator who needs to write policies to give users access, see Getting Started with Policies.

Warning: Oracle recommends that you avoid using any confidential information when you supply string values using the API.

CPE_LOCAL_IDENTIFIER_TYPE_HOSTNAME = 'HOSTNAME'

A constant which can be used with the cpe_local_identifier_type property of a IPSecConnection. This constant has a value of "HOSTNAME"

CPE_LOCAL_IDENTIFIER_TYPE_IP_ADDRESS = 'IP_ADDRESS'

A constant which can be used with the cpe_local_identifier_type property of a IPSecConnection. This constant has a value of "IP_ADDRESS"

LIFECYCLE_STATE_AVAILABLE = 'AVAILABLE'

A constant which can be used with the lifecycle_state property of a IPSecConnection. This constant has a value of "AVAILABLE"

LIFECYCLE_STATE_PROVISIONING = 'PROVISIONING'

A constant which can be used with the lifecycle_state property of a IPSecConnection. This constant has a value of "PROVISIONING"

LIFECYCLE_STATE_TERMINATED = 'TERMINATED'

A constant which can be used with the lifecycle_state property of a IPSecConnection. This constant has a value of "TERMINATED"

LIFECYCLE_STATE_TERMINATING = 'TERMINATING'

A constant which can be used with the lifecycle_state property of a IPSecConnection. This constant has a value of "TERMINATING"

__init__(**kwargs)

Initializes a new IPSecConnection object with values from keyword arguments. The following keyword arguments are supported (corresponding to the getters/setters of this class):

Parameters:
  • compartment_id (str) -- The value to assign to the compartment_id property of this IPSecConnection.
  • cpe_id (str) -- The value to assign to the cpe_id property of this IPSecConnection.
  • defined_tags (dict(str, dict(str, object))) -- The value to assign to the defined_tags property of this IPSecConnection.
  • display_name (str) -- The value to assign to the display_name property of this IPSecConnection.
  • drg_id (str) -- The value to assign to the drg_id property of this IPSecConnection.
  • freeform_tags (dict(str, str)) -- The value to assign to the freeform_tags property of this IPSecConnection.
  • id (str) -- The value to assign to the id property of this IPSecConnection.
  • lifecycle_state (str) -- The value to assign to the lifecycle_state property of this IPSecConnection. Allowed values for this property are: "PROVISIONING", "AVAILABLE", "TERMINATING", "TERMINATED", 'UNKNOWN_ENUM_VALUE'. Any unrecognized values returned by a service will be mapped to 'UNKNOWN_ENUM_VALUE'.
  • cpe_local_identifier (str) -- The value to assign to the cpe_local_identifier property of this IPSecConnection.
  • cpe_local_identifier_type (str) -- The value to assign to the cpe_local_identifier_type property of this IPSecConnection. Allowed values for this property are: "IP_ADDRESS", "HOSTNAME", 'UNKNOWN_ENUM_VALUE'. Any unrecognized values returned by a service will be mapped to 'UNKNOWN_ENUM_VALUE'.
  • static_routes (list[str]) -- The value to assign to the static_routes property of this IPSecConnection.
  • time_created (datetime) -- The value to assign to the time_created property of this IPSecConnection.
compartment_id

[Required] Gets the compartment_id of this IPSecConnection. The OCID of the compartment containing the IPSec connection.

Returns:The compartment_id of this IPSecConnection.
Return type:str
cpe_id

[Required] Gets the cpe_id of this IPSecConnection. The OCID of the Cpe object.

Returns:The cpe_id of this IPSecConnection.
Return type:str
cpe_local_identifier

Gets the cpe_local_identifier of this IPSecConnection. Your identifier for your CPE device. Can be either an IP address or a hostname (specifically, the fully qualified domain name (FQDN)). The type of identifier here must correspond to the value for cpeLocalIdentifierType.

If you don't provide a value when creating the IPSec connection, the ipAddress attribute for the Cpe object specified by cpeId is used as the cpeLocalIdentifier.

For information about why you'd provide this value, see If Your CPE Is Behind a NAT Device.

Example IP address: 10.0.3.3

Example hostname: cpe.example.com

Returns:The cpe_local_identifier of this IPSecConnection.
Return type:str
cpe_local_identifier_type

Gets the cpe_local_identifier_type of this IPSecConnection. The type of identifier for your CPE device. The value here must correspond to the value for cpeLocalIdentifier.

Allowed values for this property are: "IP_ADDRESS", "HOSTNAME", 'UNKNOWN_ENUM_VALUE'. Any unrecognized values returned by a service will be mapped to 'UNKNOWN_ENUM_VALUE'.

Returns:The cpe_local_identifier_type of this IPSecConnection.
Return type:str
defined_tags

Gets the defined_tags of this IPSecConnection. Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags.

Example: {"Operations": {"CostCenter": "42"}}

Returns:The defined_tags of this IPSecConnection.
Return type:dict(str, dict(str, object))
display_name

Gets the display_name of this IPSecConnection. A user-friendly name. Does not have to be unique, and it's changeable. Avoid entering confidential information.

Returns:The display_name of this IPSecConnection.
Return type:str
drg_id

[Required] Gets the drg_id of this IPSecConnection. The OCID of the DRG.

Returns:The drg_id of this IPSecConnection.
Return type:str
freeform_tags

Gets the freeform_tags of this IPSecConnection. Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags.

Example: {"Department": "Finance"}

Returns:The freeform_tags of this IPSecConnection.
Return type:dict(str, str)
id

[Required] Gets the id of this IPSecConnection. The IPSec connection's Oracle ID (OCID).

Returns:The id of this IPSecConnection.
Return type:str
lifecycle_state

[Required] Gets the lifecycle_state of this IPSecConnection. The IPSec connection's current state.

Allowed values for this property are: "PROVISIONING", "AVAILABLE", "TERMINATING", "TERMINATED", 'UNKNOWN_ENUM_VALUE'. Any unrecognized values returned by a service will be mapped to 'UNKNOWN_ENUM_VALUE'.

Returns:The lifecycle_state of this IPSecConnection.
Return type:str
static_routes

[Required] Gets the static_routes of this IPSecConnection. Static routes to the CPE. The CIDR must not be a multicast address or class E address.

Used for routing a given IPSec tunnel's traffic only if the tunnel is using static routing. If you configure at least one tunnel to use static routing, then you must provide at least one valid static route. If you configure both tunnels to use BGP dynamic routing, you can provide an empty list for the static routes.

The CIDR can be either IPv4 or IPv6. Note that IPv6 addressing is currently supported only in the Government Cloud.

Example: 10.0.1.0/24

Example: 2001:db8::/32

Returns:The static_routes of this IPSecConnection.
Return type:list[str]
time_created

Gets the time_created of this IPSecConnection. The date and time the IPSec connection was created, in the format defined by RFC3339.

Example: 2016-08-25T21:10:29.600Z

Returns:The time_created of this IPSecConnection.
Return type:datetime