REST API reference
Update an IPsec policy
Suggest changes
PDFs
PATCH /security/ipsec/policies/{uuid}
Updates a specific IPsec policy.
Related ONTAP commands
-
security ipsec policy modify
Learn more
Parameters
| Name | Type | In | Required | Description |
|---|---|---|---|---|
uuid |
string |
path |
True |
IPsec policy UUID |
Request Body
| Name | Type | Description |
|---|---|---|
action |
string |
Action for the IPsec policy. |
enabled |
boolean |
Indicates whether or not the policy is enabled. |
local_endpoint |
Local endpoint for the IPsec policy. |
|
name |
string |
IPsec policy name. |
protocol |
string |
Lower layer protocol to be covered by the IPsec policy. |
remote_endpoint |
Remote endpoint for the IPsec policy. |
|
scope |
string |
Set to "svm" for interfaces owned by an SVM. Otherwise, set to "cluster". |
secret_key |
string |
Pre-shared key for IKE negotiation. |
svm |
||
uuid |
string |
Unique identifier of the IPsec policy. |
Example request
{
"action": "bypass",
"local_endpoint": {
"address": "10.10.10.7",
"family": "ipv4",
"netmask": "24",
"port": "23"
},
"protocol": "17",
"remote_endpoint": {
"address": "10.10.10.7",
"family": "ipv4",
"netmask": "24",
"port": "23"
},
"scope": "svm",
"svm": {
"_links": {
"self": {
"href": "/api/resourcelink"
}
},
"name": "svm1",
"uuid": "02c9e252-41be-11e9-81d5-00a0986138f7"
},
"uuid": "1cd8a442-86d1-11e0-ae1c-123478563412"
}Response
Status: 200, OkError
Status: DefaultONTAP Error Response Codes
| Error Code | Description |
|---|---|
66257097 |
Internal error. Failed to update the IPsec policy. |
66257099 |
Only one protocol can be specified. |
66257100 |
Only one local port can be specified. |
66257101 |
Only one remote port can be specified. |
66257110 |
Failed to create a policy sequencing value. |
66257113 |
Only one local IP subnet can be specified. |
66257114 |
Only one remote IP subnet can be specified. |
66257115 |
Port ranges containing more than one port are not supported. |
66257116 |
IPsec policy with the specified UUID was not found. |
66257120 |
The subnet selector must be a host address (An IPv4 address with a 32-bit netmask or an IPv6 address with a 128-bit netmask). |
| Name | Type | Description |
|---|---|---|
error |
Example error
{
"error": {
"arguments": {
"code": "string",
"message": "string"
},
"code": "4",
"message": "entry doesn't exist",
"target": "uuid"
}
}Definitions
See Definitions
local_endpoint
Local endpoint for the IPsec policy.
| Name | Type | Description |
|---|---|---|
address |
string |
IPv4 or IPv6 address |
family |
string |
IPv4 or IPv6 |
netmask |
string |
Input as netmask length (16) or IPv4 mask (255.255.0.0). For IPv6, you must set the netmask length. The default value is 64. Output is always netmask length. |
port |
string |
Application port to be covered by the IPsec policy |
remote_endpoint
Remote endpoint for the IPsec policy.
| Name | Type | Description |
|---|---|---|
address |
string |
IPv4 or IPv6 address |
family |
string |
IPv4 or IPv6 |
netmask |
string |
Input as netmask length (16) or IPv4 mask (255.255.0.0). For IPv6, you must set the netmask length. The default value is 64. Output is always netmask length. |
port |
string |
Application port to be covered by the IPsec policy |
href
| Name | Type | Description |
|---|---|---|
href |
string |
_links
| Name | Type | Description |
|---|---|---|
self |
svm
| Name | Type | Description |
|---|---|---|
_links |
||
name |
string |
The name of the SVM. |
uuid |
string |
The unique identifier of the SVM. |
ipsec_policy
IPsec policy object.
| Name | Type | Description |
|---|---|---|
action |
string |
Action for the IPsec policy. |
enabled |
boolean |
Indicates whether or not the policy is enabled. |
local_endpoint |
Local endpoint for the IPsec policy. |
|
name |
string |
IPsec policy name. |
protocol |
string |
Lower layer protocol to be covered by the IPsec policy. |
remote_endpoint |
Remote endpoint for the IPsec policy. |
|
scope |
string |
Set to "svm" for interfaces owned by an SVM. Otherwise, set to "cluster". |
secret_key |
string |
Pre-shared key for IKE negotiation. |
svm |
||
uuid |
string |
Unique identifier of the IPsec policy. |
error_arguments
| Name | Type | Description |
|---|---|---|
code |
string |
Argument code |
message |
string |
Message argument |
error
| Name | Type | Description |
|---|---|---|
arguments |
array[error_arguments] |
Message arguments |
code |
string |
Error code |
message |
string |
Error message |
target |
string |
The target parameter that caused the error. |