Defines configuration for a single VPN connection between 2 servers' network interfaces. The inverse of this (with respect to local an remote values) will need to be created on the remote server.
| Name | Type | Description | Attributes |
|---|---|---|---|
| atomLinkList | List of link | See Definition of link | |
| vpn-identifier | xs:string | Unique identifier (UUID) for a single VPN configuration entry. | Mandatory |
| vpn-name | xs:string | Name for a VPN configuration entry. | Mandatory |
| enabled | xs:boolean | True if this vpn config is enabled. False otherwise | Mandatory |
| local-address | xs:string | Local IP/IPv6 address VPN will bind to. VPN connection is made between this and the remote-address. | Mandatory |
| local-port | xs:unsignedShort | Port on the local address that the VPN will bind to and use for the VPN connection. | Mandatory |
| remote-address | PlcmInetAddress | Remote, existing, IP/IPv6 address VPN will bind to. VPN conneciton is made between this and the local-address. | Mandatory |
| remote-port | xs:unsignedShort | Port on the remote address that the VPN will bind to and use for the VPN connection. | Mandatory |
| local-vpn-address | PlcmInetAddress | The address, on the local side, that will be created once the VPN connection is established. This is an IP address only shared between the local host and the remote host and should not be routable outside of the the two tunnel connected boxes. | Mandatory |
| remote-vpn-address | PlcmInetAddress | The address, on the remote side, that will be created once the VPN connection is established. This is an IP address only shared between the local host and the remote host and should not be routable outside of the the two tunnel connected boxes. | Mandatory |
| vpn-key | xs:string | Encoded text that can be used to setup the shared credentials for a VPN connection. | Mandatory |
| protocol | Protocol | Network protocol (UDP or TCP-SERVER or TCP-CLIENT) over which the VPN connection will run. UDP is generally the default and recommended value. TCP options require direction (i.e client must contact the server to establish a connection). | |
| cipher | Cipher | The encryption cipher used over the VPN connection. NONE, AES-128, and AES-256 are acceptable values, with NONE as the default. NONE will result in no encryption being performed over the VPN tunnel at all. AES encrytion types will use the CBC mode. | |
| entity-tag | EntityTag | The unique value generated from the server object instance. This value is the same value that MUST be applied to the HTTP Entity Tag (ETag) header for a single instance of this object. Client modification of this field is not allowed for this instance. | |
| sequence | xs:unsignedShort | An informational only value used to help with VPN configuration ordering. This value is created and maintained by the system. It cannot be edited. If sent in an update/create its value will be ignored. Its value can be usful in helping to pre-select local and remote VPN addresses that will not conflict. For example: use the scheme 198.18.sequence.5 and 198.18.sequence.10 for the default local and remote VPN addresses for a tunnel, or some similar scheme (remembering that sequcnece can be greater than 255 for an IP address). Otherwise, this value may be mostly ignored. Note: gaps in sequencing my appear between consecutive configurations and does not imply any meaning other than an arbitrary ordering. |
| Name | Type | Restrictions |
|---|---|---|
| EntityTag | xs:string | Length of value must be >=1 Length of value must be <=64 |
| Cipher | xs:string | Pattern of value must match the regular expression ([nN][oO][nN][eE])|([aA][eE][sS][-]?([1][2][8]|[2][5][6])) |
| Protocol | xs:string | Pattern of value must match the regular expression ([uU][dD][pP])|(([tT][cC][pP])-(([sS][eE][rR][vV][eE][Rr])|[cC][lL][iI][eE][nN][tT])) |