1. Packages
  2. F5 BIG-IP
  3. API Docs
  4. NetIkePeer
f5 BIG-IP v3.17.0 published on Thursday, Mar 28, 2024 by Pulumi

f5bigip.NetIkePeer

Explore with Pulumi AI

f5bigip logo
f5 BIG-IP v3.17.0 published on Thursday, Mar 28, 2024 by Pulumi

    f5bigip.NetIkePeer Manages a ike_peer configuration

    Example Usage

    Coming soon!```
    </pulumi-choosable>
    </div>
    <div>
    <pulumi-choosable type="language" values="python">
    

    Coming soon!```

    Coming soon!```
    </pulumi-choosable>
    </div>
    <div>
    <pulumi-choosable type="language" values="csharp">
    

    Coming soon!```

    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.f5bigip.NetIkePeer;
    import com.pulumi.f5bigip.NetIkePeerArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var example1 = new NetIkePeer("example1", NetIkePeerArgs.builder()        
                .localAddress("192.16.81.240")
                .name("example1")
                .profile("/Common/dslite")
                .build());
    
        }
    }
    
    resources:
      example1:
        type: f5bigip:NetIkePeer
        properties:
          localAddress: 192.16.81.240
          name: example1
          profile: /Common/dslite
    

    Create NetIkePeer Resource

    new NetIkePeer(name: string, args: NetIkePeerArgs, opts?: CustomResourceOptions);
    @overload
    def NetIkePeer(resource_name: str,
                   opts: Optional[ResourceOptions] = None,
                   app_service: Optional[str] = None,
                   ca_cert_file: Optional[str] = None,
                   crl_file: Optional[str] = None,
                   description: Optional[str] = None,
                   dpd_delay: Optional[int] = None,
                   generate_policy: Optional[str] = None,
                   lifetime: Optional[int] = None,
                   mode: Optional[str] = None,
                   my_cert_file: Optional[str] = None,
                   my_cert_key_file: Optional[str] = None,
                   my_cert_key_passphrase: Optional[str] = None,
                   my_id_type: Optional[str] = None,
                   my_id_value: Optional[str] = None,
                   name: Optional[str] = None,
                   nat_traversal: Optional[str] = None,
                   passive: Optional[str] = None,
                   peers_cert_file: Optional[str] = None,
                   peers_cert_type: Optional[str] = None,
                   peers_id_type: Optional[str] = None,
                   peers_id_value: Optional[str] = None,
                   phase1_auth_method: Optional[str] = None,
                   phase1_encrypt_algorithm: Optional[str] = None,
                   phase1_hash_algorithm: Optional[str] = None,
                   phase1_perfect_forward_secrecy: Optional[str] = None,
                   preshared_key: Optional[str] = None,
                   preshared_key_encrypted: Optional[str] = None,
                   prf: Optional[str] = None,
                   proxy_support: Optional[str] = None,
                   remote_address: Optional[str] = None,
                   replay_window_size: Optional[int] = None,
                   state: Optional[str] = None,
                   traffic_selectors: Optional[Sequence[str]] = None,
                   verify_cert: Optional[str] = None,
                   versions: Optional[Sequence[str]] = None)
    @overload
    def NetIkePeer(resource_name: str,
                   args: NetIkePeerArgs,
                   opts: Optional[ResourceOptions] = None)
    func NewNetIkePeer(ctx *Context, name string, args NetIkePeerArgs, opts ...ResourceOption) (*NetIkePeer, error)
    public NetIkePeer(string name, NetIkePeerArgs args, CustomResourceOptions? opts = null)
    public NetIkePeer(String name, NetIkePeerArgs args)
    public NetIkePeer(String name, NetIkePeerArgs args, CustomResourceOptions options)
    
    type: f5bigip:NetIkePeer
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    
    name string
    The unique name of the resource.
    args NetIkePeerArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args NetIkePeerArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args NetIkePeerArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args NetIkePeerArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args NetIkePeerArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    NetIkePeer Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The NetIkePeer resource accepts the following input properties:

    Name string
    Name of the ike_peer
    RemoteAddress string
    Specifies the IP address of the IKE remote node
    AppService string
    The application service that the object belongs to
    CaCertFile string
    the trusted root and intermediate certificate authorities
    CrlFile string
    Specifies the file name of the Certificate Revocation List. Only supported in IKEv1
    Description string
    User defined description
    DpdDelay int
    Specifies the number of seconds between Dead Peer Detection messages
    GeneratePolicy string
    Enable or disable the generation of Security Policy Database entries(SPD) when the device is the responder of the IKE remote node
    Lifetime int
    Defines the lifetime in minutes of an IKE SA which will be proposed in the phase 1 negotiations
    Mode string
    Defines the exchange mode for phase 1 when racoon is the initiator, or the acceptable exchange mode when racoon is the responder
    MyCertFile string
    Specifies the name of the certificate file object
    MyCertKeyFile string
    Specifies the name of the certificate key file object
    MyCertKeyPassphrase string
    Specifies the passphrase of the key used for my-cert-key-file
    MyIdType string
    Specifies the identifier type sent to the remote host to use in the phase 1 negotiation
    MyIdValue string
    Specifies the identifier value sent to the remote host in the phase 1 negotiation
    NatTraversal string
    Enables use of the NAT-Traversal IPsec extension
    Passive string
    Specifies whether the local IKE agent can be the initiator of the IKE negotiation with this ike-peer
    PeersCertFile string
    Specifies the peer’s certificate for authentication
    PeersCertType string
    Specifies that the only peers-cert-type supported is certfile
    PeersIdType string
    Specifies which of address, fqdn, asn1dn, user-fqdn or keyid-tag types to use as peers-id-type
    PeersIdValue string
    Specifies the peer’s identifier to be received
    Phase1AuthMethod string
    Specifies the authentication method used for phase 1 negotiation
    Phase1EncryptAlgorithm string
    Specifies the encryption algorithm used for the isakmp phase 1 negotiation
    Phase1HashAlgorithm string
    Defines the hash algorithm used for the isakmp phase 1 negotiation
    Phase1PerfectForwardSecrecy string
    Defines the Diffie-Hellman group for key exchange to provide perfect forward secrecy
    PresharedKey string
    Specifies the preshared key for ISAKMP SAs
    PresharedKeyEncrypted string
    Display the encrypted preshared-key for the IKE remote node
    Prf string
    Specifies the pseudo-random function used to derive keying material for all cryptographic operations
    ProxySupport string
    If this value is enabled, both values of ID payloads in the phase 2 exchange are used as the addresses of end-point of IPsec-SAs
    ReplayWindowSize int
    Specifies the replay window size of the IPsec SAs negotiated with the IKE remote node
    State string
    Enables or disables this IKE remote node
    TrafficSelectors List<string>
    Specifies the names of the traffic-selector objects associated with this ike-peer
    VerifyCert string
    Specifies whether to verify the certificate chain of the remote peer based on the trusted certificates in ca-cert-file
    Versions List<string>
    Specifies which version of IKE to be used
    Name string
    Name of the ike_peer
    RemoteAddress string
    Specifies the IP address of the IKE remote node
    AppService string
    The application service that the object belongs to
    CaCertFile string
    the trusted root and intermediate certificate authorities
    CrlFile string
    Specifies the file name of the Certificate Revocation List. Only supported in IKEv1
    Description string
    User defined description
    DpdDelay int
    Specifies the number of seconds between Dead Peer Detection messages
    GeneratePolicy string
    Enable or disable the generation of Security Policy Database entries(SPD) when the device is the responder of the IKE remote node
    Lifetime int
    Defines the lifetime in minutes of an IKE SA which will be proposed in the phase 1 negotiations
    Mode string
    Defines the exchange mode for phase 1 when racoon is the initiator, or the acceptable exchange mode when racoon is the responder
    MyCertFile string
    Specifies the name of the certificate file object
    MyCertKeyFile string
    Specifies the name of the certificate key file object
    MyCertKeyPassphrase string
    Specifies the passphrase of the key used for my-cert-key-file
    MyIdType string
    Specifies the identifier type sent to the remote host to use in the phase 1 negotiation
    MyIdValue string
    Specifies the identifier value sent to the remote host in the phase 1 negotiation
    NatTraversal string
    Enables use of the NAT-Traversal IPsec extension
    Passive string
    Specifies whether the local IKE agent can be the initiator of the IKE negotiation with this ike-peer
    PeersCertFile string
    Specifies the peer’s certificate for authentication
    PeersCertType string
    Specifies that the only peers-cert-type supported is certfile
    PeersIdType string
    Specifies which of address, fqdn, asn1dn, user-fqdn or keyid-tag types to use as peers-id-type
    PeersIdValue string
    Specifies the peer’s identifier to be received
    Phase1AuthMethod string
    Specifies the authentication method used for phase 1 negotiation
    Phase1EncryptAlgorithm string
    Specifies the encryption algorithm used for the isakmp phase 1 negotiation
    Phase1HashAlgorithm string
    Defines the hash algorithm used for the isakmp phase 1 negotiation
    Phase1PerfectForwardSecrecy string
    Defines the Diffie-Hellman group for key exchange to provide perfect forward secrecy
    PresharedKey string
    Specifies the preshared key for ISAKMP SAs
    PresharedKeyEncrypted string
    Display the encrypted preshared-key for the IKE remote node
    Prf string
    Specifies the pseudo-random function used to derive keying material for all cryptographic operations
    ProxySupport string
    If this value is enabled, both values of ID payloads in the phase 2 exchange are used as the addresses of end-point of IPsec-SAs
    ReplayWindowSize int
    Specifies the replay window size of the IPsec SAs negotiated with the IKE remote node
    State string
    Enables or disables this IKE remote node
    TrafficSelectors []string
    Specifies the names of the traffic-selector objects associated with this ike-peer
    VerifyCert string
    Specifies whether to verify the certificate chain of the remote peer based on the trusted certificates in ca-cert-file
    Versions []string
    Specifies which version of IKE to be used
    name String
    Name of the ike_peer
    remoteAddress String
    Specifies the IP address of the IKE remote node
    appService String
    The application service that the object belongs to
    caCertFile String
    the trusted root and intermediate certificate authorities
    crlFile String
    Specifies the file name of the Certificate Revocation List. Only supported in IKEv1
    description String
    User defined description
    dpdDelay Integer
    Specifies the number of seconds between Dead Peer Detection messages
    generatePolicy String
    Enable or disable the generation of Security Policy Database entries(SPD) when the device is the responder of the IKE remote node
    lifetime Integer
    Defines the lifetime in minutes of an IKE SA which will be proposed in the phase 1 negotiations
    mode String
    Defines the exchange mode for phase 1 when racoon is the initiator, or the acceptable exchange mode when racoon is the responder
    myCertFile String
    Specifies the name of the certificate file object
    myCertKeyFile String
    Specifies the name of the certificate key file object
    myCertKeyPassphrase String
    Specifies the passphrase of the key used for my-cert-key-file
    myIdType String
    Specifies the identifier type sent to the remote host to use in the phase 1 negotiation
    myIdValue String
    Specifies the identifier value sent to the remote host in the phase 1 negotiation
    natTraversal String
    Enables use of the NAT-Traversal IPsec extension
    passive String
    Specifies whether the local IKE agent can be the initiator of the IKE negotiation with this ike-peer
    peersCertFile String
    Specifies the peer’s certificate for authentication
    peersCertType String
    Specifies that the only peers-cert-type supported is certfile
    peersIdType String
    Specifies which of address, fqdn, asn1dn, user-fqdn or keyid-tag types to use as peers-id-type
    peersIdValue String
    Specifies the peer’s identifier to be received
    phase1AuthMethod String
    Specifies the authentication method used for phase 1 negotiation
    phase1EncryptAlgorithm String
    Specifies the encryption algorithm used for the isakmp phase 1 negotiation
    phase1HashAlgorithm String
    Defines the hash algorithm used for the isakmp phase 1 negotiation
    phase1PerfectForwardSecrecy String
    Defines the Diffie-Hellman group for key exchange to provide perfect forward secrecy
    presharedKey String
    Specifies the preshared key for ISAKMP SAs
    presharedKeyEncrypted String
    Display the encrypted preshared-key for the IKE remote node
    prf String
    Specifies the pseudo-random function used to derive keying material for all cryptographic operations
    proxySupport String
    If this value is enabled, both values of ID payloads in the phase 2 exchange are used as the addresses of end-point of IPsec-SAs
    replayWindowSize Integer
    Specifies the replay window size of the IPsec SAs negotiated with the IKE remote node
    state String
    Enables or disables this IKE remote node
    trafficSelectors List<String>
    Specifies the names of the traffic-selector objects associated with this ike-peer
    verifyCert String
    Specifies whether to verify the certificate chain of the remote peer based on the trusted certificates in ca-cert-file
    versions List<String>
    Specifies which version of IKE to be used
    name string
    Name of the ike_peer
    remoteAddress string
    Specifies the IP address of the IKE remote node
    appService string
    The application service that the object belongs to
    caCertFile string
    the trusted root and intermediate certificate authorities
    crlFile string
    Specifies the file name of the Certificate Revocation List. Only supported in IKEv1
    description string
    User defined description
    dpdDelay number
    Specifies the number of seconds between Dead Peer Detection messages
    generatePolicy string
    Enable or disable the generation of Security Policy Database entries(SPD) when the device is the responder of the IKE remote node
    lifetime number
    Defines the lifetime in minutes of an IKE SA which will be proposed in the phase 1 negotiations
    mode string
    Defines the exchange mode for phase 1 when racoon is the initiator, or the acceptable exchange mode when racoon is the responder
    myCertFile string
    Specifies the name of the certificate file object
    myCertKeyFile string
    Specifies the name of the certificate key file object
    myCertKeyPassphrase string
    Specifies the passphrase of the key used for my-cert-key-file
    myIdType string
    Specifies the identifier type sent to the remote host to use in the phase 1 negotiation
    myIdValue string
    Specifies the identifier value sent to the remote host in the phase 1 negotiation
    natTraversal string
    Enables use of the NAT-Traversal IPsec extension
    passive string
    Specifies whether the local IKE agent can be the initiator of the IKE negotiation with this ike-peer
    peersCertFile string
    Specifies the peer’s certificate for authentication
    peersCertType string
    Specifies that the only peers-cert-type supported is certfile
    peersIdType string
    Specifies which of address, fqdn, asn1dn, user-fqdn or keyid-tag types to use as peers-id-type
    peersIdValue string
    Specifies the peer’s identifier to be received
    phase1AuthMethod string
    Specifies the authentication method used for phase 1 negotiation
    phase1EncryptAlgorithm string
    Specifies the encryption algorithm used for the isakmp phase 1 negotiation
    phase1HashAlgorithm string
    Defines the hash algorithm used for the isakmp phase 1 negotiation
    phase1PerfectForwardSecrecy string
    Defines the Diffie-Hellman group for key exchange to provide perfect forward secrecy
    presharedKey string
    Specifies the preshared key for ISAKMP SAs
    presharedKeyEncrypted string
    Display the encrypted preshared-key for the IKE remote node
    prf string
    Specifies the pseudo-random function used to derive keying material for all cryptographic operations
    proxySupport string
    If this value is enabled, both values of ID payloads in the phase 2 exchange are used as the addresses of end-point of IPsec-SAs
    replayWindowSize number
    Specifies the replay window size of the IPsec SAs negotiated with the IKE remote node
    state string
    Enables or disables this IKE remote node
    trafficSelectors string[]
    Specifies the names of the traffic-selector objects associated with this ike-peer
    verifyCert string
    Specifies whether to verify the certificate chain of the remote peer based on the trusted certificates in ca-cert-file
    versions string[]
    Specifies which version of IKE to be used
    name str
    Name of the ike_peer
    remote_address str
    Specifies the IP address of the IKE remote node
    app_service str
    The application service that the object belongs to
    ca_cert_file str
    the trusted root and intermediate certificate authorities
    crl_file str
    Specifies the file name of the Certificate Revocation List. Only supported in IKEv1
    description str
    User defined description
    dpd_delay int
    Specifies the number of seconds between Dead Peer Detection messages
    generate_policy str
    Enable or disable the generation of Security Policy Database entries(SPD) when the device is the responder of the IKE remote node
    lifetime int
    Defines the lifetime in minutes of an IKE SA which will be proposed in the phase 1 negotiations
    mode str
    Defines the exchange mode for phase 1 when racoon is the initiator, or the acceptable exchange mode when racoon is the responder
    my_cert_file str
    Specifies the name of the certificate file object
    my_cert_key_file str
    Specifies the name of the certificate key file object
    my_cert_key_passphrase str
    Specifies the passphrase of the key used for my-cert-key-file
    my_id_type str
    Specifies the identifier type sent to the remote host to use in the phase 1 negotiation
    my_id_value str
    Specifies the identifier value sent to the remote host in the phase 1 negotiation
    nat_traversal str
    Enables use of the NAT-Traversal IPsec extension
    passive str
    Specifies whether the local IKE agent can be the initiator of the IKE negotiation with this ike-peer
    peers_cert_file str
    Specifies the peer’s certificate for authentication
    peers_cert_type str
    Specifies that the only peers-cert-type supported is certfile
    peers_id_type str
    Specifies which of address, fqdn, asn1dn, user-fqdn or keyid-tag types to use as peers-id-type
    peers_id_value str
    Specifies the peer’s identifier to be received
    phase1_auth_method str
    Specifies the authentication method used for phase 1 negotiation
    phase1_encrypt_algorithm str
    Specifies the encryption algorithm used for the isakmp phase 1 negotiation
    phase1_hash_algorithm str
    Defines the hash algorithm used for the isakmp phase 1 negotiation
    phase1_perfect_forward_secrecy str
    Defines the Diffie-Hellman group for key exchange to provide perfect forward secrecy
    preshared_key str
    Specifies the preshared key for ISAKMP SAs
    preshared_key_encrypted str
    Display the encrypted preshared-key for the IKE remote node
    prf str
    Specifies the pseudo-random function used to derive keying material for all cryptographic operations
    proxy_support str
    If this value is enabled, both values of ID payloads in the phase 2 exchange are used as the addresses of end-point of IPsec-SAs
    replay_window_size int
    Specifies the replay window size of the IPsec SAs negotiated with the IKE remote node
    state str
    Enables or disables this IKE remote node
    traffic_selectors Sequence[str]
    Specifies the names of the traffic-selector objects associated with this ike-peer
    verify_cert str
    Specifies whether to verify the certificate chain of the remote peer based on the trusted certificates in ca-cert-file
    versions Sequence[str]
    Specifies which version of IKE to be used
    name String
    Name of the ike_peer
    remoteAddress String
    Specifies the IP address of the IKE remote node
    appService String
    The application service that the object belongs to
    caCertFile String
    the trusted root and intermediate certificate authorities
    crlFile String
    Specifies the file name of the Certificate Revocation List. Only supported in IKEv1
    description String
    User defined description
    dpdDelay Number
    Specifies the number of seconds between Dead Peer Detection messages
    generatePolicy String
    Enable or disable the generation of Security Policy Database entries(SPD) when the device is the responder of the IKE remote node
    lifetime Number
    Defines the lifetime in minutes of an IKE SA which will be proposed in the phase 1 negotiations
    mode String
    Defines the exchange mode for phase 1 when racoon is the initiator, or the acceptable exchange mode when racoon is the responder
    myCertFile String
    Specifies the name of the certificate file object
    myCertKeyFile String
    Specifies the name of the certificate key file object
    myCertKeyPassphrase String
    Specifies the passphrase of the key used for my-cert-key-file
    myIdType String
    Specifies the identifier type sent to the remote host to use in the phase 1 negotiation
    myIdValue String
    Specifies the identifier value sent to the remote host in the phase 1 negotiation
    natTraversal String
    Enables use of the NAT-Traversal IPsec extension
    passive String
    Specifies whether the local IKE agent can be the initiator of the IKE negotiation with this ike-peer
    peersCertFile String
    Specifies the peer’s certificate for authentication
    peersCertType String
    Specifies that the only peers-cert-type supported is certfile
    peersIdType String
    Specifies which of address, fqdn, asn1dn, user-fqdn or keyid-tag types to use as peers-id-type
    peersIdValue String
    Specifies the peer’s identifier to be received
    phase1AuthMethod String
    Specifies the authentication method used for phase 1 negotiation
    phase1EncryptAlgorithm String
    Specifies the encryption algorithm used for the isakmp phase 1 negotiation
    phase1HashAlgorithm String
    Defines the hash algorithm used for the isakmp phase 1 negotiation
    phase1PerfectForwardSecrecy String
    Defines the Diffie-Hellman group for key exchange to provide perfect forward secrecy
    presharedKey String
    Specifies the preshared key for ISAKMP SAs
    presharedKeyEncrypted String
    Display the encrypted preshared-key for the IKE remote node
    prf String
    Specifies the pseudo-random function used to derive keying material for all cryptographic operations
    proxySupport String
    If this value is enabled, both values of ID payloads in the phase 2 exchange are used as the addresses of end-point of IPsec-SAs
    replayWindowSize Number
    Specifies the replay window size of the IPsec SAs negotiated with the IKE remote node
    state String
    Enables or disables this IKE remote node
    trafficSelectors List<String>
    Specifies the names of the traffic-selector objects associated with this ike-peer
    verifyCert String
    Specifies whether to verify the certificate chain of the remote peer based on the trusted certificates in ca-cert-file
    versions List<String>
    Specifies which version of IKE to be used

    Outputs

    All input properties are implicitly available as output properties. Additionally, the NetIkePeer resource produces the following output properties:

    Id string
    The provider-assigned unique ID for this managed resource.
    Id string
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.
    id string
    The provider-assigned unique ID for this managed resource.
    id str
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.

    Look up Existing NetIkePeer Resource

    Get an existing NetIkePeer resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: NetIkePeerState, opts?: CustomResourceOptions): NetIkePeer
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            app_service: Optional[str] = None,
            ca_cert_file: Optional[str] = None,
            crl_file: Optional[str] = None,
            description: Optional[str] = None,
            dpd_delay: Optional[int] = None,
            generate_policy: Optional[str] = None,
            lifetime: Optional[int] = None,
            mode: Optional[str] = None,
            my_cert_file: Optional[str] = None,
            my_cert_key_file: Optional[str] = None,
            my_cert_key_passphrase: Optional[str] = None,
            my_id_type: Optional[str] = None,
            my_id_value: Optional[str] = None,
            name: Optional[str] = None,
            nat_traversal: Optional[str] = None,
            passive: Optional[str] = None,
            peers_cert_file: Optional[str] = None,
            peers_cert_type: Optional[str] = None,
            peers_id_type: Optional[str] = None,
            peers_id_value: Optional[str] = None,
            phase1_auth_method: Optional[str] = None,
            phase1_encrypt_algorithm: Optional[str] = None,
            phase1_hash_algorithm: Optional[str] = None,
            phase1_perfect_forward_secrecy: Optional[str] = None,
            preshared_key: Optional[str] = None,
            preshared_key_encrypted: Optional[str] = None,
            prf: Optional[str] = None,
            proxy_support: Optional[str] = None,
            remote_address: Optional[str] = None,
            replay_window_size: Optional[int] = None,
            state: Optional[str] = None,
            traffic_selectors: Optional[Sequence[str]] = None,
            verify_cert: Optional[str] = None,
            versions: Optional[Sequence[str]] = None) -> NetIkePeer
    func GetNetIkePeer(ctx *Context, name string, id IDInput, state *NetIkePeerState, opts ...ResourceOption) (*NetIkePeer, error)
    public static NetIkePeer Get(string name, Input<string> id, NetIkePeerState? state, CustomResourceOptions? opts = null)
    public static NetIkePeer get(String name, Output<String> id, NetIkePeerState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    AppService string
    The application service that the object belongs to
    CaCertFile string
    the trusted root and intermediate certificate authorities
    CrlFile string
    Specifies the file name of the Certificate Revocation List. Only supported in IKEv1
    Description string
    User defined description
    DpdDelay int
    Specifies the number of seconds between Dead Peer Detection messages
    GeneratePolicy string
    Enable or disable the generation of Security Policy Database entries(SPD) when the device is the responder of the IKE remote node
    Lifetime int
    Defines the lifetime in minutes of an IKE SA which will be proposed in the phase 1 negotiations
    Mode string
    Defines the exchange mode for phase 1 when racoon is the initiator, or the acceptable exchange mode when racoon is the responder
    MyCertFile string
    Specifies the name of the certificate file object
    MyCertKeyFile string
    Specifies the name of the certificate key file object
    MyCertKeyPassphrase string
    Specifies the passphrase of the key used for my-cert-key-file
    MyIdType string
    Specifies the identifier type sent to the remote host to use in the phase 1 negotiation
    MyIdValue string
    Specifies the identifier value sent to the remote host in the phase 1 negotiation
    Name string
    Name of the ike_peer
    NatTraversal string
    Enables use of the NAT-Traversal IPsec extension
    Passive string
    Specifies whether the local IKE agent can be the initiator of the IKE negotiation with this ike-peer
    PeersCertFile string
    Specifies the peer’s certificate for authentication
    PeersCertType string
    Specifies that the only peers-cert-type supported is certfile
    PeersIdType string
    Specifies which of address, fqdn, asn1dn, user-fqdn or keyid-tag types to use as peers-id-type
    PeersIdValue string
    Specifies the peer’s identifier to be received
    Phase1AuthMethod string
    Specifies the authentication method used for phase 1 negotiation
    Phase1EncryptAlgorithm string
    Specifies the encryption algorithm used for the isakmp phase 1 negotiation
    Phase1HashAlgorithm string
    Defines the hash algorithm used for the isakmp phase 1 negotiation
    Phase1PerfectForwardSecrecy string
    Defines the Diffie-Hellman group for key exchange to provide perfect forward secrecy
    PresharedKey string
    Specifies the preshared key for ISAKMP SAs
    PresharedKeyEncrypted string
    Display the encrypted preshared-key for the IKE remote node
    Prf string
    Specifies the pseudo-random function used to derive keying material for all cryptographic operations
    ProxySupport string
    If this value is enabled, both values of ID payloads in the phase 2 exchange are used as the addresses of end-point of IPsec-SAs
    RemoteAddress string
    Specifies the IP address of the IKE remote node
    ReplayWindowSize int
    Specifies the replay window size of the IPsec SAs negotiated with the IKE remote node
    State string
    Enables or disables this IKE remote node
    TrafficSelectors List<string>
    Specifies the names of the traffic-selector objects associated with this ike-peer
    VerifyCert string
    Specifies whether to verify the certificate chain of the remote peer based on the trusted certificates in ca-cert-file
    Versions List<string>
    Specifies which version of IKE to be used
    AppService string
    The application service that the object belongs to
    CaCertFile string
    the trusted root and intermediate certificate authorities
    CrlFile string
    Specifies the file name of the Certificate Revocation List. Only supported in IKEv1
    Description string
    User defined description
    DpdDelay int
    Specifies the number of seconds between Dead Peer Detection messages
    GeneratePolicy string
    Enable or disable the generation of Security Policy Database entries(SPD) when the device is the responder of the IKE remote node
    Lifetime int
    Defines the lifetime in minutes of an IKE SA which will be proposed in the phase 1 negotiations
    Mode string
    Defines the exchange mode for phase 1 when racoon is the initiator, or the acceptable exchange mode when racoon is the responder
    MyCertFile string
    Specifies the name of the certificate file object
    MyCertKeyFile string
    Specifies the name of the certificate key file object
    MyCertKeyPassphrase string
    Specifies the passphrase of the key used for my-cert-key-file
    MyIdType string
    Specifies the identifier type sent to the remote host to use in the phase 1 negotiation
    MyIdValue string
    Specifies the identifier value sent to the remote host in the phase 1 negotiation
    Name string
    Name of the ike_peer
    NatTraversal string
    Enables use of the NAT-Traversal IPsec extension
    Passive string
    Specifies whether the local IKE agent can be the initiator of the IKE negotiation with this ike-peer
    PeersCertFile string
    Specifies the peer’s certificate for authentication
    PeersCertType string
    Specifies that the only peers-cert-type supported is certfile
    PeersIdType string
    Specifies which of address, fqdn, asn1dn, user-fqdn or keyid-tag types to use as peers-id-type
    PeersIdValue string
    Specifies the peer’s identifier to be received
    Phase1AuthMethod string
    Specifies the authentication method used for phase 1 negotiation
    Phase1EncryptAlgorithm string
    Specifies the encryption algorithm used for the isakmp phase 1 negotiation
    Phase1HashAlgorithm string
    Defines the hash algorithm used for the isakmp phase 1 negotiation
    Phase1PerfectForwardSecrecy string
    Defines the Diffie-Hellman group for key exchange to provide perfect forward secrecy
    PresharedKey string
    Specifies the preshared key for ISAKMP SAs
    PresharedKeyEncrypted string
    Display the encrypted preshared-key for the IKE remote node
    Prf string
    Specifies the pseudo-random function used to derive keying material for all cryptographic operations
    ProxySupport string
    If this value is enabled, both values of ID payloads in the phase 2 exchange are used as the addresses of end-point of IPsec-SAs
    RemoteAddress string
    Specifies the IP address of the IKE remote node
    ReplayWindowSize int
    Specifies the replay window size of the IPsec SAs negotiated with the IKE remote node
    State string
    Enables or disables this IKE remote node
    TrafficSelectors []string
    Specifies the names of the traffic-selector objects associated with this ike-peer
    VerifyCert string
    Specifies whether to verify the certificate chain of the remote peer based on the trusted certificates in ca-cert-file
    Versions []string
    Specifies which version of IKE to be used
    appService String
    The application service that the object belongs to
    caCertFile String
    the trusted root and intermediate certificate authorities
    crlFile String
    Specifies the file name of the Certificate Revocation List. Only supported in IKEv1
    description String
    User defined description
    dpdDelay Integer
    Specifies the number of seconds between Dead Peer Detection messages
    generatePolicy String
    Enable or disable the generation of Security Policy Database entries(SPD) when the device is the responder of the IKE remote node
    lifetime Integer
    Defines the lifetime in minutes of an IKE SA which will be proposed in the phase 1 negotiations
    mode String
    Defines the exchange mode for phase 1 when racoon is the initiator, or the acceptable exchange mode when racoon is the responder
    myCertFile String
    Specifies the name of the certificate file object
    myCertKeyFile String
    Specifies the name of the certificate key file object
    myCertKeyPassphrase String
    Specifies the passphrase of the key used for my-cert-key-file
    myIdType String
    Specifies the identifier type sent to the remote host to use in the phase 1 negotiation
    myIdValue String
    Specifies the identifier value sent to the remote host in the phase 1 negotiation
    name String
    Name of the ike_peer
    natTraversal String
    Enables use of the NAT-Traversal IPsec extension
    passive String
    Specifies whether the local IKE agent can be the initiator of the IKE negotiation with this ike-peer
    peersCertFile String
    Specifies the peer’s certificate for authentication
    peersCertType String
    Specifies that the only peers-cert-type supported is certfile
    peersIdType String
    Specifies which of address, fqdn, asn1dn, user-fqdn or keyid-tag types to use as peers-id-type
    peersIdValue String
    Specifies the peer’s identifier to be received
    phase1AuthMethod String
    Specifies the authentication method used for phase 1 negotiation
    phase1EncryptAlgorithm String
    Specifies the encryption algorithm used for the isakmp phase 1 negotiation
    phase1HashAlgorithm String
    Defines the hash algorithm used for the isakmp phase 1 negotiation
    phase1PerfectForwardSecrecy String
    Defines the Diffie-Hellman group for key exchange to provide perfect forward secrecy
    presharedKey String
    Specifies the preshared key for ISAKMP SAs
    presharedKeyEncrypted String
    Display the encrypted preshared-key for the IKE remote node
    prf String
    Specifies the pseudo-random function used to derive keying material for all cryptographic operations
    proxySupport String
    If this value is enabled, both values of ID payloads in the phase 2 exchange are used as the addresses of end-point of IPsec-SAs
    remoteAddress String
    Specifies the IP address of the IKE remote node
    replayWindowSize Integer
    Specifies the replay window size of the IPsec SAs negotiated with the IKE remote node
    state String
    Enables or disables this IKE remote node
    trafficSelectors List<String>
    Specifies the names of the traffic-selector objects associated with this ike-peer
    verifyCert String
    Specifies whether to verify the certificate chain of the remote peer based on the trusted certificates in ca-cert-file
    versions List<String>
    Specifies which version of IKE to be used
    appService string
    The application service that the object belongs to
    caCertFile string
    the trusted root and intermediate certificate authorities
    crlFile string
    Specifies the file name of the Certificate Revocation List. Only supported in IKEv1
    description string
    User defined description
    dpdDelay number
    Specifies the number of seconds between Dead Peer Detection messages
    generatePolicy string
    Enable or disable the generation of Security Policy Database entries(SPD) when the device is the responder of the IKE remote node
    lifetime number
    Defines the lifetime in minutes of an IKE SA which will be proposed in the phase 1 negotiations
    mode string
    Defines the exchange mode for phase 1 when racoon is the initiator, or the acceptable exchange mode when racoon is the responder
    myCertFile string
    Specifies the name of the certificate file object
    myCertKeyFile string
    Specifies the name of the certificate key file object
    myCertKeyPassphrase string
    Specifies the passphrase of the key used for my-cert-key-file
    myIdType string
    Specifies the identifier type sent to the remote host to use in the phase 1 negotiation
    myIdValue string
    Specifies the identifier value sent to the remote host in the phase 1 negotiation
    name string
    Name of the ike_peer
    natTraversal string
    Enables use of the NAT-Traversal IPsec extension
    passive string
    Specifies whether the local IKE agent can be the initiator of the IKE negotiation with this ike-peer
    peersCertFile string
    Specifies the peer’s certificate for authentication
    peersCertType string
    Specifies that the only peers-cert-type supported is certfile
    peersIdType string
    Specifies which of address, fqdn, asn1dn, user-fqdn or keyid-tag types to use as peers-id-type
    peersIdValue string
    Specifies the peer’s identifier to be received
    phase1AuthMethod string
    Specifies the authentication method used for phase 1 negotiation
    phase1EncryptAlgorithm string
    Specifies the encryption algorithm used for the isakmp phase 1 negotiation
    phase1HashAlgorithm string
    Defines the hash algorithm used for the isakmp phase 1 negotiation
    phase1PerfectForwardSecrecy string
    Defines the Diffie-Hellman group for key exchange to provide perfect forward secrecy
    presharedKey string
    Specifies the preshared key for ISAKMP SAs
    presharedKeyEncrypted string
    Display the encrypted preshared-key for the IKE remote node
    prf string
    Specifies the pseudo-random function used to derive keying material for all cryptographic operations
    proxySupport string
    If this value is enabled, both values of ID payloads in the phase 2 exchange are used as the addresses of end-point of IPsec-SAs
    remoteAddress string
    Specifies the IP address of the IKE remote node
    replayWindowSize number
    Specifies the replay window size of the IPsec SAs negotiated with the IKE remote node
    state string
    Enables or disables this IKE remote node
    trafficSelectors string[]
    Specifies the names of the traffic-selector objects associated with this ike-peer
    verifyCert string
    Specifies whether to verify the certificate chain of the remote peer based on the trusted certificates in ca-cert-file
    versions string[]
    Specifies which version of IKE to be used
    app_service str
    The application service that the object belongs to
    ca_cert_file str
    the trusted root and intermediate certificate authorities
    crl_file str
    Specifies the file name of the Certificate Revocation List. Only supported in IKEv1
    description str
    User defined description
    dpd_delay int
    Specifies the number of seconds between Dead Peer Detection messages
    generate_policy str
    Enable or disable the generation of Security Policy Database entries(SPD) when the device is the responder of the IKE remote node
    lifetime int
    Defines the lifetime in minutes of an IKE SA which will be proposed in the phase 1 negotiations
    mode str
    Defines the exchange mode for phase 1 when racoon is the initiator, or the acceptable exchange mode when racoon is the responder
    my_cert_file str
    Specifies the name of the certificate file object
    my_cert_key_file str
    Specifies the name of the certificate key file object
    my_cert_key_passphrase str
    Specifies the passphrase of the key used for my-cert-key-file
    my_id_type str
    Specifies the identifier type sent to the remote host to use in the phase 1 negotiation
    my_id_value str
    Specifies the identifier value sent to the remote host in the phase 1 negotiation
    name str
    Name of the ike_peer
    nat_traversal str
    Enables use of the NAT-Traversal IPsec extension
    passive str
    Specifies whether the local IKE agent can be the initiator of the IKE negotiation with this ike-peer
    peers_cert_file str
    Specifies the peer’s certificate for authentication
    peers_cert_type str
    Specifies that the only peers-cert-type supported is certfile
    peers_id_type str
    Specifies which of address, fqdn, asn1dn, user-fqdn or keyid-tag types to use as peers-id-type
    peers_id_value str
    Specifies the peer’s identifier to be received
    phase1_auth_method str
    Specifies the authentication method used for phase 1 negotiation
    phase1_encrypt_algorithm str
    Specifies the encryption algorithm used for the isakmp phase 1 negotiation
    phase1_hash_algorithm str
    Defines the hash algorithm used for the isakmp phase 1 negotiation
    phase1_perfect_forward_secrecy str
    Defines the Diffie-Hellman group for key exchange to provide perfect forward secrecy
    preshared_key str
    Specifies the preshared key for ISAKMP SAs
    preshared_key_encrypted str
    Display the encrypted preshared-key for the IKE remote node
    prf str
    Specifies the pseudo-random function used to derive keying material for all cryptographic operations
    proxy_support str
    If this value is enabled, both values of ID payloads in the phase 2 exchange are used as the addresses of end-point of IPsec-SAs
    remote_address str
    Specifies the IP address of the IKE remote node
    replay_window_size int
    Specifies the replay window size of the IPsec SAs negotiated with the IKE remote node
    state str
    Enables or disables this IKE remote node
    traffic_selectors Sequence[str]
    Specifies the names of the traffic-selector objects associated with this ike-peer
    verify_cert str
    Specifies whether to verify the certificate chain of the remote peer based on the trusted certificates in ca-cert-file
    versions Sequence[str]
    Specifies which version of IKE to be used
    appService String
    The application service that the object belongs to
    caCertFile String
    the trusted root and intermediate certificate authorities
    crlFile String
    Specifies the file name of the Certificate Revocation List. Only supported in IKEv1
    description String
    User defined description
    dpdDelay Number
    Specifies the number of seconds between Dead Peer Detection messages
    generatePolicy String
    Enable or disable the generation of Security Policy Database entries(SPD) when the device is the responder of the IKE remote node
    lifetime Number
    Defines the lifetime in minutes of an IKE SA which will be proposed in the phase 1 negotiations
    mode String
    Defines the exchange mode for phase 1 when racoon is the initiator, or the acceptable exchange mode when racoon is the responder
    myCertFile String
    Specifies the name of the certificate file object
    myCertKeyFile String
    Specifies the name of the certificate key file object
    myCertKeyPassphrase String
    Specifies the passphrase of the key used for my-cert-key-file
    myIdType String
    Specifies the identifier type sent to the remote host to use in the phase 1 negotiation
    myIdValue String
    Specifies the identifier value sent to the remote host in the phase 1 negotiation
    name String
    Name of the ike_peer
    natTraversal String
    Enables use of the NAT-Traversal IPsec extension
    passive String
    Specifies whether the local IKE agent can be the initiator of the IKE negotiation with this ike-peer
    peersCertFile String
    Specifies the peer’s certificate for authentication
    peersCertType String
    Specifies that the only peers-cert-type supported is certfile
    peersIdType String
    Specifies which of address, fqdn, asn1dn, user-fqdn or keyid-tag types to use as peers-id-type
    peersIdValue String
    Specifies the peer’s identifier to be received
    phase1AuthMethod String
    Specifies the authentication method used for phase 1 negotiation
    phase1EncryptAlgorithm String
    Specifies the encryption algorithm used for the isakmp phase 1 negotiation
    phase1HashAlgorithm String
    Defines the hash algorithm used for the isakmp phase 1 negotiation
    phase1PerfectForwardSecrecy String
    Defines the Diffie-Hellman group for key exchange to provide perfect forward secrecy
    presharedKey String
    Specifies the preshared key for ISAKMP SAs
    presharedKeyEncrypted String
    Display the encrypted preshared-key for the IKE remote node
    prf String
    Specifies the pseudo-random function used to derive keying material for all cryptographic operations
    proxySupport String
    If this value is enabled, both values of ID payloads in the phase 2 exchange are used as the addresses of end-point of IPsec-SAs
    remoteAddress String
    Specifies the IP address of the IKE remote node
    replayWindowSize Number
    Specifies the replay window size of the IPsec SAs negotiated with the IKE remote node
    state String
    Enables or disables this IKE remote node
    trafficSelectors List<String>
    Specifies the names of the traffic-selector objects associated with this ike-peer
    verifyCert String
    Specifies whether to verify the certificate chain of the remote peer based on the trusted certificates in ca-cert-file
    versions List<String>
    Specifies which version of IKE to be used

    Package Details

    Repository
    f5 BIG-IP pulumi/pulumi-f5bigip
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the bigip Terraform Provider.
    f5bigip logo
    f5 BIG-IP v3.17.0 published on Thursday, Mar 28, 2024 by Pulumi