Gaia API include VPN shell functionalities

Idea created by Kim Moberg on Jan 18, 2019
    Active
    Score5
    • Heiko Ankenbrand

    It is with great pleasure and expectation see the Gaia API today are GA.

    Since the Mgmt API was released in R80.xx one can see need features being added from new R80.xx takes and HF.

     

    It could really be useful to include VPN shell functionality into the Gaia API.

     

    I have been wondering if it include methods like these CLISH vpn shell commands which I have been freely translated

     

    This is freely translated API method function which doesn’t exist.

    https://{{ip}}/gaia_api/vpn/show-tunnels-ike  (features show all peers, or peers ip)

    https://{{ip}}/gaia_api/vpn/show-tunnels-IPsec  (features show all peers, or peers ip)

    https://{{ip}}/gaia_api/vpn/delete-ipsec-tunnel-all 

    https://{{ip}}/gaia_api/vpn/delete-ipsec-tunnel-peer 

    https://{{ip}}/gaia_api/vpn/delete-ipsec-peer-username 

    https://{{ip}}/gaia_api/vpn/delete-all-tunnels 

    https://{{ip}}/gaia_api/vpn/delete-peer-username 

     

    For example for showing all active IPSec tunnels and how to reset tunnel

     

     

    Request method

    Response

    Get

    https://{{ip}}/gaia_api/vpn/show-tunnels-IPsec

     

    Content-Type: application/json

     

    (based on Expert #> vpn shell show tunnels ipsec all

    {

                          "remote-peer": "217.xxx.xxx.146"

                          "vpn-communityname": "Remote sites ZXY"

                          "ipsec-sa":

                                                {

                                                                      "ike-sa": "c5bf21bb5f1b27eb,a0dc9fa2de73855c"

                                                                     "inbound": "0xc2dc246c   (i: 0)"

                                                                     "outbound": "0x58db2b95   (i: 0)"

                                                }

                          "ipsec-sa":

                                                {

                                                                     "ike-sa": "386c4def8aa3f384,0c32301399c84669"

                                                                     "inbound": "0xb3cfd2     (i: 3)"

                                                                     "outbound": "0xf272e798   (i: 3)"

                                                }

    }

    PUT

    https://{{ip}}/gaia_api/vpn/delete-ipsec-tunnel-peer

    Content-Type: application/json

     

    (based on Expert #> vpn tu del ipsec 217.xxx.xxx.146

    {

                          "remote-peer": "217.xxx.xxx.146"

    }

     

    Question I ask last summer 2018

     

    VPN tunnel Reset via API 

     

    Let me hear what you all think of adding these VPN method?

     

    Thanks

     

    Kim