Working with VPNs
You can use the SMC API to configure gateways, certificates, VPN topology, and settings for VPNs.
The following data elements are used in VPN configuration.
| Data element | Data type | Parent element | Actions |
|---|---|---|---|
| vpn | VPN | elements | none |
| vpn_profile | VPN Profile | elements | none |
| gateway_profile | Gateway Profile | elements | none |
| gateway_settings | Gateway Settings | elements | none |
| gateway_certificate | Gateway Certificate | internal_gateway | certificate_export, renew |
| gateway_certificate_request | Gateway Certificate Request | internal_gateway | certificate_import, certificate_export, self_sign |
| internal_gateway | Internal Gateway | single_fw, fw_cluster, master_engine | generate_certificate |
| external_gateway | External Gateway | elements | none |
| vpn_certificate_authority | VPN Certificate Authority | elements | certificate_import, certificate_export |
Data elements for VPN configuration support the following standard operations:
- List (GET)
- Read (GET)
- Create (POST)
Note: The gateway_certificate and gateway_certificate_request data elements do not support the Create (POST) operation. You must use the generate_certificate action for the internal_gateway data element to create gateway_certificate and gateway_certificate_request data elements.
- Modify (PUT)
Note: The gateway_certificate and gateway_certificate_request data elements do not support the Modify (PUT) operation. You must use the generate_certificate action for the internal_gateway data element to modify gateway_certificate and gateway_certificate_request data elements.
- Delete (DELETE)