-
addCustomerSubnetToNetworkTunnel
Associates a remote subnet to the network tunnel. When a remote subnet is associated, a network tunnel will allow the customer (remote) network to communicate with the private and service subnets on the SoftLayer network which are on the other end of this network tunnel.
NOTE: A network tunnel's configurations must be applied to the network device in order for the association described above to take effect.
-
addPrivateSubnetToNetworkTunnel
Associates a private subnet to the network tunnel. When a private subnet is associated, the network tunnel will allow the customer (remote) network to access the private subnet.
NOTE: A network tunnel's configurations must be applied to the network device in order for the association described above to take effect.
-
addServiceSubnetToNetworkTunnel
Associates a service subnet to the network tunnel. When a service subnet is associated, a network tunnel will allow the customer (remote) network to communicate with the private and service subnets on the SoftLayer network which are on the other end of this network tunnel. Service subnets provide access to SoftLayer services such as the customer management portal and the SoftLayer API.
NOTE: A network tunnel's configurations must be applied to the network device in order for the association described above to take effect.
-
applyConfigurationsToDevice
An asynchronous task will be created to apply the IPSec network tunnel's configuration to network devices. During this time, an IPSec network tunnel cannot be modified in anyway. Only one network tunnel configuration task can be created at a time. If a task has already been created and has not completed, a new task cannot be created.
-
createAddressTranslation
Create an address translation for a network tunnel.
To create an address translation, ip addresses from an assigned /30 static route subnet are used. Address translations deliver packets to a destination ip address that is on a customer (remote) subnet.
NOTE: A network tunnel's configurations must be applied to the network device in order for an address translation to be created.
-
createAddressTranslations
This has the same functionality as the SoftLayer_Network_Tunnel_Module_Context::createAddressTranslation. However, it allows multiple translations to be passed in for creation.
NOTE: A network tunnel's configurations must be applied to the network device in order for the address translations to be created.
-
deleteAddressTranslation
Remove an existing address translation from a network tunnel.
Address translations deliver packets to a destination ip address that is on a customer subnet (remote).
NOTE: A network tunnel's configurations must be applied to the network device in order for an address translation to be deleted.
-
downloadAddressTranslationConfigurations
Provides all of the address translation configurations for an IPSec VPN tunnel in a text file
-
downloadParameterConfigurations
Provides all of the configurations for an IPSec VPN network tunnel in a text file
-
editAddressTranslation
Edit name, source (SoftLayer IP) ip address and/or destination (Customer IP) ip address for an existing address translation for a network tunnel.
Address translations deliver packets to a destination ip address that is on a customer (remote) subnet.
NOTE: A network tunnel's configurations must be applied to the network device in order for an address translation to be created.
-
editAddressTranslations
Edit name, source (SoftLayer IP) ip address and/or destination (Customer IP) ip address for existing address translations for a network tunnel.
Address translations deliver packets to a destination ip address that is on a customer (remote) subnet.
NOTE: A network tunnel's configurations must be applied to the network device in order for an address translation to be modified.
-
editObject
Negotiation parameters for both phases one and two are editable. Here are the phase one and two parameters that can modified:
*Phase One **Authentication ***Default value is set to MD5. ***Valid Options are: MD5, SHA1, SHA256. **Encryption ***Default value is set to 3DES. ***Valid Options are: DES, 3DES, AES128, AES192, AES256. **Diffie-Hellman Group ***Default value is set to 2. ***Valid Options are: 0 (None), 1, 2, 5. **Keylife ***Default value is set to 3600. ***Limits are: MIN = 120, MAX = 172800 **Preshared Key *Phase Two **Authentication ***Default value is set to MD5. ***Valid Options are: MD5, SHA1, SHA256. **Encryption ***Default value is set to 3DES. ***Valid Options are: DES, 3DES, AES128, AES192, AES256. **Diffie-Hellman Group ***Default value is set to 2. ***Valid Options are: 0 (None), 1, 2, 5. **Keylife ***Default value is set to 28800. ***Limits are: MIN = 120, MAX = 172800 **Perfect Forward Secrecy ***Valid Options are: Off = 0, On = 1. ***NOTE: If perfect forward secrecy is turned On (set to 1), then a phase 2 diffie-hellman group is required.
The remote peer address for the network tunnel may also be modified if needed. Invalid options will not be accepted and will cause an exception to be thrown. There are properties that provide valid options and limits for each negotiation parameter. Those properties are as follows: * encryptionDefault * encryptionOptions * authenticationDefault * authenticationOptions * diffieHellmanGroupDefault * diffieHellmanGroupOptions * phaseOneKeylifeDefault * phaseTwoKeylifeDefault * keylifeLimits
Configurations cannot be modified if a network tunnel's requires complex manual setups/configuration modifications by the SoftLayer Network department. If the former is required, the configurations for the network tunnel will be locked until the manual configurations are complete. A network tunnel's configurations are applied via a transaction. If a network tunnel configuration change transaction is currently running, the network tunnel's setting cannot be modified until the running transaction completes.
NOTE: A network tunnel's configurations must be applied to the network device in order for the modifications made to take effect.
-
getAccount
The account that a network tunnel belongs to.
-
getActiveTransaction
DEPRECATED
-
getAddressTranslationConfigurations
The address translations will be returned. All the translations will be formatted so that the configurations can be copied into a host file.
Format:
{address translation SoftLayer IP Address} {address translation name}
-
getAddressTranslations
A network tunnel's address translations.
-
getAllAvailableServiceSubnets
Subnets that provide access to SoftLayer services such as the management portal and the SoftLayer API.
-
getAuthenticationDefault
The default authentication type used for both phases of the negotiation process. The default value is set to MD5.
-
getAuthenticationOptions
Authentication options available for both phases of the negotiation process.
The authentication options are as follows: * MD5 * SHA1 * SHA256
-
getBillingItem
The current billing item for network tunnel.
-
getCustomerSubnets
Remote subnets that are allowed access through a network tunnel.
-
getDatacenter
The datacenter location for one end of the network tunnel that allows access to account's private subnets.
-
getDiffieHellmanGroupDefault
The default Diffie-Hellman group used for both phases of the negotiation process. The default value is set to 2.
-
getDiffieHellmanGroupOptions
The Diffie-Hellman group options used for both phases of the negotiation process.
The diffie-hellman group options are as follows: * 0 (None) * 1 * 2 * 5
-
getEncryptionDefault
The default encryption type used for both phases of the negotiation process. The default value is set to 3DES.
-
getEncryptionOptions
Encryption options available for both phases of the negotiation process.
The valid encryption options are as follows: * DES * 3DES * AES128 * AES192 * AES256
-
getInternalSubnets
Private subnets that can be accessed through the network tunnel.
-
getKeylifeLimits
The keylife limits. Keylife max limit is set to 120. Keylife min limit is set to 172800.
-
getObject
getObject retrieves the SoftLayer_Network_Tunnel_Module_Context object whose ID number corresponds to the ID number of the init parameter passed to the SoftLayer_Network_Tunnel_Module_Context service. The IPSec network tunnel will be returned if it is associated with the account and the user has proper permission to manage network tunnels.
-
getParameterConfigurationsForCustomerView
All of the IPSec VPN tunnel's configurations will be returned. It will list all of phase one and two negotiation parameters. Both remote and local subnets will be provided as well. This is useful when the configurations need to be passed on to another team and/or company for internal network configuration.
-
getPhaseOneKeylifeDefault
The default phase 1 keylife used if a value is not provided. The default value is set to 3600.
-
getPhaseTwoKeylifeDefault
The default phase 2 keylife used if a value is not provided. The default value is set to 28800.
-
getServiceSubnets
Service subnets that can be access through the network tunnel.
-
getStaticRouteSubnets
Subnets used for a network tunnel's address translations.
-
getTransactionHistory
DEPRECATED
-
removeCustomerSubnetFromNetworkTunnel
Disassociate a customer subnet (remote) from a network tunnel. When a remote subnet is disassociated, that subnet will not able to communicate with private and service subnets on the SoftLayer network.
NOTE: A network tunnel's configurations must be applied to the network device in order for the disassociation described above to take effect.
-
removePrivateSubnetFromNetworkTunnel
Disassociate a private subnet from a network tunnel. When a private subnet is disassociated, the customer (remote) subnet on the other end of the tunnel will not able to communicate with the private subnet that was just disassociated.
NOTE: A network tunnel's configurations must be applied to the network device in order for the disassociation described above to take effect.
-
removeServiceSubnetFromNetworkTunnel
Disassociate a service subnet from a network tunnel. When a service subnet is disassociated, that customer (remote) subnet on the other end of the network tunnel will not able to communicate with that service subnet on the SoftLayer network.
NOTE: A network tunnel's configurations must be applied to the network device in order for the disassociation described above to take effect.
-
SoftLayer_Network_Tunnel_Module_Context
The SoftLayer_Network_Tunnel_Module_Context data type contains general information relating to a single SoftLayer network tunnel. The SoftLayer_Network_Tunnel_Module_Context is useful to gather information such as related customer subnets (remote) and internal subnets (local) associated with the network tunnel as well as other information needed to manage the network tunnel. Account and billing information related to the network tunnel can also be retrieved.
-
SoftLayer_Network_Tunnel_Module_Context
A SoftLayer network tunnel allows customer to authenticate and encrypt all IP traffic between two locations.
Manage the entire network tunnel using this service. The SoftLayer_Network_Tunnel_Module_Context allows customers to manage subnets on both ends of the network tunnel. Address translations can also be managed. SoftLayer also provides the ability to apply the network tunnel configurations on the SoftLayer network devices.