NAME

Brocade::BSC::Node::NC::Vrouter::VPN

DESCRIPTION

Create and modify vpn configuration on a Vyatta virtual router controlled by a Brocade::BSC controller.

new

Creates and returns a new Brocade::BSC::Node::NC::Vrouter::VPN object.

as_json

# Returns   : VPN as formatted JSON string.

get_payload

# Returns   : VPN configuration as JSON for posting to controller.

set_ipsec_ike_group_proposal

# Parameters: group      => name of IKE group to modify
#           : tagnode    => proposal identifier
#           : encryption => one of 'aes128', 'aes256', '3des'
#           : hash       => 'sha1' or 'md5'
#           : dh_group   =>
# Returns   : list of proposals

set_ipsec_ike_group_lifetime

# Parameters: group    => name of IKE group to modify
#           : lifetime => to apply to group
# Returns   : lifetime

set_ipsec_esp_group_proposal

# Parameters: group      => name of ESP group to modify
#           : tagnode    => proposal identifier
#           : encryption => one of 'aes128', 'aes256', '3des'
#           : hash       => 'sha1' or 'md5'
# Returns   : list of proposals

set_ipsec_esp_group_lifetime

# Parameters: group    => name of ESP group to modify
#           : lifetime => to apply to group
# Returns   : lifetime

ipsec_site_site_peer_description

# Parameters: peertag => identifier for peer entry to modify
#           : description

ipsec_site_site_peer_auth_mode

# Parameters: peertag => identifier for peer entry to modify
#           : auth_mode

ipsec_site_site_peer_auth_psk

# Parameters: peertag => identifier for peer entry to modify
#           : psk     => pre-shared secret key

ipsec_site_site_peer_auth_rsa_key_name

# Parameters: peertag => identifier for peer entry to modify
#           : rsa_key_name

ipsec_site_site_peer_auth_remote_id

# Parameters: peertag => identifer for peer entry to modify
#           : remote_id

ipsec_site_site_peer_auth_ca_cert_file

# Parameters: peertag => identifier for peer entry to modify
#           : path to certificate authority certificate

ipsec_site_site_peer_auth_srv_cert_file

# Parameters: peertag => identifier for peer entry to modify
#           : path to server certificate

ipsec_site_site_peer_auth_srv_key_file

# Parameters: peertag => identifier for peer entry to modify
#           : path to key file for server certificate

ipsec_site_site_peer_auth_srv_key_pswd

# Parameters: peertag => identifier for peer entry to modify
#           : password for server cert key file

ipsec_site_site_peer_dflt_esp_grp

# Parameters: peertag => identifier for peer entry to modify
#           : esp_group => identifier for ESP group to use with this peer

ipsec_site_site_peer_ike_grp

# Parameters: peertag => identifier for peer entry to modify
#             ike_group => identifier for IKE group to use with this peer

ipsec_site_site_peer_local_addr

# Parameters: peertag => identifier for peer entry to modify
#           : local_address => IP address on this vrouter for
#                              ipsec connection

ipsec_site_site_peer_tunnel_local_pfx

# Parameters: peer   => identifier for peer entry to modify
#             tunnel => identifier for tunnel to modify
#             subnet => local subnet routed via tunnel

ipsec_site_site_peer_tunnel_remote_pfx

# Parameters: peer   => identifier for peer entry to modify
#             tunnel => identifier for tunnel to modify
#             subnet => remote subnet routed via tunnel

nat_allow_network

# Parameters: subnet to be allowed through NAT, CIDR notation (w.x.y.z/d)
# Returns   : allowed network list

Append a permitted IP subnet to list of permitted subnets.

nat_traversal

# Parameters: boolean: enable/disable NAT traversal
# Returns   : current setting

Set or retrieve the NAT traversal flag.

l2tp_remote_access_user

# Parameters: hash {'name' => ..., 'pswd' => ...}
# Returns   : current list of user/password entries

Append a user to list of authorized users.

l2tp_remote_access_user_auth_mode

# Parameters: mode
# Returns   : current mode

Set or retrieve authentication mode.

l2tp_remote_access_client_ip_pool

# Parameters: 'start' => IPADDR, 'end' => IPADDR
# Returns   : current cilent IP pool

Set or retrieve the IP address range that will be used for assigning addresses to remote VPN connected nodes.

l2tp_remote_access_description

# Parameters: description string
# Returns   : description string

Set or retrieve the VPN description.

l2tp_remote_access_dhcp_interface

# Parameters:
# Returns   :

l2tp_remote_access_primary_dns_server

# Parameters: IP address of DNS server
# Returns   : current primary DNS server

Set or retrieve primary DNS server IP address.

l2tp_remote_access_secondary_dns_server

# Parameters: IP address of DNS server
# Returns   : current secondary DNS server

Set or retrieve secondary DNS server IP address.

l2tp_remote_access_primary_wins_server

# Parameters: IP address of WINS server
# Returns   : current primary WINS server

Set or retrieve primary WINS server IP address.

l2tp_remote_access_secondary_wins_server

# Parameters: IP address of WINS server
# Returns   : current secondary WINS server

Set or retrieve secondary WINS server IP address.

ipsec_auth_mode

# Parameters: ipsec authentication mode
# Returns   : current mode

auth_psk

# Parameters: pre-shared secret key for ipsec vpn
# Returns   : psk

auth_ca_cert_file

# Parameters: path to file on vrouter containing x509 certificate
#             of trusted certificate authority
# Returns   : file path

auth_crl_file

# Parameters: path to file on vrouter containing x509 certificate
#             revocation list
# Returns   : file path

auth_srv_cert_file

# Parameters: path to file on vrouter containing x509 server certificate
# Returns   : file path

auth_srv_key_file

# Parameters: path to file on vrouter containing x509 key
# Returns   : file path

l2tp_remote_access_ipsec_auth_srv_key_pswd

# Parameters: path to file on vrouter containing x509 key password
# Returns   : file path

l2tp_remote_access_mtu

# Parameters: maximum transmission unit to apply [128..16384]
# Returns   : current MTU

l2tp_remote_access_outside_address

# Parameters: IP address
# Returns   : current l2tp external IP address

l2tp_remote_access_outside_nexthop

# Parameters: IP address
# Returns   : current l2tp gateway address

l2tp_remote_access_server_ip_pool

# Parameters: start => IP_ADDRESS
#           : end   => IP_ADDRESS
# Returns   :

local_key

# Parameters: path to file on local system containing RSA key
# Returns   : current path

rsa_key

# Parameters:
# Returns   :

LICENCE AND COPYRIGHT

Copyright (c) 2015, BROCADE COMMUNICATIONS SYSTEMS, INC

All rights reserved.

Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:

1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.

2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.

3. Neither the name of the copyright holder nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission.

THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.