Introduction
The VNS3 API provides a programmable interface on top of your network edge. This allows you to automate your network infrastructure deployment and reactive behavior to real time events.
Getting started
The fastest way to get started is by launching a free version of VNS3 in your cloud of choice. (Trying to run programmable SDN appliance on prem? We can run anywhere - Get in touch at support@cohesive.net)
We have free versions as well as bring-your-own-license images ready for any and all environments:
- AWS Marketplace
- Azure Marketplace
- Google Cloud - Send an email at support@cohesive.net or open a support request and we can share an image with your account.
SDKs and Clients
Currently we support a python SDK and ruby CLI.
- Python SDK - Use python3 to configure your network edge VNS3 controllers
- Ruby CLI
We have a zero-dependency CLI in the roadmap!
Topology starters
We provide some topology starters to get going with fully automating the build of your network here. https://github.com/cohesive/vns3-infra-templates.git. We'll be continually updating and revising this, with user input.
Don't see your use case there? Looking to use cloudformation or Azure Resource Templates? Get in touch. We'd be happy to help you get going with your automation of choice.
Some cloud quickstarts:
- AWS Quickstart with Cloudformation
- Azure Quickstart with Azure Resource Manager
# Spin up VNS3 controller mesh
module "vns3_mesh" {
source = "github.com/cohesive/vns3-infra-templates.git//modules/aws-vns3-public"
topology_name = "${var.topology_name}"
vns3_version = "${var.vns3_version}" # searches for latest AMI of version
vns3_license_type = "byol"
vns3_instance_type = "${var.vns3_instance_type}"
vns3_account_owner = "${var.vns3_account_owner}"
vpc_id = "${module.aws_vpc.vpc_id}"
vpc_route_table_id = "${module.aws_vpc.route_table_id}"
access_cidr = "${var.access_cidr}"
client_cidrs = ["${var.client_cidrs}"]
subnet_ids = "${length(module.aws_vpc.subnet_ids) == 0 ? [] : slice(module.aws_vpc.subnet_ids, 0, var.vns3_instance_count)}"
common_tags = "${var.common_tags}"
}
VNS3 Controller API v4.11.3
Cohesive networks VNS3 provides complete control of your network's addressing, routes, rules and edge enabling a secure, connected and reactive cloud network.
Base URLs:
Terms of service Email: Cohesive Networks Support team Web: Cohesive Networks Support team
Authentication
# Authenticate via cURL with user:password
curl -X GET -u api:myapipassword https://55.55.55.55:8000/api/config
from cohesivenet import VNS3Client, Configuration
vns3_client = VNS3Client(
configuration=Configuration(
host="55.55.55.55:8000",
username="api",
password="myapipassword",
verify_ssl=False, # if SSL Certs installed, set to True
)
)
- HTTP Authentication, scheme: basic
System Administration
Sysadmin functions for system status, device access and system actions
Get remote support
Code samples
# You can also use wget
curl -X GET -u api:myapipassword https://vns3-host:8000/api/remote_support \
-H 'Accept: application/json'
from cohesivenet import VNS3Client
api_response = vns3_client.sys_admin.get_remote_support_details()
print(api_response.json())
GET /remote_support
Get remote support configuration details
Example responses
200 Response
{
"enabled": true
}
Authentication information missing or invalid
{
"error": {
"name": "UnauthorizedError",
"log": "1563472268929826518356034508450851266833526",
"message": "Invalid or expired token"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Accepted | Inline |
| 401 | Unauthorized | Authentication information missing or invalid | Inline |
Response Schema
Status Code 200
RemoteSupportConfigResponse
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| response | object | false | - | - |
| enabled | boolean | false | - | - |
Update remote support config
Code samples
# You can also use wget
curl -X PUT -u api:myapipassword https://vns3-host:8000/api/remote_support \
-H 'Content-Type: application/json' \
-H 'Accept: application/json'
from cohesivenet import VNS3Client
api_response = vns3_client.sys_admin.put_update_remote_support(
enabled=enabled,
revoke_credential=revoke_credential)
print(api_response.json())
PUT /remote_support
Enables and disables remote support. Revokes the validity of current remote support keypair
Body parameter
{
"enabled": true,
"revoke_credential": true
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| enabled | body | boolean | false | True if remote support should be enabled |
| revoke_credential | body | boolean | false | True if remote support credential should be revoked |
Example responses
200 Response
{
"enabled": true,
"revoke_credential": false
}
400 Response
{
"error": {
"name": "APIArgumentError",
"log": "156347731532179638778333642624237974834407",
"message": "enabled is invalid"
}
}
Authentication information missing or invalid
{
"error": {
"name": "UnauthorizedError",
"log": "1563472268929826518356034508450851266833526",
"message": "Invalid or expired token"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Accepted | Inline |
| 400 | Bad Request | Bad request | Inline |
| 401 | Unauthorized | Authentication information missing or invalid | Inline |
Response Schema
Status Code 200
RemoteSupportStatusResponse
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| response | object | false | - | - |
| enabled | boolean | false | - | - |
| revoke_credential | boolean | false | - | - |
Status Code 400
Error
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| error | object | false | - | - |
| name | string | false | - | - |
| log | string | false | - | - |
| message | string | false | - | - |
Generate support keypair
Code samples
# You can also use wget
curl -X POST -u api:myapipassword https://vns3-host:8000/api/remote_support/keypair \
-H 'Content-Type: text/plain' \
-H 'Accept: application/octet-stream'
from cohesivenet import VNS3Client
api_response = vns3_client.sys_admin.post_generate_support_keypair()
print(api_response.file_download) # path to downloaded file
POST /remote_support/keypair
Generating a remote support key which can be shared with Cohesive to provide access to the internal of the VNS3 Manager remotely as a "one time key". Once Cohesive has used the key it can be revoked and access terminated.
Body parameter
string
Example responses
201 Response
"string"
400 Response
{
"error": {
"name": "APIArgumentError",
"log": "156347797058992573673734848595852371200179",
"message": "Bad encrypted passphrase"
}
}
Authentication information missing or invalid
{
"error": {
"name": "UnauthorizedError",
"log": "1563472268929826518356034508450851266833526",
"message": "Invalid or expired token"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 201 | Created | SSH key .pem file | string |
| 400 | Bad Request | Bad request | Inline |
| 401 | Unauthorized | Authentication information missing or invalid | Inline |
Response Schema
Status Code 400
Error
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| error | object | false | - | - |
| name | string | false | - | - |
| log | string | false | - | - |
| message | string | false | - | - |
Get cloud details
Code samples
# You can also use wget
curl -X GET -u api:myapipassword https://vns3-host:8000/api/cloud_data \
-H 'Accept: application/json'
from cohesivenet import VNS3Client
api_response = vns3_client.sys_admin.get_cloud_data()
print(api_response.json())
GET /cloud_data
Returns cloud-specific data depending upon cloud type. Supports EC2 and GCE. More clouds coming soon.
Example responses
200 Response
{
"response": {
"cloud_type": "ec2",
"cloud_data": {
"accountId": "10801293012",
"availabilityZone": "us-east-1a",
"ramdiskId": null,
"kernelId": null,
"pendingTime": "2019-07-19T21:45:07Z",
"architecture": "x86_64",
"privateIp": "192.168.1.211",
"devpayProductCodes": null,
"marketplaceProductCodes": null,
"version": "2017-09-30",
"region": "us-east-1",
"imageId": "ami-8400209011nsd0111",
"billingProducts": null,
"instanceId": "i-123123asdf0t41211",
"instanceType": "t2.micro"
}
}
}
Authentication information missing or invalid
{
"error": {
"name": "UnauthorizedError",
"log": "1563472268929826518356034508450851266833526",
"message": "Invalid or expired token"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
| 401 | Unauthorized | Authentication information missing or invalid | Inline |
Response Schema
Status Code 200
CloudInfoDetail
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| response | object | false | - | - |
| cloud_type | string | false | - | ec2, gce, azure, hpcloud, centurylink |
| cloud_data | any | false | - | - |
oneOf
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| any | object | false | - | Metadata returned from AWS instance metadata call. |
| accountId | string | false | - | - |
| availabilityZone | string | false | - | - |
| ramdiskId | string¦null | false | - | - |
| kernelId | string¦null | false | - | - |
| pendingTime | string | false | - | - |
| architecture | string | false | - | - |
| privateIp | string | false | - | - |
| devpayProductCodes | string¦null | false | - | - |
| marketplaceProductCodes | string¦null | false | - | - |
| version | string | false | - | - |
| region | string | false | - | - |
| imageId | string | false | - | - |
| billingProducts | string¦null | false | - | - |
| instanceId | string | false | - | - |
| instanceType | string | false | - | - |
xor
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| any | object | false | - | Metadata returned from GCE metadata call. |
| projectId | string | false | - | - |
Take server action
Code samples
# You can also use wget
curl -X PUT -u api:myapipassword https://vns3-host:8000/api/server \
-H 'Content-Type: application/json' \
-H 'Accept: application/json'
from cohesivenet import VNS3Client
api_response = vns3_client.sys_admin.put_server_action(
reboot=reboot)
print(api_response.json())
PUT /server
Server action for VNS3 controller. Currently only reboot supported.
Body parameter
{
"reboot": true
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| reboot | body | boolean | false | - |
Example responses
200 Response
{
"response": {
"status": "rebooting"
}
}
400 Response
{
"error": {
"name": "APIArgumentError",
"log": "156348220177382578437853325229350053485636",
"message": "Nothing to do"
}
}
Authentication information missing or invalid
{
"error": {
"name": "UnauthorizedError",
"log": "1563472268929826518356034508450851266833526",
"message": "Invalid or expired token"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Accepted | Inline |
| 400 | Bad Request | Bad request | Inline |
| 401 | Unauthorized | Authentication information missing or invalid | Inline |
Response Schema
Status Code 200
SimpleStatusResponse
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| response | object | false | - | - |
| status | string | false | - | - |
Status Code 400
Error
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| error | object | false | - | - |
| name | string | false | - | - |
| log | string | false | - | - |
| message | string | false | - | - |
Get runtime status
Code samples
# You can also use wget
curl -X GET -u api:myapipassword https://vns3-host:8000/api/status \
-H 'Accept: application/json'
from cohesivenet import VNS3Client
api_response = vns3_client.sys_admin.get_runtime_status()
print(api_response.json())
GET /status
Describe Runtime status details
Example responses
200 Response
{
"response": {
"connected_clients": {
"property1": {
"managerid": 1,
"overlay_ipaddress": "string",
"ipaddress": "string",
"tags": {
"property1": "string",
"property2": "string"
}
},
"property2": {
"managerid": 1,
"overlay_ipaddress": "string",
"ipaddress": "string",
"tags": {
"property1": "string",
"property2": "string"
}
}
},
"connected_subnets": [
[
"string"
]
],
"ipsec": {
"property1": {
"id": 1,
"local_subnet": "string",
"remote_subnet": "string",
"endpointid": 1,
"endpoint_id": 1,
"endpoint_name": "string",
"enabled": true,
"active": true,
"description": "string",
"bounce": true,
"connected": true,
"ping_interface": "eth0",
"ping_interval": 0,
"ping_ipaddress": "string",
"tunnel_params": {
"phase2": "string",
"outbound_spi": "string",
"inbound_spi": "string",
"bytes_in": "string",
"bytes_out": "string",
"esp_time_remaining": "string",
"esp_port": "string",
"phase2_algo": "string",
"phase2_hash": "string",
"nat_t": "string",
"dpd": "string",
"pfs_dh_group": "string",
"phase1": "string",
"isakmp_port": "string",
"isakmp_time_remaining": "string",
"last_dpd": "string",
"phase1_cipher": "string",
"phase1_prf": "string",
"phase1_dh_group": "string",
"ike_version": "string"
}
},
"property2": {
"id": 1,
"local_subnet": "string",
"remote_subnet": "string",
"endpointid": 1,
"endpoint_id": 1,
"endpoint_name": "string",
"enabled": true,
"active": true,
"description": "string",
"bounce": true,
"connected": true,
"ping_interface": "eth0",
"ping_interval": 0,
"ping_ipaddress": "string",
"tunnel_params": {
"phase2": "string",
"outbound_spi": "string",
"inbound_spi": "string",
"bytes_in": "string",
"bytes_out": "string",
"esp_time_remaining": "string",
"esp_port": "string",
"phase2_algo": "string",
"phase2_hash": "string",
"nat_t": "string",
"dpd": "string",
"pfs_dh_group": "string",
"phase1": "string",
"isakmp_port": "string",
"isakmp_time_remaining": "string",
"last_dpd": "string",
"phase1_cipher": "string",
"phase1_prf": "string",
"phase1_dh_group": "string",
"ike_version": "string"
}
}
}
}
}
Authentication information missing or invalid
{
"error": {
"name": "UnauthorizedError",
"log": "1563472268929826518356034508450851266833526",
"message": "Invalid or expired token"
}
}
403 Response
{
"unlicensedExample": {
"value": {
"error": {
"name": "PrerequisiteError",
"log": "1563472268929826518356034508450851266833526",
"message": "Must be licensed first."
}
}
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
| 401 | Unauthorized | Authentication information missing or invalid | Inline |
| 403 | Forbidden | Request Forbidden - operation not allowed | Inline |
Response Schema
Status Code 200
RuntimeStatusDetail
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| response | object | false | - | - |
| connected_clients | object | false | - | clients keyed by ip address |
| OverlayClient | object | false | - | - |
| managerid | integer | false | - | - |
| overlay_ipaddress | string | false | - | - |
| ipaddress | string | false | - | - |
| tags | object | false | - | Key, value object of tags |
| additionalProperties | string | false | - | - |
| connected_subnets | [array] | false | - | Array of arrays with each element of length 2 representing [network, subnet mask] |
| ipsec | object | false | - | IPSEC tunnels keyed by tunnel ID |
| IpsecTunnel | object | false | - | - |
| id | integer | false | - | - |
| local_subnet | string | false | - | - |
| remote_subnet | string | false | - | - |
| endpointid | integer | false | - | - |
| endpoint_id | integer | false | - | - |
| endpoint_name | string | false | - | - |
| enabled | boolean | false | - | - |
| active | boolean | false | - | - |
| description | string¦null | false | - | - |
| bounce | boolean | false | - | True if tunnel was just bounced |
| connected | boolean | false | - | - |
| ping_interface | string | false | - | - |
| ping_interval | integer¦null | false | - | Interval for ping in seconds |
| ping_ipaddress | string | false | - | - |
| tunnel_params | object | false | - | - |
| phase2 | string | false | - | - |
| outbound_spi | string | false | - | - |
| inbound_spi | string | false | - | - |
| bytes_in | string | false | - | - |
| bytes_out | string | false | - | - |
| esp_time_remaining | string | false | - | - |
| esp_port | string | false | - | - |
| phase2_algo | string | false | - | - |
| phase2_hash | string | false | - | - |
| nat_t | string | false | - | - |
| dpd | string | false | - | - |
| pfs_dh_group | string¦null | false | - | - |
| phase1 | string | false | - | - |
| isakmp_port | string | false | - | - |
| isakmp_time_remaining | string | false | - | - |
| last_dpd | string | false | - | - |
| phase1_cipher | string¦null | false | - | - |
| phase1_prf | string¦null | false | - | - |
| phase1_dh_group | string¦null | false | - | - |
| ike_version | string | false | - | - |
Enumerated Values
| Property | Value |
|---|---|
| ping_interface | eth0 |
| ping_interface | tun0 |
Get system status
Code samples
# You can also use wget
curl -X GET -u api:myapipassword https://vns3-host:8000/api/status/system \
-H 'Accept: application/json'
from cohesivenet import VNS3Client
api_response = vns3_client.sys_admin.get_system_status(
timestamp=timestamp)
print(api_response.json())
GET /status/system
Provides information about the underlying appliance; memory, cpu, disk space, etc.
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| timestamp | query | integer | false | Unix timestamp |
Example responses
200 Response
{
"response": {
"timestamp": "string",
"timestamp_i": 0,
"vns3_version": "string",
"kernel_version": "string",
"uptime": 0,
"loadavg": [
"string"
],
"diskinfo": [
[
"string"
]
],
"meminfo": [
"string"
],
"swapinfo": [
"string"
],
"container_system": {
"container_system_running": true,
"images_limit": 0,
"images_stored": 0,
"containers_limit": 0,
"containers_active": 0,
"container_network": "string"
},
"data": {
"sysstat": [
[
"vnscubed",
"597",
"1564089901",
"all",
"%user",
"2.91"
],
[
"vnscubed",
"597",
"1564089901",
"all",
"%nice",
"0.02"
],
[
"vnscubed",
"597",
"1564089901",
"all",
"%system",
"1.49"
],
[
"vnscubed",
"597",
"1564089901",
"all",
"%iowait",
"0.51"
],
[
"vnscubed",
"597",
"1564089901",
"all",
"%steal",
"0.01"
]
]
}
}
}
Authentication information missing or invalid
{
"error": {
"name": "UnauthorizedError",
"log": "1563472268929826518356034508450851266833526",
"message": "Invalid or expired token"
}
}
403 Response
{
"unlicensedExample": {
"value": {
"error": {
"name": "PrerequisiteError",
"log": "1563472268929826518356034508450851266833526",
"message": "Must be licensed first."
}
}
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
| 401 | Unauthorized | Authentication information missing or invalid | Inline |
| 403 | Forbidden | Request Forbidden - operation not allowed | Inline |
Response Schema
Status Code 200
SystemStatusDetail
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| response | object | false | - | - |
| timestamp | string | false | - | - |
| timestamp_i | integer | false | - | - |
| vns3_version | string | false | - | - |
| kernel_version | string | false | - | - |
| uptime | integer | false | - | - |
| loadavg | [string] | false | - | - |
| diskinfo | [array] | false | - | - |
| meminfo | [string] | false | - | - |
| swapinfo | [string] | false | - | - |
| container_system | object | false | - | - |
| container_system_running | boolean | false | - | - |
| images_limit | integer | false | - | - |
| images_stored | integer | false | - | - |
| containers_limit | integer | false | - | - |
| containers_active | integer | false | - | - |
| container_network | string | false | - | - |
| data | object | false | - | - |
| sysstat | [array] | false | - | - |
Get task status
Code samples
# You can also use wget
curl -X GET -u api:myapipassword https://vns3-host:8000/api/status/task \
-H 'Content-Type: application/json' \
-H 'Accept: application/json'
from cohesivenet import VNS3Client
api_response = vns3_client.sys_admin.get_task_status(
token=token)
print(api_response.json())
GET /status/task
Describe task status details
Body parameter
{
"token": "string"
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| token | body | string | false | - |
Example responses
200 Response
{
"response": {
"task_status": "string"
}
}
400 Response
{
"error": {
"name": "APIArgumentError",
"log": "1564152929359289894296619951832390615371038",
"message": "token is missing"
}
}
Authentication information missing or invalid
{
"error": {
"name": "UnauthorizedError",
"log": "1563472268929826518356034508450851266833526",
"message": "Invalid or expired token"
}
}
403 Response
{
"unlicensedExample": {
"value": {
"error": {
"name": "PrerequisiteError",
"log": "1563472268929826518356034508450851266833526",
"message": "Must be licensed first."
}
}
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
| 400 | Bad Request | Bad request | Inline |
| 401 | Unauthorized | Authentication information missing or invalid | Inline |
| 403 | Forbidden | Request Forbidden - operation not allowed | Inline |
Response Schema
Status Code 200
TaskStatusDetail
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| response | object | false | - | - |
| task_status | string | false | - | - |
Status Code 400
Error
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| error | object | false | - | - |
| name | string | false | - | - |
| log | string | false | - | - |
| message | string | false | - | - |
Access
Manage access to VNS3 with API tokens and admin access URLs
Get API access tokens
Code samples
# You can also use wget
curl -X GET -u api:myapipassword https://vns3-host:8000/api/access/tokens \
-H 'Accept: application/json'
from cohesivenet import VNS3Client
api_response = vns3_client.access.get_api_tokens()
print(api_response.json())
GET /access/tokens
Retrieve list of api tokens
Example responses
200 Response
{
"response": [
{
"id": 1,
"created_at": "2021-03-25T23:03:24Z",
"token": "string",
"name": "string",
"created_ip": "string",
"expires_at": "2021-03-25T23:03:24Z",
"lifetime": "string",
"refreshes": true,
"expired": true,
"last_accessed_at": "string",
"last_accessed_ip": "string"
}
]
}
Authentication information missing or invalid
{
"error": {
"name": "UnauthorizedError",
"log": "1563472268929826518356034508450851266833526",
"message": "Invalid or expired token"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
| 401 | Unauthorized | Authentication information missing or invalid | Inline |
Response Schema
Status Code 200
AccessTokenListResponse
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| response | [object] | false | - | - |
| AccessToken | object | false | - | - |
| id | integer | false | - | - |
| created_at | string(date-time) | false | - | - |
| token | string | false | - | - |
| name | string | false | - | - |
| created_ip | string | false | - | - |
| expires_at | string(date-time) | false | - | - |
| lifetime | string | false | - | - |
| refreshes | boolean | false | - | - |
| expired | boolean | false | - | - |
| last_accessed_at | string¦null | false | - | - |
| last_accessed_ip | string¦null | false | - | - |
Create API token
Code samples
# You can also use wget
curl -X POST -u api:myapipassword https://vns3-host:8000/api/access/token \
-H 'Content-Type: application/json' \
-H 'Accept: application/json'
from cohesivenet import VNS3Client
api_response = vns3_client.access.create_api_token(
expires=expires,
name=name,
token_name=token_name,
refreshes=refreshes)
print(api_response.json())
POST /access/token
Create api token
Body parameter
{
"expires": 3600,
"name": "string",
"token_name": "string",
"refreshes": true
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| expires | body | integer | false | Number of seconds before expiration |
| name | body | string | false | Optional name of token |
| token_name | body | string | false | Optional name of token (deprecated) |
| refreshes | body | boolean | false | Token lifetime refreshes when used |
Example responses
201 Response
{
"response": {
"id": 1,
"created_at": "2021-03-25T23:03:24Z",
"token": "string",
"name": "string",
"created_ip": "string",
"expires_at": "2021-03-25T23:03:24Z",
"lifetime": "string",
"refreshes": true,
"expired": true,
"last_accessed_at": "string",
"last_accessed_ip": "string"
}
}
400 Response
{
"error": {
"name": "APIArgumentError",
"log": "156347797058992573673734848595852371200179",
"message": "expires range must be between 60 and 31,536,000"
}
}
Authentication information missing or invalid
{
"error": {
"name": "UnauthorizedError",
"log": "1563472268929826518356034508450851266833526",
"message": "Invalid or expired token"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 201 | Created | Created | Inline |
| 400 | Bad Request | Bad request | Inline |
| 401 | Unauthorized | Authentication information missing or invalid | Inline |
Response Schema
Status Code 201
AccessTokenDetail
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| response | object | false | - | - |
| id | integer | false | - | - |
| created_at | string(date-time) | false | - | - |
| token | string | false | - | - |
| name | string | false | - | - |
| created_ip | string | false | - | - |
| expires_at | string(date-time) | false | - | - |
| lifetime | string | false | - | - |
| refreshes | boolean | false | - | - |
| expired | boolean | false | - | - |
| last_accessed_at | string¦null | false | - | - |
| last_accessed_ip | string¦null | false | - | - |
Status Code 400
Error
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| error | object | false | - | - |
| name | string | false | - | - |
| log | string | false | - | - |
| message | string | false | - | - |
Get API access token
Code samples
# You can also use wget
curl -X GET -u api:myapipassword https://vns3-host:8000/api/access/token/{token_id} \
-H 'Accept: application/json'
from cohesivenet import VNS3Client
api_response = vns3_client.access.get_api_token(token_id)
print(api_response.json())
GET /access/token/{token_id}
Retrieve details for specific access token (including expired ones)
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| token_id | path | integer | true | Token ID |
Example responses
200 Response
{
"response": {
"id": 1,
"created_at": "2021-03-25T23:03:24Z",
"token": "string",
"name": "string",
"created_ip": "string",
"expires_at": "2021-03-25T23:03:24Z",
"lifetime": "string",
"refreshes": true,
"expired": true,
"last_accessed_at": "string",
"last_accessed_ip": "string"
}
}
Authentication information missing or invalid
{
"error": {
"name": "UnauthorizedError",
"log": "1563472268929826518356034508450851266833526",
"message": "Invalid or expired token"
}
}
404 Response
{
"error": {
"name": "APINotFoundError",
"log": "15640808375976073208002188741879242245537",
"message": "Requested api token does not exist"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
| 401 | Unauthorized | Authentication information missing or invalid | Inline |
| 404 | Not Found | Not found | Inline |
Response Schema
Status Code 200
AccessTokenDetail
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| response | object | false | - | - |
| id | integer | false | - | - |
| created_at | string(date-time) | false | - | - |
| token | string | false | - | - |
| name | string | false | - | - |
| created_ip | string | false | - | - |
| expires_at | string(date-time) | false | - | - |
| lifetime | string | false | - | - |
| refreshes | boolean | false | - | - |
| expired | boolean | false | - | - |
| last_accessed_at | string¦null | false | - | - |
| last_accessed_ip | string¦null | false | - | - |
Status Code 404
Error
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| error | object | false | - | - |
| name | string | false | - | - |
| log | string | false | - | - |
| message | string | false | - | - |
Expire API token
Code samples
# You can also use wget
curl -X PUT -u api:myapipassword https://vns3-host:8000/api/access/token/{token_id} \
-H 'Content-Type: application/json' \
-H 'Accept: application/json'
from cohesivenet import VNS3Client
api_response = vns3_client.access.put_expire_api_token(token_id,
expired=expired)
print(api_response.json())
PUT /access/token/{token_id}
Expire API token
Body parameter
{
"expired": true
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| token_id | path | integer | true | Token ID |
| expired | body | boolean | false | - |
Example responses
200 Response
{
"response": {
"id": 1,
"created_at": "2021-03-25T23:03:24Z",
"token": "string",
"name": "string",
"created_ip": "string",
"expires_at": "2021-03-25T23:03:24Z",
"lifetime": "string",
"refreshes": true,
"expired": true,
"last_accessed_at": "string",
"last_accessed_ip": "string"
}
}
Authentication information missing or invalid
{
"error": {
"name": "UnauthorizedError",
"log": "1563472268929826518356034508450851266833526",
"message": "Invalid or expired token"
}
}
404 Response
{
"error": {
"name": "APINotFoundError",
"log": "15640808375976073208002188741879242245537",
"message": "Requested api token does not exist"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
| 401 | Unauthorized | Authentication information missing or invalid | Inline |
| 404 | Not Found | Not found | Inline |
Response Schema
Status Code 200
AccessTokenDetail
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| response | object | false | - | - |
| id | integer | false | - | - |
| created_at | string(date-time) | false | - | - |
| token | string | false | - | - |
| name | string | false | - | - |
| created_ip | string | false | - | - |
| expires_at | string(date-time) | false | - | - |
| lifetime | string | false | - | - |
| refreshes | boolean | false | - | - |
| expired | boolean | false | - | - |
| last_accessed_at | string¦null | false | - | - |
| last_accessed_ip | string¦null | false | - | - |
Status Code 404
Error
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| error | object | false | - | - |
| name | string | false | - | - |
| log | string | false | - | - |
| message | string | false | - | - |
Delete API token
Code samples
# You can also use wget
curl -X DELETE -u api:myapipassword https://vns3-host:8000/api/access/token/{token_id} \
-H 'Accept: application/json'
from cohesivenet import VNS3Client
api_response = vns3_client.access.delete_api_token(token_id)
print(api_response.json())
DELETE /access/token/{token_id}
Delete API token by ID
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| token_id | path | integer | true | Token ID |
Example responses
200 Response
{
"response": "Token deleted"
}
Authentication information missing or invalid
{
"error": {
"name": "UnauthorizedError",
"log": "1563472268929826518356034508450851266833526",
"message": "Invalid or expired token"
}
}
404 Response
{
"error": {
"name": "APINotFoundError",
"log": "15640808375976073208002188741879242245537",
"message": "Requested api token does not exist"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
| 401 | Unauthorized | Authentication information missing or invalid | Inline |
| 404 | Not Found | Not found | Inline |
Response Schema
Status Code 200
SimpleStringResponse
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| response | string | false | - | - |
Status Code 404
Error
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| error | object | false | - | - |
| name | string | false | - | - |
| log | string | false | - | - |
| message | string | false | - | - |
Get access URLs
Code samples
# You can also use wget
curl -X GET -u api:myapipassword https://vns3-host:8000/api/access/urls \
-H 'Accept: application/json'
from cohesivenet import VNS3Client
api_response = vns3_client.access.get_access_urls()
print(api_response.json())
GET /access/urls
Retrieve list of users' access urls, including expired ones
Example responses
200 Response
{
"response": [
{
"id": 1,
"url": "string",
"created_at": "2021-03-25T23:03:24Z",
"created_ip": "string",
"name": "string",
"expires_at": "2021-03-25T23:03:24Z",
"lifetime": "string",
"expired": true,
"last_accessed_at": "string",
"last_accessed_ip": "string"
}
]
}
Authentication information missing or invalid
{
"error": {
"name": "UnauthorizedError",
"log": "1563472268929826518356034508450851266833526",
"message": "Invalid or expired token"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
| 401 | Unauthorized | Authentication information missing or invalid | Inline |
Response Schema
Status Code 200
AccessUrlListResponse
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| response | [object] | false | - | - |
| AccessUrl | object | false | - | - |
| id | integer | false | - | - |
| url | string | false | - | - |
| created_at | string(date-time) | false | - | - |
| created_ip | string | false | - | - |
| name | string | false | - | - |
| expires_at | string(date-time) | false | - | - |
| lifetime | string | false | - | - |
| expired | boolean | false | - | - |
| last_accessed_at | string¦null | false | - | - |
| last_accessed_ip | string¦null | false | - | - |
Create access URL
Code samples
# You can also use wget
curl -X POST -u api:myapipassword https://vns3-host:8000/api/access/url \
-H 'Content-Type: application/json' \
-H 'Accept: application/json'
from cohesivenet import VNS3Client
api_response = vns3_client.access.create_access_url(
expires=expires,
name=name,
description=description)
print(api_response.json())
POST /access/url
Create access URL
Body parameter
{
"expires": 3600,
"name": "string",
"description": "string"
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| expires | body | integer | false | Number of seconds before expiration |
| name | body | string | false | Optional name |
| description | body | string | false | Optional name (deprecated) |
Example responses
201 Response
{
"response": {
"id": 1,
"url": "string",
"created_at": "2021-03-25T23:03:24Z",
"created_ip": "string",
"name": "string",
"expires_at": "2021-03-25T23:03:24Z",
"lifetime": "string",
"expired": true,
"last_accessed_at": "string",
"last_accessed_ip": "string"
}
}
400 Response
{
"error": {
"name": "APIArgumentError",
"log": "156347797058992573673734848595852371200179",
"message": "expires range must be between 60 and 259200"
}
}
Authentication information missing or invalid
{
"error": {
"name": "UnauthorizedError",
"log": "1563472268929826518356034508450851266833526",
"message": "Invalid or expired token"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 201 | Created | Created | Inline |
| 400 | Bad Request | Bad request | Inline |
| 401 | Unauthorized | Authentication information missing or invalid | Inline |
Response Schema
Status Code 201
AccessUrlDetail
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| response | object | false | - | - |
| id | integer | false | - | - |
| url | string | false | - | - |
| created_at | string(date-time) | false | - | - |
| created_ip | string | false | - | - |
| name | string | false | - | - |
| expires_at | string(date-time) | false | - | - |
| lifetime | string | false | - | - |
| expired | boolean | false | - | - |
| last_accessed_at | string¦null | false | - | - |
| last_accessed_ip | string¦null | false | - | - |
Status Code 400
Error
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| error | object | false | - | - |
| name | string | false | - | - |
| log | string | false | - | - |
| message | string | false | - | - |
Find and delete access URL
Code samples
# You can also use wget
curl -X DELETE -u api:myapipassword https://vns3-host:8000/api/access/url \
-H 'Content-Type: application/json' \
-H 'Accept: application/json'
from cohesivenet import VNS3Client
api_response = vns3_client.access.delete_access_url_by_search(
access_url_id=access_url_id)
print(api_response.json())
DELETE /access/url
Delete access URL by ID or URL
Body parameter
{
"access_url_id": 1,
"access_url": "string"
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| access_url_id | body | integer | false | ID of access URL |
| access_url | body | string | false | - |
One of the following param combinations are required:
access_url_id
access_url
Example responses
200 Response
{
"response": "Access url deleted"
}
Authentication information missing or invalid
{
"error": {
"name": "UnauthorizedError",
"log": "1563472268929826518356034508450851266833526",
"message": "Invalid or expired token"
}
}
404 Response
{
"error": {
"name": "APINotFoundError",
"log": "15640808375976073208002188741879242245537",
"message": "Invalid or missing access url"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
| 401 | Unauthorized | Authentication information missing or invalid | Inline |
| 404 | Not Found | Not found | Inline |
Response Schema
Status Code 200
SimpleStringResponse
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| response | string | false | - | - |
Status Code 404
Error
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| error | object | false | - | - |
| name | string | false | - | - |
| log | string | false | - | - |
| message | string | false | - | - |
Get access URL
Code samples
# You can also use wget
curl -X GET -u api:myapipassword https://vns3-host:8000/api/access/url/{access_url_id} \
-H 'Accept: application/json'
from cohesivenet import VNS3Client
api_response = vns3_client.access.get_access_url(access_url_id)
print(api_response.json())
GET /access/url/{access_url_id}
Retrieve details for specific access url (including expired ones)
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| access_url_id | path | integer | true | Access URL ID |
Example responses
200 Response
{
"response": {
"id": 1,
"url": "string",
"created_at": "2021-03-25T23:03:24Z",
"created_ip": "string",
"name": "string",
"expires_at": "2021-03-25T23:03:24Z",
"lifetime": "string",
"expired": true,
"last_accessed_at": "string",
"last_accessed_ip": "string"
}
}
Authentication information missing or invalid
{
"error": {
"name": "UnauthorizedError",
"log": "1563472268929826518356034508450851266833526",
"message": "Invalid or expired token"
}
}
404 Response
{
"error": {
"name": "APINotFoundError",
"log": "15640808375976073208002188741879242245537",
"message": "Invalid or missing access url"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
| 401 | Unauthorized | Authentication information missing or invalid | Inline |
| 404 | Not Found | Not found | Inline |
Response Schema
Status Code 200
AccessUrlDetail
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| response | object | false | - | - |
| id | integer | false | - | - |
| url | string | false | - | - |
| created_at | string(date-time) | false | - | - |
| created_ip | string | false | - | - |
| name | string | false | - | - |
| expires_at | string(date-time) | false | - | - |
| lifetime | string | false | - | - |
| expired | boolean | false | - | - |
| last_accessed_at | string¦null | false | - | - |
| last_accessed_ip | string¦null | false | - | - |
Status Code 404
Error
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| error | object | false | - | - |
| name | string | false | - | - |
| log | string | false | - | - |
| message | string | false | - | - |
Expire access URL
Code samples
# You can also use wget
curl -X PUT -u api:myapipassword https://vns3-host:8000/api/access/url/{access_url_id} \
-H 'Content-Type: application/json' \
-H 'Accept: application/json'
from cohesivenet import VNS3Client
api_response = vns3_client.access.put_expire_access_url(access_url_id,
expired=expired)
print(api_response.json())
PUT /access/url/{access_url_id}
Expire access URL
Body parameter
{
"expired": true
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| access_url_id | path | integer | true | Access URL ID |
| expired | body | boolean | false | - |
Example responses
200 Response
{
"response": {
"id": 1,
"url": "string",
"created_at": "2021-03-25T23:03:24Z",
"created_ip": "string",
"name": "string",
"expires_at": "2021-03-25T23:03:24Z",
"lifetime": "string",
"expired": true,
"last_accessed_at": "string",
"last_accessed_ip": "string"
}
}
Authentication information missing or invalid
{
"error": {
"name": "UnauthorizedError",
"log": "1563472268929826518356034508450851266833526",
"message": "Invalid or expired token"
}
}
404 Response
{
"error": {
"name": "APINotFoundError",
"log": "15640808375976073208002188741879242245537",
"message": "Invalid or missing access url"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
| 401 | Unauthorized | Authentication information missing or invalid | Inline |
| 404 | Not Found | Not found | Inline |
Response Schema
Status Code 200
AccessUrlDetail
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| response | object | false | - | - |
| id | integer | false | - | - |
| url | string | false | - | - |
| created_at | string(date-time) | false | - | - |
| created_ip | string | false | - | - |
| name | string | false | - | - |
| expires_at | string(date-time) | false | - | - |
| lifetime | string | false | - | - |
| expired | boolean | false | - | - |
| last_accessed_at | string¦null | false | - | - |
| last_accessed_ip | string¦null | false | - | - |
Status Code 404
Error
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| error | object | false | - | - |
| name | string | false | - | - |
| log | string | false | - | - |
| message | string | false | - | - |
Delete access URL
Code samples
# You can also use wget
curl -X DELETE -u api:myapipassword https://vns3-host:8000/api/access/url/{access_url_id} \
-H 'Accept: application/json'
from cohesivenet import VNS3Client
api_response = vns3_client.access.delete_access_url(access_url_id)
print(api_response.json())
DELETE /access/url/{access_url_id}
Delete access URL by ID
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| access_url_id | path | integer | true | Access URL ID |
Example responses
200 Response
{
"response": "Access url deleted"
}
Authentication information missing or invalid
{
"error": {
"name": "UnauthorizedError",
"log": "1563472268929826518356034508450851266833526",
"message": "Invalid or expired token"
}
}
404 Response
{
"error": {
"name": "APINotFoundError",
"log": "15640808375976073208002188741879242245537",
"message": "Invalid or missing access url"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
| 401 | Unauthorized | Authentication information missing or invalid | Inline |
| 404 | Not Found | Not found | Inline |
Response Schema
Status Code 200
SimpleStringResponse
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| response | string | false | - | - |
Status Code 404
Error
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| error | object | false | - | - |
| name | string | false | - | - |
| log | string | false | - | - |
| message | string | false | - | - |
Put LDAP settings
Code samples
# You can also use wget
curl -X PUT -u api:myapipassword https://vns3-host:8000/api/settings/ldap \
-H 'Content-Type: application/json' \
-H 'Accept: application/json'
from cohesivenet import VNS3Client
api_response = vns3_client.access.put_ldap_settings(
host=host,
port=port,
encrypt=encrypt,
encrypt_ldaps=encrypt_ldaps,
encrypt_auth=encrypt_auth,
encrypt_verify_ca=encrypt_verify_ca,
binddn=binddn,
bindpw=bindpw)
print(api_response.json())
PUT /settings/ldap
Put LDAP settings
Body parameter
{
"host": "string",
"port": 389,
"encrypt": false,
"encrypt_ldaps": true,
"encrypt_auth": false,
"encrypt_verify_ca": false,
"binddn": "string",
"bindpw": "string"
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| host | body | string | true | IP address or resolvable hostname of LDAP server |
| port | body | integer | false | Port for LDAP |
| encrypt | body | boolean | false | Use SSL |
| encrypt_ldaps | body | boolean | false | Use LDAPS or start TLS (default)? |
| encrypt_auth | body | boolean | false | Use certificates to authenticate via encrypted connection |
| encrypt_verify_ca | body | boolean | false | Verify certicate using authority |
| binddn | body | string | false | Bind Username |
| bindpw | body | string | false | Bind Password |
Example responses
200 Response
{
"response": {
"host": "string",
"port": 0,
"encrypt": true,
"encrypt_ldaps": true,
"encrypt_auth": true,
"encrypt_auth_key": true,
"encrypt_auth_cert": true,
"encrypt_verify_ca": true,
"encrypt_ca_cert": true,
"binddn": "string"
}
}
Authentication information missing or invalid
{
"error": {
"name": "UnauthorizedError",
"log": "1563472268929826518356034508450851266833526",
"message": "Invalid or expired token"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
| 401 | Unauthorized | Authentication information missing or invalid | Inline |
Response Schema
Status Code 200
LdapSettingsResponse
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| response | object | false | - | - |
| host | string | false | - | IP address or resolvable hostname |
| port | integer | false | - | - |
| encrypt | boolean | false | - | Use SSL |
| encrypt_ldaps | boolean | false | - | Use LDAPS or start TLS (default)? |
| encrypt_auth | boolean | false | - | Use certificates to authenticate via encrypted connection |
| encrypt_auth_key | boolean | false | - | - |
| encrypt_auth_cert | boolean | false | - | - |
| encrypt_verify_ca | boolean | false | - | Verify certicate using authority |
| encrypt_ca_cert | boolean | false | - | - |
| binddn | string | false | - | Bind username |
Test LDAP settings
Code samples
# You can also use wget
curl -X POST -u api:myapipassword https://vns3-host:8000/api/settings/ldap \
-H 'Content-Type: application/json' \
-H 'Accept: application/json'
from cohesivenet import VNS3Client
api_response = vns3_client.access.post_test_ldap_settings(
host=host,
port=port,
encrypt=encrypt,
encrypt_ldaps=encrypt_ldaps,
encrypt_auth=encrypt_auth,
encrypt_verify_ca=encrypt_verify_ca,
binddn=binddn,
bindpw=bindpw,
auth_cert=auth_cert,
auth_cert_current=auth_cert_current,
auth_key=auth_key,
auth_key_current=auth_key_current,
ca_cert=ca_cert,
ca_cert_current=ca_cert_current)
print(api_response.json())
POST /settings/ldap
Test LDAP settings
Body parameter
{
"host": "string",
"port": 389,
"encrypt": false,
"encrypt_ldaps": true,
"encrypt_auth": false,
"encrypt_verify_ca": false,
"binddn": "string",
"bindpw": "string",
"auth_cert": "string",
"auth_cert_current": false,
"auth_key": "string",
"auth_key_current": false,
"ca_cert": "string",
"ca_cert_current": false
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| host | body | string | true | IP address or resolvable hostname of LDAP server |
| port | body | integer | false | Port for LDAP |
| encrypt | body | boolean | false | Use SSL |
| encrypt_ldaps | body | boolean | false | Use LDAPS or start TLS (default)? |
| encrypt_auth | body | boolean | false | Use certificates to authenticate via encrypted connection |
| encrypt_verify_ca | body | boolean | false | Verify certicate using authority |
| binddn | body | string | false | Bind Username |
| bindpw | body | string | false | Bind Password |
| auth_cert | body | string | false | Authentication certificate text content to use |
| auth_cert_current | body | boolean | false | Test with current uploaded authentication certificate? |
| auth_key | body | string | false | Authentication key text content to use |
| auth_key_current | body | boolean | false | Test with current uploaded authentication key? |
| ca_cert | body | string | false | CA certificate text content to use |
| ca_cert_current | body | boolean | false | Test with current uploaded CA certificate? |
Example responses
200 Response
{
"response": {
"connect_success": true,
"message": "string"
}
}
Authentication information missing or invalid
{
"error": {
"name": "UnauthorizedError",
"log": "1563472268929826518356034508450851266833526",
"message": "Invalid or expired token"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
| 401 | Unauthorized | Authentication information missing or invalid | Inline |
Response Schema
Status Code 200
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| response | object | false | - | - |
| connect_success | boolean | false | - | - |
| message | string | false | - | - |
Get LDAP settings
Code samples
# You can also use wget
curl -X GET -u api:myapipassword https://vns3-host:8000/api/settings/ldap \
-H 'Accept: application/json'
from cohesivenet import VNS3Client
api_response = vns3_client.access.get_ldap_settings()
print(api_response.json())
GET /settings/ldap
get LDAP settings
Example responses
200 Response
{
"response": {
"host": "string",
"port": 0,
"encrypt": true,
"encrypt_ldaps": true,
"encrypt_auth": true,
"encrypt_auth_key": true,
"encrypt_auth_cert": true,
"encrypt_verify_ca": true,
"encrypt_ca_cert": true,
"binddn": "string"
}
}
Authentication information missing or invalid
{
"error": {
"name": "UnauthorizedError",
"log": "1563472268929826518356034508450851266833526",
"message": "Invalid or expired token"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
| 401 | Unauthorized | Authentication information missing or invalid | Inline |
Response Schema
Status Code 200
LdapSettingsResponse
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| response | object | false | - | - |
| host | string | false | - | IP address or resolvable hostname |
| port | integer | false | - | - |
| encrypt | boolean | false | - | Use SSL |
| encrypt_ldaps | boolean | false | - | Use LDAPS or start TLS (default)? |
| encrypt_auth | boolean | false | - | Use certificates to authenticate via encrypted connection |
| encrypt_auth_key | boolean | false | - | - |
| encrypt_auth_cert | boolean | false | - | - |
| encrypt_verify_ca | boolean | false | - | Verify certicate using authority |
| encrypt_ca_cert | boolean | false | - | - |
| binddn | string | false | - | Bind username |
Put LDAP user schema settings
Code samples
# You can also use wget
curl -X PUT -u api:myapipassword https://vns3-host:8000/api/settings/ldap/user_schema \
-H 'Content-Type: application/json' \
-H 'Accept: application/json'
from cohesivenet import VNS3Client
api_response = vns3_client.access.put_ldap_user_schema_settings(
user_base=user_base,
user_id_attribute=user_id_attribute,
user_list_filter=user_list_filter)
print(api_response.json())
PUT /settings/ldap/user_schema
Put LDAP user schema settings
Body parameter
{
"user_base": "string",
"user_id_attribute": "string",
"user_list_filter": "string"
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| user_base | body | string | true | Base DN from which to search for Users |
| user_id_attribute | body | string | true | Attribute type for the Users |
| user_list_filter | body | string | false | Search filter for Users |
Example responses
200 Response
{
"response": {
"user_base": "string",
"user_id_attribute": 0,
"user_list_filter": "string"
}
}
Authentication information missing or invalid
{
"error": {
"name": "UnauthorizedError",
"log": "1563472268929826518356034508450851266833526",
"message": "Invalid or expired token"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
| 401 | Unauthorized | Authentication information missing or invalid | Inline |
Response Schema
Status Code 200
LdapUserSettingsResponse
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| response | object | false | - | - |
| user_base | string | false | - | Base DN from which to search for Users |
| user_id_attribute | integer | false | - | Attribute type for the Users |
| user_list_filter | string | false | - | Search filter for Users |
Test LDAP user schema settings
Code samples
# You can also use wget
curl -X POST -u api:myapipassword https://vns3-host:8000/api/settings/ldap/user_schema \
-H 'Content-Type: application/json' \
-H 'Accept: application/json'
from cohesivenet import VNS3Client
api_response = vns3_client.access.post_test_ldap_user_schema_settings(
user_base=user_base,
user_id_attribute=user_id_attribute,
user_list_filter=user_list_filter,
limit=limit)
print(api_response.json())
POST /settings/ldap/user_schema
Test LDAP user schema settings
Body parameter
{
"user_base": "string",
"user_id_attribute": "string",
"user_list_filter": "string",
"limit": 100
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| user_base | body | string | true | Base DN from which to search for Users |
| user_id_attribute | body | string | true | Attribute type for the Users |
| user_list_filter | body | string | false | Search filter for Users |
| limit | body | integer | false | Number of records to return. Default = 100 |
Example responses
200 Response
{
"response": [
"string"
]
}
Authentication information missing or invalid
{
"error": {
"name": "UnauthorizedError",
"log": "1563472268929826518356034508450851266833526",
"message": "Invalid or expired token"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
| 401 | Unauthorized | Authentication information missing or invalid | Inline |
Response Schema
Status Code 200
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| response | [string] | false | - | - |
Get LDAP user schema settings
Code samples
# You can also use wget
curl -X GET -u api:myapipassword https://vns3-host:8000/api/settings/ldap/user_schema \
-H 'Accept: application/json'
from cohesivenet import VNS3Client
api_response = vns3_client.access.get_ldap_user_schema_settings()
print(api_response.json())
GET /settings/ldap/user_schema
get LDAP user schema settings
Example responses
200 Response
{
"response": {
"user_base": "string",
"user_id_attribute": 0,
"user_list_filter": "string"
}
}
Authentication information missing or invalid
{
"error": {
"name": "UnauthorizedError",
"log": "1563472268929826518356034508450851266833526",
"message": "Invalid or expired token"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
| 401 | Unauthorized | Authentication information missing or invalid | Inline |
Response Schema
Status Code 200
LdapUserSettingsResponse
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| response | object | false | - | - |
| user_base | string | false | - | Base DN from which to search for Users |
| user_id_attribute | integer | false | - | Attribute type for the Users |
| user_list_filter | string | false | - | Search filter for Users |
Put LDAP group schema settings
Code samples
# You can also use wget
curl -X PUT -u api:myapipassword https://vns3-host:8000/api/settings/ldap/group_schema \
-H 'Content-Type: application/json' \
-H 'Accept: application/json'
from cohesivenet import VNS3Client
api_response = vns3_client.access.put_ldap_group_schema_settings(
group_required=group_required,
group_base=group_base,
group_id_attribute=group_id_attribute,
group_list_filter=group_list_filter,
group_member_attribute=group_member_attribute,
group_member_attr_format=group_member_attr_format,
group_search_scope=group_search_scope)
print(api_response.json())
PUT /settings/ldap/group_schema
Put LDAP group schema settings
Body parameter
{
"group_required": true,
"group_base": "string",
"group_id_attribute": "string",
"group_list_filter": "string",
"group_member_attribute": "string",
"group_member_attr_format": "string",
"group_search_scope": "string"
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| group_required | body | boolean | true | Require use of LDAP groups |
| group_base | body | string | false | Base DN from which to search for Groups |
| group_id_attribute | body | string | false | Attribute type for the Groups |
| group_list_filter | body | string | false | Search filter for Groups |
| group_member_attribute | body | string | false | ttribute used to search for a user within the Group |
| group_member_attr_format | body | string | false | Format of the Group Member attribute |
| group_search_scope | body | string | false | Default=subtree |
Example responses
200 Response
{
"response": {
"group_required": true,
"group_base": "string",
"group_id_attribute": "string",
"group_list_filter": "string",
"group_member_attribute": "string",
"group_member_attr_format": "UserDN",
"group_search_scope": "subtree"
}
}
Authentication information missing or invalid
{
"error": {
"name": "UnauthorizedError",
"log": "1563472268929826518356034508450851266833526",
"message": "Invalid or expired token"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
| 401 | Unauthorized | Authentication information missing or invalid | Inline |
Response Schema
Status Code 200
LdapGroupSettingsResponse
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| response | object | false | - | - |
| group_required | boolean | false | - | Require used of LDAP groups |
| group_base | string | false | - | Base DN from which to search for Groups |
| group_id_attribute | string | false | - | Attribute type for the Groups |
| group_list_filter | string | false | - | Search filter for Groups |
| group_member_attribute | string | false | - | Attribute used to search for a user within the Group |
| group_member_attr_format | string | false | - | Format of the Group Member attribute |
| group_search_scope | string | false | - | Format of the Group Member attribute |
Test LDAP group schema settings
Code samples
# You can also use wget
curl -X POST -u api:myapipassword https://vns3-host:8000/api/settings/ldap/group_schema \
-H 'Content-Type: application/json' \
-H 'Accept: application/json'
from cohesivenet import VNS3Client
api_response = vns3_client.access.post_test_ldap_group_schema_settings(
group_base=group_base,
group_id_attribute=group_id_attribute,
group_list_filter=group_list_filter,
group_member_attribute=group_member_attribute,
group_member_attr_format=group_member_attr_format,
group_search_scope=group_search_scope,
limit=limit)
print(api_response.json())
POST /settings/ldap/group_schema
Test LDAP group schema settings
Body parameter
{
"group_base": "string",
"group_id_attribute": "string",
"group_list_filter": "string",
"group_member_attribute": "string",
"group_member_attr_format": "string",
"group_search_scope": "string",
"limit": 100
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| group_base | body | string | true | Base DN from which to search for Groups |
| group_id_attribute | body | string | true | Attribute type for the Groups |
| group_list_filter | body | string | false | Search filter for Groups |
| group_member_attribute | body | string | false | ttribute used to search for a user within the Group |
| group_member_attr_format | body | string | false | Format of the Group Member attribute |
| group_search_scope | body | string | false | Default=subtree |
| limit | body | integer | false | Number of records to return. Default = 100 |
Example responses
200 Response
{
"response": [
{
"ldap_group": "string",
"ldap_user": [
"string"
]
}
]
}
Authentication information missing or invalid
{
"error": {
"name": "UnauthorizedError",
"log": "1563472268929826518356034508450851266833526",
"message": "Invalid or expired token"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
| 401 | Unauthorized | Authentication information missing or invalid | Inline |
Response Schema
Status Code 200
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| response | [object] | false | - | - |
| ldap_group | string | false | - | - |
| ldap_user | [string] | false | - | - |
Get LDAP group schema settings
Code samples
# You can also use wget
curl -X GET -u api:myapipassword https://vns3-host:8000/api/settings/ldap/group_schema \
-H 'Accept: application/json'
from cohesivenet import VNS3Client
api_response = vns3_client.access.get_ldap_group_schema_settings()
print(api_response.json())
GET /settings/ldap/group_schema
get LDAP group schema settings
Example responses
200 Response
{
"response": {
"group_required": true,
"group_base": "string",
"group_id_attribute": "string",
"group_list_filter": "string",
"group_member_attribute": "string",
"group_member_attr_format": "UserDN",
"group_search_scope": "subtree"
}
}
Authentication information missing or invalid
{
"error": {
"name": "UnauthorizedError",
"log": "1563472268929826518356034508450851266833526",
"message": "Invalid or expired token"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
| 401 | Unauthorized | Authentication information missing or invalid | Inline |
Response Schema
Status Code 200
LdapGroupSettingsResponse
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| response | object | false | - | - |
| group_required | boolean | false | - | Require used of LDAP groups |
| group_base | string | false | - | Base DN from which to search for Groups |
| group_id_attribute | string | false | - | Attribute type for the Groups |
| group_list_filter | string | false | - | Search filter for Groups |
| group_member_attribute | string | false | - | Attribute used to search for a user within the Group |
| group_member_attr_format | string | false | - | Format of the Group Member attribute |
| group_search_scope | string | false | - | Format of the Group Member attribute |
Put LDAP VPN schema settings
Code samples
# You can also use wget
curl -X PUT -u api:myapipassword https://vns3-host:8000/api/settings/ldap/vpn_schema \
-H 'Content-Type: application/json' \
-H 'Accept: application/json'
from cohesivenet import VNS3Client
api_response = vns3_client.access.put_ldap_vpn_schema_settings(
vpn_auth_enabled=vpn_auth_enabled,
vpn_group_base=vpn_group_base,
vpn_group_id_attribute=vpn_group_id_attribute,
vpn_group_list_filter=vpn_group_list_filter,
vpn_group_member_attribute=vpn_group_member_attribute,
vpn_group_member_attr_format=vpn_group_member_attr_format,
vpn_group_search_scope=vpn_group_search_scope,
vpn_group_otp=vpn_group_otp)
print(api_response.json())
PUT /settings/ldap/vpn_schema
Put LDAP VPN schema settings
Body parameter
{
"vpn_auth_enabled": true,
"vpn_group_base": "string",
"vpn_group_id_attribute": "string",
"vpn_group_list_filter": "string",
"vpn_group_member_attribute": "string",
"vpn_group_member_attr_format": "UserDN",
"vpn_group_search_scope": "subtree",
"vpn_group_otp": false
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| vpn_auth_enabled | body | boolean | true | Enable use of LDAP through VPN. If true, other params required. |
| vpn_group_base | body | string | true | Base DN from which to search for Groups |
| vpn_group_id_attribute | body | string | true | Attribute type for the Groups |
| vpn_group_list_filter | body | string | false | Search filter for Groups |
| vpn_group_member_attribute | body | string | true | Attribute used to search for a user within the Group |
| vpn_group_member_attr_format | body | string | false | Format of the Group Member attribute |
| vpn_group_search_scope | body | string | false | Search scope for filter |
| vpn_group_otp | body | boolean | false | Use Google authenticator (OTP)? |
Example responses
200 Response
{
"response": {
"vpn_auth_enabled": true,
"vpn_auth_provider": "string",
"vpn_group_base": "string",
"vpn_group_id_attribute": "string",
"vpn_group_list_filter": "string",
"vpn_group_member_attribute": "string",
"vpn_group_member_attr_format": "UserDN",
"vpn_group_search_scope": "subtree",
"vpn_group_otp": true,
"vpn_group_otp_url": "string"
}
}
Authentication information missing or invalid
{
"error": {
"name": "UnauthorizedError",
"log": "1563472268929826518356034508450851266833526",
"message": "Invalid or expired token"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
| 401 | Unauthorized | Authentication information missing or invalid | Inline |
Response Schema
Status Code 200
LdapVpnSchemaSettingsResponse
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| response | object | false | - | - |
| vpn_auth_enabled | boolean | false | - | - |
| vpn_auth_provider | string | false | - | - |
| vpn_group_base | string | false | - | Base DN from which to search for Groups |
| vpn_group_id_attribute | string | false | - | Attribute type for the Groups |
| vpn_group_list_filter | string | false | - | Search filter for Groups |
| vpn_group_member_attribute | string | false | - | Attribute used to search for a user within the Group |
| vpn_group_member_attr_format | string | false | - | Format of the Group Member attribute |
| vpn_group_search_scope | string | false | - | Format of the Group Member attribute |
| vpn_group_otp | boolean | false | - | - |
| vpn_group_otp_url | string | false | - | - |
Test LDAP VPN schema settings
Code samples
# You can also use wget
curl -X POST -u api:myapipassword https://vns3-host:8000/api/settings/ldap/vpn_schema \
-H 'Content-Type: application/json' \
-H 'Accept: application/json'
from cohesivenet import VNS3Client
api_response = vns3_client.access.post_test_ldap_vpn_schema_settings(
vpn_group_base=vpn_group_base,
vpn_group_id_attribute=vpn_group_id_attribute,
vpn_group_list_filter=vpn_group_list_filter,
vpn_group_member_attribute=vpn_group_member_attribute,
vpn_group_member_attr_format=vpn_group_member_attr_format,
vpn_group_search_scope=vpn_group_search_scope,
vpn_group_otp=vpn_group_otp,
limit=limit)
print(api_response.json())
POST /settings/ldap/vpn_schema
Test LDAP VPN schema settings
Body parameter
{
"vpn_group_base": "string",
"vpn_group_id_attribute": "string",
"vpn_group_list_filter": "string",
"vpn_group_member_attribute": "string",
"vpn_group_member_attr_format": "UserDN",
"vpn_group_search_scope": "subtree",
"vpn_group_otp": false,
"limit": 100
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| vpn_group_base | body | string | true | Base DN from which to search for Groups |
| vpn_group_id_attribute | body | string | true | Attribute type for the Groups |
| vpn_group_list_filter | body | string | false | Search filter for Groups |
| vpn_group_member_attribute | body | string | true | Attribute used to search for a user within the Group |
| vpn_group_member_attr_format | body | string | false | Format of the Group Member attribute |
| vpn_group_search_scope | body | string | false | Search scope for filter |
| vpn_group_otp | body | boolean | false | Use Google authenticator (OTP)? |
| limit | body | integer | false | Number of records to return. Default = 100 |
Example responses
200 Response
{
"response": [
"string"
]
}
Authentication information missing or invalid
{
"error": {
"name": "UnauthorizedError",
"log": "1563472268929826518356034508450851266833526",
"message": "Invalid or expired token"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
| 401 | Unauthorized | Authentication information missing or invalid | Inline |
Response Schema
Status Code 200
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| response | [string] | false | - | - |
Get LDAP VPN schema settings
Code samples
# You can also use wget
curl -X GET -u api:myapipassword https://vns3-host:8000/api/settings/ldap/vpn_schema \
-H 'Accept: application/json'
from cohesivenet import VNS3Client
api_response = vns3_client.access.get_ldap_vpn_schema_settings()
print(api_response.json())
GET /settings/ldap/vpn_schema
get LDAP VPN schema settings
Example responses
200 Response
{
"response": {
"vpn_auth_enabled": true,
"vpn_auth_provider": "string",
"vpn_group_base": "string",
"vpn_group_id_attribute": "string",
"vpn_group_list_filter": "string",
"vpn_group_member_attribute": "string",
"vpn_group_member_attr_format": "UserDN",
"vpn_group_search_scope": "subtree",
"vpn_group_otp": true,
"vpn_group_otp_url": "string"
}
}
Authentication information missing or invalid
{
"error": {
"name": "UnauthorizedError",
"log": "1563472268929826518356034508450851266833526",
"message": "Invalid or expired token"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
| 401 | Unauthorized | Authentication information missing or invalid | Inline |
Response Schema
Status Code 200
LdapVpnSchemaSettingsResponse
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| response | object | false | - | - |
| vpn_auth_enabled | boolean | false | - | - |
| vpn_auth_provider | string | false | - | - |
| vpn_group_base | string | false | - | Base DN from which to search for Groups |
| vpn_group_id_attribute | string | false | - | Attribute type for the Groups |
| vpn_group_list_filter | string | false | - | Search filter for Groups |
| vpn_group_member_attribute | string | false | - | Attribute used to search for a user within the Group |
| vpn_group_member_attr_format | string | false | - | Format of the Group Member attribute |
| vpn_group_search_scope | string | false | - | Format of the Group Member attribute |
| vpn_group_otp | boolean | false | - | - |
| vpn_group_otp_url | string | false | - | - |
Put LDAP VPN Radius settings
Code samples
# You can also use wget
curl -X PUT -u api:myapipassword https://vns3-host:8000/api/settings/ldap/vpn_radius \
-H 'Content-Type: application/json' \
-H 'Accept: application/json'
from cohesivenet import VNS3Client
api_response = vns3_client.access.put_ldap_vpn_radius_settings(
vpn_auth_enabled=vpn_auth_enabled,
vpn_radius_server=vpn_radius_server,
vpn_radius_auth_port=vpn_radius_auth_port,
vpn_radius_accounting_port=vpn_radius_accounting_port,
vpn_radius_pass=vpn_radius_pass)
print(api_response.json())
PUT /settings/ldap/vpn_radius
Create/overwrite vpn RADIUS settings
Body parameter
{
"vpn_auth_enabled": true,
"vpn_radius_server": "string",
"vpn_radius_auth_port": 1812,
"vpn_radius_accounting_port": 1812,
"vpn_radius_pass": "string"
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| vpn_auth_enabled | body | boolean | true | Enable use of Radius through VPN. If true, other params required. |
| vpn_radius_server | body | string | true | IP address or resolvable hostname |
| vpn_radius_auth_port | body | integer | false | Authentication port |
| vpn_radius_accounting_port | body | integer | false | Accounting port |
| vpn_radius_pass | body | string | true | Shared password |
Example responses
200 Response
{
"response": {
"vpn_auth_enabled": true,
"vpn_auth_provider": "string",
"vpn_radius_server": "string",
"vpn_radius_auth_port": 0,
"vpn_radius_accounting_port": 0,
"token": "string"
}
}
Authentication information missing or invalid
{
"error": {
"name": "UnauthorizedError",
"log": "1563472268929826518356034508450851266833526",
"message": "Invalid or expired token"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
| 401 | Unauthorized | Authentication information missing or invalid | Inline |
Response Schema
Status Code 200
LdapVpnRadiusSettingsResponse
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| response | object | false | - | - |
| vpn_auth_enabled | boolean | false | - | - |
| vpn_auth_provider | string | false | - | - |
| vpn_radius_server | string | false | - | IP address or resolvable hostname |
| vpn_radius_auth_port | integer | false | - | Authentication port |
| vpn_radius_accounting_port | integer | false | - | Accounting port |
| token | string | false | - | - |
Get LDAP VPN Radius settings
Code samples
# You can also use wget
curl -X GET -u api:myapipassword https://vns3-host:8000/api/settings/ldap/vpn_radius \
-H 'Accept: application/json'
from cohesivenet import VNS3Client
api_response = vns3_client.access.get_ldap_vpn_radius_settings()
print(api_response.json())
GET /settings/ldap/vpn_radius
get LDAP VPN Radius settings
Example responses
200 Response
{
"response": {
"vpn_auth_enabled": true,
"vpn_auth_provider": "string",
"vpn_radius_server": "string",
"vpn_radius_auth_port": 0,
"vpn_radius_accounting_port": 0,
"token": "string"
}
}
Authentication information missing or invalid
{
"error": {
"name": "UnauthorizedError",
"log": "1563472268929826518356034508450851266833526",
"message": "Invalid or expired token"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
| 401 | Unauthorized | Authentication information missing or invalid | Inline |
Response Schema
Status Code 200
LdapVpnRadiusSettingsResponse
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| response | object | false | - | - |
| vpn_auth_enabled | boolean | false | - | - |
| vpn_auth_provider | string | false | - | - |
| vpn_radius_server | string | false | - | IP address or resolvable hostname |
| vpn_radius_auth_port | integer | false | - | Authentication port |
| vpn_radius_accounting_port | integer | false | - | Accounting port |
| token | string | false | - | - |
Enable/disable LDAP
Code samples
# You can also use wget
curl -X PUT -u api:myapipassword https://vns3-host:8000/api/settings/ldap/enabled \
-H 'Content-Type: application/json' \
-H 'Accept: application/json'
from cohesivenet import VNS3Client
api_response = vns3_client.access.put_enable_ldap(
enabled=enabled)
print(api_response.json())
PUT /settings/ldap/enabled
Enable/disable LDAP
Body parameter
{
"enabled": true
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| enabled | body | boolean | true | True to enable LDAP |
Example responses
200 Response
{
"response": {
"enabled": true
}
}
Authentication information missing or invalid
{
"error": {
"name": "UnauthorizedError",
"log": "1563472268929826518356034508450851266833526",
"message": "Invalid or expired token"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
| 401 | Unauthorized | Authentication information missing or invalid | Inline |
Response Schema
Status Code 200
SimpleEnabledResponse
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| response | object | false | - | - |
| enabled | boolean | false | - | - |
Upload LDAP Auth Cert
Code samples
# You can also use wget
curl -X PUT -u api:myapipassword https://vns3-host:8000/api/settings/ldap/encrypt_auth_cert \
-H 'Content-Type: text/plain' \
-H 'Accept: application/json'
from cohesivenet import VNS3Client
api_response = vns3_client.access.put_upload_ldap_auth_cert()
print(api_response.json())
PUT /settings/ldap/encrypt_auth_cert
Upload LDAP authentication certicate file
Body parameter
string
Example responses
200 Response
{
"response": "Authentication certificate saved!"
}
Authentication information missing or invalid
{
"error": {
"name": "UnauthorizedError",
"log": "1563472268929826518356034508450851266833526",
"message": "Invalid or expired token"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
| 401 | Unauthorized | Authentication information missing or invalid | Inline |
Response Schema
Status Code 200
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| response | string | false | - | - |
Upload LDAP Auth Key
Code samples
# You can also use wget
curl -X PUT -u api:myapipassword https://vns3-host:8000/api/settings/ldap/encrypt_auth_key \
-H 'Content-Type: text/plain' \
-H 'Accept: application/json'
from cohesivenet import VNS3Client
api_response = vns3_client.access.put_upload_ldap_auth_key()
print(api_response.json())
PUT /settings/ldap/encrypt_auth_key
Upload authentication key file
Body parameter
string
Example responses
200 Response
{
"response": "Authentication certificate removed!"
}
Authentication information missing or invalid
{
"error": {
"name": "UnauthorizedError",
"log": "1563472268929826518356034508450851266833526",
"message": "Invalid or expired token"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
| 401 | Unauthorized | Authentication information missing or invalid | Inline |
Response Schema
Status Code 200
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| response | string | false | - | - |
Upload LDAP CA cert
Code samples
# You can also use wget
curl -X PUT -u api:myapipassword https://vns3-host:8000/api/settings/ldap/encrypt_ca_cert \
-H 'Content-Type: text/plain' \
-H 'Accept: application/json'
from cohesivenet import VNS3Client
api_response = vns3_client.access.put_upload_ldap_ca_cert()
print(api_response.json())
PUT /settings/ldap/encrypt_ca_cert
Upload LDAP CA certicate file
Body parameter
string
Example responses
200 Response
{
"response": "CA certificate saved!"
}
Authentication information missing or invalid
{
"error": {
"name": "UnauthorizedError",
"log": "1563472268929826518356034508450851266833526",
"message": "Invalid or expired token"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
| 401 | Unauthorized | Authentication information missing or invalid | Inline |
Response Schema
Status Code 200
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| response | string | false | - | - |
Configuration
VNS3 configuration such as licensing, VNS3:Management System, SSL certs and keyset generation
Update admin UI settings
Code samples
# You can also use wget
curl -X PUT -u api:myapipassword https://vns3-host:8000/api/admin_ui \
-H 'Content-Type: application/json' \
-H 'Accept: application/json'
from cohesivenet import VNS3Client
api_response = vns3_client.config.put_update_admin_ui(
enabled=enabled,
admin_username=admin_username,
admin_password=admin_password)
print(api_response.json())
PUT /admin_ui
Update Admin UI settings. Enable/Disable and set credentials.
Body parameter
{
"enabled": true,
"admin_username": "string",
"admin_password": "string"
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| enabled | body | boolean | false | - |
| admin_username | body | string | false | - |
| admin_password | body | string | false | - |
Example responses
200 Response
{
"response": {
"enabled": true,
"username": "vnscubed_user"
}
}
400 Response
{
"error": {
"name": "APIArgumentError",
"log": "156348220177382578437853325229350053485636",
"message": "admin_username is invalid"
}
}
Authentication information missing or invalid
{
"error": {
"name": "UnauthorizedError",
"log": "1563472268929826518356034508450851266833526",
"message": "Invalid or expired token"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Accepted | Inline |
| 400 | Bad Request | Bad request | Inline |
| 401 | Unauthorized | Authentication information missing or invalid | Inline |
Response Schema
Status Code 200
AdminUISettingsDetail
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| response | object | false | - | - |
| enabled | boolean | false | - | - |
| username | string | false | - | - |
Status Code 400
Error
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| error | object | false | - | - |
| name | string | false | - | - |
| log | string | false | - | - |
| message | string | false | - | - |
Update API password
Code samples
# You can also use wget
curl -X PUT -u api:myapipassword https://vns3-host:8000/api/api_password \
-H 'Content-Type: application/json' \
-H 'Accept: application/json'
from cohesivenet import VNS3Client
api_response = vns3_client.config.put_update_api_password(
password=password)
print(api_response.json())
PUT /api_password
Allows you to change the API password/secret key. To change the Web UI password (or username) use PUT admin_ui.
Body parameter
{
"password": "string"
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| password | body | string | false | - |
Example responses
200 Response
{
"response": {
"password_reset": "ok"
}
}
400 Response
{
"error": {
"name": "APIArgumentError",
"log": "156348220177382578437853325229350053485636",
"message": "Invalid password"
}
}
Authentication information missing or invalid
{
"error": {
"name": "UnauthorizedError",
"log": "1563472268929826518356034508450851266833526",
"message": "Invalid or expired token"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Accepted | Inline |
| 400 | Bad Request | Bad request | Inline |
| 401 | Unauthorized | Authentication information missing or invalid | Inline |
Response Schema
Status Code 200
PasswordResetResponse
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| response | object | false | - | - |
| password_reset | string | false | - | - |
Status Code 400
Error
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| error | object | false | - | - |
| name | string | false | - | - |
| log | string | false | - | - |
| message | string | false | - | - |
Get configuration details
Code samples
# You can also use wget
curl -X GET -u api:myapipassword https://vns3-host:8000/api/config \
-H 'Accept: application/json'
from cohesivenet import VNS3Client
api_response = vns3_client.config.get_config()
print(api_response.json())
GET /config
Describe Runtime Configuration for VNS3 Controller
Example responses
200 Response
{
"response": {
"asn": 65001,
"topology_name": "Cohesive",
"topology_checksum": "a04a92073a4f6f32a2abce45439a2d8c016334dc",
"manager_id": 1,
"ntp_hosts": "0.ubuntu.pool.ntp.org 1.ubuntu.pool.ntp.org 2.ubuntu.pool.ntp.org 3.ubuntu.pool.ntp.org ntp.ubuntu.com time.apple.com",
"vns3_version": "4.5.0",
"licensed": true,
"overlay_ipaddress": "172.31.0.100",
"peered": true,
"public_ipaddress": "50.240.142.209",
"private_ipaddress": "192.168.30.247"
}
}
Authentication information missing or invalid
{
"error": {
"name": "UnauthorizedError",
"log": "1563472268929826518356034508450851266833526",
"message": "Invalid or expired token"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Get runtime Configuration details | Inline |
| 401 | Unauthorized | Authentication information missing or invalid | Inline |
Response Schema
Status Code 200
ConfigDetail
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| response | object | false | - | - |
| asn | integer | false | - | Autonomous system number for controller if peered |
| topology_name | string | false | - | - |
| topology_checksum | string | false | - | - |
| manager_id | integer | false | - | This managers ID in peered topology |
| ntp_hosts | string | false | - | NTP host endpoints, whitespace delimited |
| vns3_version | string | false | - | - |
| licensed | boolean | false | - | - |
| overlay_ipaddress | string | false | - | This managers overlay IP in peered topology |
| peered | boolean | false | - | - |
| public_ipaddress | string | false | - | - |
| private_ipaddress | string | false | - | - |
| security_token | string | false | - | Security token in peered topology |
Update configuration
Code samples
# You can also use wget
curl -X PUT -u api:myapipassword https://vns3-host:8000/api/config \
-H 'Content-Type: application/json' \
-H 'Accept: application/json'
from cohesivenet import VNS3Client
api_response = vns3_client.config.put_config(
topology_name=topology_name,
ntp_hosts=ntp_hosts)
print(api_response.json())
PUT /config
Provides general information about the manager's topology, license state and checksums and allows you to set the topology name.
Body parameter
{
"topology_name": "string",
"ntp_hosts": "string"
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| topology_name | body | string | false | Specifies a text name to display at the top of the web ui and in the desc_config API response |
| ntp_hosts | body | string | false | Single or space separated list of ntp server IPs or dns names. Using this argument overwrites the existing Configuration. |
Example responses
200 Response
{
"response": {
"asn": 0,
"topology_name": "string",
"topology_checksum": "string",
"manager_id": 1,
"ntp_hosts": "string",
"vns3_version": "string",
"licensed": true,
"overlay_ipaddress": "string",
"peered": true,
"public_ipaddress": "string",
"private_ipaddress": "string",
"security_token": "string"
}
}
400 Response
{
"error": {
"name": "APIArgumentError",
"log": "156348220177382578437853325229350053485636",
"message": "ntp_hosts is not in proper domain name format or ipv4 address format. Update abandoned."
}
}
Authentication information missing or invalid
{
"error": {
"name": "UnauthorizedError",
"log": "1563472268929826518356034508450851266833526",
"message": "Invalid or expired token"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
| 400 | Bad Request | Bad request | Inline |
| 401 | Unauthorized | Authentication information missing or invalid | Inline |
Response Schema
Status Code 200
ConfigDetail
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| response | object | false | - | - |
| asn | integer | false | - | Autonomous system number for controller if peered |
| topology_name | string | false | - | - |
| topology_checksum | string | false | - | - |
| manager_id | integer | false | - | This managers ID in peered topology |
| ntp_hosts | string | false | - | NTP host endpoints, whitespace delimited |
| vns3_version | string | false | - | - |
| licensed | boolean | false | - | - |
| overlay_ipaddress | string | false | - | This managers overlay IP in peered topology |
| peered | boolean | false | - | - |
| public_ipaddress | string | false | - | - |
| private_ipaddress | string | false | - | - |
| security_token | string | false | - | Security token in peered topology |
Status Code 400
Error
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| error | object | false | - | - |
| name | string | false | - | - |
| log | string | false | - | - |
| message | string | false | - | - |
Upload new SSL cert and key pair
Code samples
# You can also use wget
curl -X PUT -u api:myapipassword https://vns3-host:8000/api/system/ssl/keypair \
-H 'Content-Type: application/json' \
-H 'Accept: application/json'
from cohesivenet import VNS3Client
api_response = vns3_client.config.put_upload_ssl_keypair(
cert=cert,
key=key)
print(api_response.json())
PUT /system/ssl/keypair
Upload new SSL cert and key pair
Body parameter
{
"cert": "string",
"key": "string"
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| cert | body | string | true | - |
| key | body | string | true | - |
Example responses
200 Response
{
"response": "Valid key/cert files uploaded"
}
400 Response
{
"error": {
"name": "APIArgumentError",
"log": "156348346294205629750334447737345166168929",
"message": "cert is missing, key is missing"
}
}
Authentication information missing or invalid
{
"error": {
"name": "UnauthorizedError",
"log": "1563472268929826518356034508450851266833526",
"message": "Invalid or expired token"
}
}
403 Response
{
"unlicensedExample": {
"value": {
"error": {
"name": "PrerequisiteError",
"log": "1563472268929826518356034508450851266833526",
"message": "Must be licensed first."
}
}
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
| 400 | Bad Request | Bad request | Inline |
| 401 | Unauthorized | Authentication information missing or invalid | Inline |
| 403 | Forbidden | Request Forbidden - operation not allowed | Inline |
Response Schema
Status Code 200
SimpleStringResponse
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| response | string | false | - | - |
Status Code 400
Error
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| error | object | false | - | - |
| name | string | false | - | - |
| log | string | false | - | - |
| message | string | false | - | - |
Install SSL cert and key pair
Code samples
# You can also use wget
curl -X PUT -u api:myapipassword https://vns3-host:8000/api/system/ssl/install \
-H 'Accept: application/json'
from cohesivenet import VNS3Client
api_response = vns3_client.config.put_install_ssl_keypair()
print(api_response.json())
PUT /system/ssl/install
Install SSL cert and key pair
Example responses
200 Response
{
"response": {
"status": "SSL Cert installation queued",
"uuid": "10923jnowfdhgu039jon4r09201"
}
}
400 Response
{
"error": {
"name": "APIArgumentError",
"log": "156348346294205629750334447737345166168929",
"message": "cert is missing, key is missing"
}
}
Authentication information missing or invalid
{
"error": {
"name": "UnauthorizedError",
"log": "1563472268929826518356034508450851266833526",
"message": "Invalid or expired token"
}
}
403 Response
{
"unlicensedExample": {
"value": {
"error": {
"name": "PrerequisiteError",
"log": "1563472268929826518356034508450851266833526",
"message": "Must be licensed first."
}
}
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
| 400 | Bad Request | Bad request | Inline |
| 401 | Unauthorized | Authentication information missing or invalid | Inline |
| 403 | Forbidden | Request Forbidden - operation not allowed | Inline |
Response Schema
Status Code 200
ServerSSLDetailResponse
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| response | object | false | - | - |
| uuid | string | false | - | - |
| status | string | false | - | - |
| state | string | false | - | - |
Status Code 400
Error
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| error | object | false | - | - |
| name | string | false | - | - |
| log | string | false | - | - |
| message | string | false | - | - |
Get SSL installation status
Code samples
# You can also use wget
curl -X GET -u api:myapipassword https://vns3-host:8000/api/system/ssl/install/{uuid} \
-H 'Accept: application/json'
from cohesivenet import VNS3Client
api_response = vns3_client.config.get_ssl_install_status(uuid)
print(api_response.json())
GET /system/ssl/install/{uuid}
Get status for ssl installation task
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| uuid | path | string | true | uuid of resource |
Example responses
200 Response
{
"response": {
"uuid": "19230109239012390129031012312",
"status": "Job pending",
"state": "pending"
}
}
Authentication information missing or invalid
{
"error": {
"name": "UnauthorizedError",
"log": "1563472268929826518356034508450851266833526",
"message": "Invalid or expired token"
}
}
403 Response
{
"unlicensedExample": {
"value": {
"error": {
"name": "PrerequisiteError",
"log": "1563472268929826518356034508450851266833526",
"message": "Must be licensed first."
}
}
}
}
404 Response
{
"error": {
"name": "APINotFoundError",
"log": "15640808375976073208002188741879242245537",
"message": "Unknown Job ID: 1234"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
| 401 | Unauthorized | Authentication information missing or invalid | Inline |
| 403 | Forbidden | Request Forbidden - operation not allowed | Inline |
| 404 | Not Found | Not found | Inline |
Response Schema
Status Code 200
ServerSSLDetailResponse
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| response | object | false | - | - |
| uuid | string | false | - | - |
| status | string | false | - | - |
| state | string | false | - | - |
Status Code 404
Error
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| error | object | false | - | - |
| name | string | false | - | - |
| log | string | false | - | - |
| message | string | false | - | - |
Get topology keyset
Code samples
# You can also use wget
curl -X GET -u api:myapipassword https://vns3-host:8000/api/keyset \
-H 'Accept: application/json'
from cohesivenet import VNS3Client
api_response = vns3_client.undefined.get_keyset()
print(api_response.json())
GET /keyset
Returns keyset details. The keyset is a set of cryptographic credentials used for encrypting all data on the overlay network.
Example responses
200 Response
{
"response": {
"keyset_present": true,
"created_at": "2019-07-19T19:44:02.191+00:00",
"created_at_i": 1563565442,
"checksum": "6093b865464ec3f7ab7213975c3b952763d1df14",
"uuid": "8effb1ea-aa5d-11e9-aaf4-02935c82307a"
}
}
Authentication information missing or invalid
{
"error": {
"name": "UnauthorizedError",
"log": "1563472268929826518356034508450851266833526",
"message": "Invalid or expired token"
}
}
403 Response
{
"response": {
"message": "Must be licensed first",
"log": "123901290309083024802120939123901023091239",
"name": "PrerequisiteError"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
| 401 | Unauthorized | Authentication information missing or invalid | Inline |
| 403 | Forbidden | Request Forbidden - operation not allowed | Inline |
Response Schema
Status Code 200
KeysetDetail
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| response | object | false | - | - |
| in_progress | boolean | false | - | - |
| running | integer | false | - | - |
| keyset_present | boolean | false | - | - |
| checksum | string | false | - | - |
| created_at | string | false | - | - |
| created_at_i | integer | false | - | - |
| started_at | string | false | - | - |
| started_at_i | integer | false | - | - |
| uuid | string | false | - | - |
Status Code 403
Error
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| error | object | false | - | - |
| name | string | false | - | - |
| log | string | false | - | - |
| message | string | false | - | - |
Generate keyset
Code samples
# You can also use wget
curl -X PUT -u api:myapipassword https://vns3-host:8000/api/keyset \
-H 'Content-Type: application/json' \
-H 'Accept: application/json'
from cohesivenet import VNS3Client
api_response = vns3_client.config.put_keyset(
source=source,
token=token,
topology_name=topology_name)
print(api_response.json())
PUT /keyset
Generate keyset The keyset is a set of cryptographic credentials used for encrypting all data on the overlay network. Keyset generation happens in background. Poll on GET /keyset in_progress value for keyset status.
Body parameter
{
"source": "string",
"token": "string",
"topology_name": "string"
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| source | body | string | false | If provided, fetches keyset from source manager |
| token | body | string | true | Arbitrary key used to help randomize the checksum, it must be identical for each manager in a topology. |
| topology_name | body | string | false | Name for the topology |
Example responses
200 Response
{
"response": {
"keyset_preset": false,
"in_progress": true,
"started_at": "2019-07-19T19:43:00.147+00:00",
"started_at_i": 1563565380,
"running": 0
}
}
400 Response
{
"error": {
"name": "APIArgumentError",
"log": "156348346294205629750334447737345166168929",
"message": "token is missing"
}
}
Authentication information missing or invalid
{
"error": {
"name": "UnauthorizedError",
"log": "1563472268929826518356034508450851266833526",
"message": "Invalid or expired token"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
| 400 | Bad Request | Bad request | Inline |
| 401 | Unauthorized | Authentication information missing or invalid | Inline |
Response Schema
Status Code 200
KeysetDetail
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| response | object | false | - | - |
| in_progress | boolean | false | - | - |
| running | integer | false | - | - |
| keyset_present | boolean | false | - | - |
| checksum | string | false | - | - |
| created_at | string | false | - | - |
| created_at_i | integer | false | - | - |
| started_at | string | false | - | - |
| started_at_i | integer | false | - | - |
| uuid | string | false | - | - |
Status Code 400
Error
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| error | object | false | - | - |
| name | string | false | - | - |
| log | string | false | - | - |
| message | string | false | - | - |
Get license details
Code samples
# You can also use wget
curl -X GET -u api:myapipassword https://vns3-host:8000/api/license \
-H 'Accept: application/json'
from cohesivenet import VNS3Client
api_response = vns3_client.licensing.get_license()
print(api_response.json())
GET /license
Get license details
Example responses
200 Response
{
"response": {
"capabilities": [
"string"
],
"finalized": true,
"my_manager_vip": "string",
"license": "string",
"license_present": true,
"sha1_checksum": "string",
"uploaded_at": "string",
"custom_addressing": true,
"uploaded_at_i": 0,
"container_details": {
"containers_run_count": 0,
"containers_image_count": 0
},
"topology": {
"clients": [
{
"ip_address": "string",
"octets": [
0
]
}
],
"managers": [
{
"asn": 0,
"manager_id": 1,
"overlay_ipaddress": {
"ip_address": "string",
"octets": [
0
]
}
}
],
"total_clients": 0,
"ipsec_max_subnets": 0,
"ipsec_max_endpoints": 0,
"license_upgrades": [
"string"
],
"overlay_max_clients": 0,
"overlay_subnet": "string"
}
}
}
Authentication information missing or invalid
{
"error": {
"name": "UnauthorizedError",
"log": "1563472268929826518356034508450851266833526",
"message": "Invalid or expired token"
}
}
403 Response
{
"response": {
"message": "Must be licensed first",
"log": "9009012801280138018910283081301390103",
"name": "PrerequisiteError"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Get license topology details | Inline |
| 401 | Unauthorized | Authentication information missing or invalid | Inline |
| 403 | Forbidden | Request Forbidden - operation not allowed | Inline |
Response Schema
Status Code 200
LicenseDetail
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| response | object | false | - | - |
| capabilities | [string] | false | - | Features available such as eBGP, CloudWAN etc. |
| finalized | boolean | false | - | - |
| my_manager_vip | string | false | - | - |
| license | string | false | - | State of license, accepted, in-progress, failed |
| license_present | boolean | false | - | - |
| sha1_checksum | string | false | - | - |
| uploaded_at | string | false | - | - |
| custom_addressing | boolean | false | - | - |
| uploaded_at_i | integer | false | - | - |
| container_details | object | false | - | - |
| containers_run_count | integer | false | - | - |
| containers_image_count | integer | false | - | - |
| topology | object | false | - | - |
| clients | [object] | false | - | IPs for clientpacks |
| ip_address | string | false | - | - |
| octets | [integer] | false | - | - |
| managers | [object] | false | - | - |
| VNS3Controller | object | false | - | - |
| asn | integer | false | - | - |
| manager_id | integer | false | - | - |
| overlay_ipaddress | object | false | - | - |
| ip_address | string | false | - | - |
| octets | [integer] | false | - | - |
| total_clients | integer | false | - | - |
| ipsec_max_subnets | integer | false | - | - |
| ipsec_max_endpoints | integer | false | - | - |
| license_upgrades | [string] | false | - | - |
| overlay_max_clients | integer | false | - | - |
| overlay_subnet | string | false | - | CIDR for overlay clients |
Status Code 403
Error
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| error | object | false | - | - |
| name | string | false | - | - |
| log | string | false | - | - |
| message | string | false | - | - |
Upload license
Code samples
# You can also use wget
curl -X PUT -u api:myapipassword https://vns3-host:8000/api/license \
-H 'Content-Type: text/plain' \
-H 'Accept: application/json'
from cohesivenet import VNS3Client
api_response = vns3_client.licensing.upload_license()
print(api_response.json())
PUT /license
License a VNS3 Controller to be a part of a specific topology. Must not be licensed already.
Body parameter
string
Example responses
200 Response
{
"response": {
"capabilities": [
"string"
],
"finalized": true,
"license": "string",
"license_present": true,
"default_topology": {
"clients": [
{
"ip_address": "string",
"octets": [
0
]
}
],
"managers": [
{
"asn": 0,
"manager_id": 1,
"overlay_ipaddress": {
"ip_address": "string",
"octets": [
0
]
}
}
],
"total_clients": 0,
"ipsec_max_subnets": 0,
"ipsec_max_endpoints": 0,
"license_upgrades": [
"string"
],
"overlay_max_clients": 0,
"overlay_subnet": "string"
}
}
}
400 Response
{
"error": {
"name": "APIArgumentError",
"log": "156348220177382578437853325229350053485636",
"message": "Bad license"
}
}
Authentication information missing or invalid
{
"error": {
"name": "UnauthorizedError",
"log": "1563472268929826518356034508450851266833526",
"message": "Invalid or expired token"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Upload license response | Inline |
| 400 | Bad Request | Bad request | Inline |
| 401 | Unauthorized | Authentication information missing or invalid | Inline |
Response Schema
Status Code 200
InitLicenseDetail
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| response | object | false | - | - |
| capabilities | [string] | false | - | Features available such as eBGP, CloudWAN, Containers etc. |
| finalized | boolean | false | - | - |
| license | string | false | - | State of license, accepted, in-progress, failed |
| license_present | boolean | false | - | - |
| default_topology | object | false | - | - |
| clients | [object] | false | - | IPs for clientpacks |
| ip_address | string | false | - | - |
| octets | [integer] | false | - | - |
| managers | [object] | false | - | - |
| VNS3Controller | object | false | - | - |
| asn | integer | false | - | - |
| manager_id | integer | false | - | - |
| overlay_ipaddress | object | false | - | - |
| ip_address | string | false | - | - |
| octets | [integer] | false | - | - |
| total_clients | integer | false | - | - |
| ipsec_max_subnets | integer | false | - | - |
| ipsec_max_endpoints | integer | false | - | - |
| license_upgrades | [string] | false | - | - |
| overlay_max_clients | integer | false | - | - |
| overlay_subnet | string | false | - | CIDR for overlay clients |
Status Code 400
Error
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| error | object | false | - | - |
| name | string | false | - | - |
| log | string | false | - | - |
| message | string | false | - | - |
Set license parameters
Code samples
# You can also use wget
curl -X PUT -u api:myapipassword https://vns3-host:8000/api/license/parameters \
-H 'Content-Type: application/json' \
-H 'Accept: application/json'
from cohesivenet import VNS3Client
api_response = vns3_client.licensing.put_set_license_parameters(
subnet=subnet,
managers=managers,
asns=asns,
clients=clients,
my_manager_vip=my_manager_vip,
default=default)
print(api_response.json())
PUT /license/parameters
Set and accept license parameters. Triggers reboot. Irreversible operation.
Body parameter
{
"subnet": "string",
"managers": "string",
"asns": "string",
"clients": "string",
"my_manager_vip": "string",
"default": false
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| subnet | body | string | false | Specifies the CIDR of the virtual network created for use with the VNS3 Manager |
| managers | body | string | false | Whitespace delimited address string in the subnet to use for the VNS3 Controllers' virtual interfaces. |
| asns | body | string | false | Whitespace delimited string of ASNs (autonomous system numbers) corresponding to the order of the controllers |
| clients | body | string | false | Comma delimited, or hyphenated sequence of addresses for use as client addresses in the virtual network. |
| my_manager_vip | body | string | false | IPAddress that must be allocated from the subnet, and be the same for all controllers |
| default | body | boolean | false | Specifices whether to use defualt topology addressing as specified by the license |
Example responses
200 Response
{
"response": {
"license": "string",
"finalized": true,
"parameters": {
"subnet": "string",
"controllers": [
"string"
],
"managers": [
"string"
],
"clients": [
"string"
],
"asns": [
0
],
"my_manager_vip": "string"
}
}
}
400 Response
{
"error": {
"name": "APIArgumentError",
"log": "156348346294205629750334447737345166168929",
"message": "invalid asns field"
}
}
Authentication information missing or invalid
{
"error": {
"name": "UnauthorizedError",
"log": "1563472268929826518356034508450851266833526",
"message": "Invalid or expired token"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Put new license parameters for topology | Inline |
| 400 | Bad Request | Bad request | Inline |
| 401 | Unauthorized | Authentication information missing or invalid | Inline |
Response Schema
Status Code 200
LicenseParametersDetail
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| response | object | false | - | - |
| license | string | false | - | - |
| finalized | boolean | false | - | - |
| parameters | object | false | - | - |
| subnet | string | false | - | - |
| controllers | [string] | false | - | IP addresses of VNS3 controllers in topology |
| managers | [string] | false | - | IP addresses of VNS3 controllers in topology |
| clients | [string] | false | - | IP addresses of clients in topology |
| asns | [integer] | false | - | ASNs used by controllers in topology |
| my_manager_vip | string | false | - | - |
Status Code 400
Error
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| error | object | false | - | - |
| name | string | false | - | - |
| log | string | false | - | - |
| message | string | false | - | - |
Upgrade license
Code samples
# You can also use wget
curl -X PUT -u api:myapipassword https://vns3-host:8000/api/license/upgrade \
-H 'Content-Type: text/plain' \
-H 'Accept: application/json'
from cohesivenet import VNS3Client
api_response = vns3_client.licensing.put_license_upgrade()
print(api_response.json())
PUT /license/upgrade
Upload new license to controller
Body parameter
string
Example responses
200 Response
{
"response": {
"finalized": true,
"uniq": "string",
"license": "string",
"new_clientpacks": 0,
"new_managers": 0
}
}
Authentication information missing or invalid
{
"error": {
"name": "UnauthorizedError",
"log": "1563472268929826518356034508450851266833526",
"message": "Invalid or expired token"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | New license parameters | Inline |
| 401 | Unauthorized | Authentication information missing or invalid | Inline |
Response Schema
Status Code 200
UpgradeLicenseResponse
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| response | object | false | - | - |
| finalized | boolean | false | - | - |
| uniq | string | false | - | new sha1 hash of license |
| license | string | false | - | State of license, accepted, in-progress, failed |
| new_clientpacks | integer | false | - | - |
| new_managers | integer | false | - | - |
Get MS configuration
Code samples
# You can also use wget
curl -X GET -u api:myapipassword https://vns3-host:8000/api/ms \
-H 'Accept: application/json'
from cohesivenet import VNS3Client
api_response = vns3_client.config.get_ms_config(
ip=ip)
print(api_response.json())
GET /ms
Get MS configuration
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| ip | query | string | false | name of resource |
Example responses
200 Response
{
"response": {
"id": 1,
"name": "string",
"url": "string",
"enabled": true,
"webhook_id": 1,
"created_at": "2021-03-25T23:03:24Z",
"updated_at": "2021-03-25T23:03:24Z",
"events": [
"string"
],
"custom_properties": [
{
"name": "string",
"value": "string"
}
]
}
}
Authentication information missing or invalid
{
"error": {
"name": "UnauthorizedError",
"log": "1563472268929826518356034508450851266833526",
"message": "Invalid or expired token"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Get VNS3:ms alert success | Inline |
| 401 | Unauthorized | Authentication information missing or invalid | Inline |
Response Schema
Status Code 200
AlertDetailResponse
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| response | object | false | - | - |
| id | integer | false | - | - |
| name | string | false | - | - |
| url | string¦null | false | - | - |
| enabled | boolean | false | - | - |
| webhook_id | integer | false | - | - |
| created_at | string(date-time) | false | - | - |
| updated_at | string(date-time) | false | - | - |
| events | [string] | false | - | - |
| custom_properties | [object] | false | - | - |
| name | string | false | - | - |
| value | string | false | - | - |
Set MS for controller
Code samples
# You can also use wget
curl -X POST -u api:myapipassword https://vns3-host:8000/api/ms \
-H 'Content-Type: application/json' \
-H 'Accept: application/json'
from cohesivenet import VNS3Client
api_response = vns3_client.config.post_set_ms_config(
ip=ip)
print(api_response.json())
POST /ms
Set VNS3 Management System endpoint
Body parameter
{
"ip": "string"
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| ip | body | string | true | VNS3 Management system endpoint IP address |
Example responses
200 Response
{
"response": {
"ip": "string",
"alert_enabled": true
}
}
Authentication information missing or invalid
{
"error": {
"name": "UnauthorizedError",
"log": "1563472268929826518356034508450851266833526",
"message": "Invalid or expired token"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
| 400 | Bad Request | Bad request | Inline |
| 401 | Unauthorized | Authentication information missing or invalid | Inline |
Response Schema
Status Code 200
MSConfig
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| response | object | false | - | - |
| ip | string | false | - | IP address of VNS3 Management Systems |
| alert_enabled | boolean | false | - | Enable alerting to MS |
Status Code 400
Error
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| error | object | false | - | - |
| name | string | false | - | - |
| log | string | false | - | - |
| message | string | false | - | - |
Update MS config for controller
Code samples
# You can also use wget
curl -X PUT -u api:myapipassword https://vns3-host:8000/api/ms \
-H 'Content-Type: application/json' \
-H 'Accept: application/json'
from cohesivenet import VNS3Client
api_response = vns3_client.config.update_ms_config(
ip=ip,
alert_enabled=alert_enabled)
print(api_response.json())
PUT /ms
Update VNS3 Management System integration
Body parameter
{
"ip": "string",
"alert_enabled": true
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| ip | body | string | false | VNS3 Management system endpoint IP address |
| alert_enabled | body | boolean | true | Disable/Enable sending alerts to VNS3:ms |
Example responses
200 Response
{
"response": {
"ip": "string",
"alert_enabled": true
}
}
Authentication information missing or invalid
{
"error": {
"name": "UnauthorizedError",
"log": "1563472268929826518356034508450851266833526",
"message": "Invalid or expired token"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
| 400 | Bad Request | Bad request | Inline |
| 401 | Unauthorized | Authentication information missing or invalid | Inline |
Response Schema
Status Code 200
MSConfig
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| response | object | false | - | - |
| ip | string | false | - | IP address of VNS3 Management Systems |
| alert_enabled | boolean | false | - | Enable alerting to MS |
Status Code 400
Error
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| error | object | false | - | - |
| name | string | false | - | - |
| log | string | false | - | - |
| message | string | false | - | - |
Send test VNS3:ms alert
Code samples
# You can also use wget
curl -X POST -u api:myapipassword https://vns3-host:8000/api/ms/alert/test \
-H 'Accept: application/json'
from cohesivenet import VNS3Client
api_response = vns3_client.config.post_send_test_ms_alert()
print(api_response.json())
POST /ms/alert/test
Send test alert to VNS3:ms
Example responses
200 Response
{
"response": true
}
Authentication information missing or invalid
{
"error": {
"name": "UnauthorizedError",
"log": "1563472268929826518356034508450851266833526",
"message": "Invalid or expired token"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
| 400 | Bad Request | Bad request | Inline |
| 401 | Unauthorized | Authentication information missing or invalid | Inline |
Response Schema
Status Code 200
SimpleBooleanResponse
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| response | boolean | false | - | - |
Status Code 400
Error
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| error | object | false | - | - |
| name | string | false | - | - |
| log | string | false | - | - |
| message | string | false | - | - |
IPsec
Control and manage your IPSec tunnels
Get IPsec status
Code samples
# You can also use wget
curl -X GET -u api:myapipassword https://vns3-host:8000/api/status/ipsec \
-H 'Accept: application/json'
from cohesivenet import VNS3Client
api_response = vns3_client.ipsec.get_ipsec_status()
print(api_response.json())
GET /status/ipsec
Describe ipsec tunnels status
Example responses
200 Response
{
"response": {
"property1": {
"id": 1,
"local_subnet": "string",
"remote_subnet": "string",
"endpointid": 1,
"endpoint_id": 1,
"endpoint_name": "string",
"enabled": true,
"active": true,
"description": "string",
"bounce": true,
"connected": true,
"ping_interface": "eth0",
"ping_interval": 0,
"ping_ipaddress": "string",
"tunnel_params": {
"phase2": "string",
"outbound_spi": "string",
"inbound_spi": "string",
"bytes_in": "string",
"bytes_out": "string",
"esp_time_remaining": "string",
"esp_port": "string",
"phase2_algo": "string",
"phase2_hash": "string",
"nat_t": "string",
"dpd": "string",
"pfs_dh_group": "string",
"phase1": "string",
"isakmp_port": "string",
"isakmp_time_remaining": "string",
"last_dpd": "string",
"phase1_cipher": "string",
"phase1_prf": "string",
"phase1_dh_group": "string",
"ike_version": "string"
}
},
"property2": {
"id": 1,
"local_subnet": "string",
"remote_subnet": "string",
"endpointid": 1,
"endpoint_id": 1,
"endpoint_name": "string",
"enabled": true,
"active": true,
"description": "string",
"bounce": true,
"connected": true,
"ping_interface": "eth0",
"ping_interval": 0,
"ping_ipaddress": "string",
"tunnel_params": {
"phase2": "string",
"outbound_spi": "string",
"inbound_spi": "string",
"bytes_in": "string",
"bytes_out": "string",
"esp_time_remaining": "string",
"esp_port": "string",
"phase2_algo": "string",
"phase2_hash": "string",
"nat_t": "string",
"dpd": "string",
"pfs_dh_group": "string",
"phase1": "string",
"isakmp_port": "string",
"isakmp_time_remaining": "string",
"last_dpd": "string",
"phase1_cipher": "string",
"phase1_prf": "string",
"phase1_dh_group": "string",
"ike_version": "string"
}
}
}
}
Authentication information missing or invalid
{
"error": {
"name": "UnauthorizedError",
"log": "1563472268929826518356034508450851266833526",
"message": "Invalid or expired token"
}
}
403 Response
{
"unlicensedExample": {
"value": {
"error": {
"name": "PrerequisiteError",
"log": "1563472268929826518356034508450851266833526",
"message": "Must be licensed first."
}
}
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
| 401 | Unauthorized | Authentication information missing or invalid | Inline |
| 403 | Forbidden | Request Forbidden - operation not allowed | Inline |
Response Schema
Status Code 200
IpsecTunnelListResponseKeyValue
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| response | object | false | - | Ipsec tunnel details keyed by ID |
| IpsecTunnel | object | false | - | - |
| id | integer | false | - | - |
| local_subnet | string | false | - | - |
| remote_subnet | string | false | - | - |
| endpointid | integer | false | - | - |
| endpoint_id | integer | false | - | - |
| endpoint_name | string | false | - | - |
| enabled | boolean | false | - | - |
| active | boolean | false | - | - |
| description | string¦null | false | - | - |
| bounce | boolean | false | - | True if tunnel was just bounced |
| connected | boolean | false | - | - |
| ping_interface | string | false | - | - |
| ping_interval | integer¦null | false | - | Interval for ping in seconds |
| ping_ipaddress | string | false | - | - |
| tunnel_params | object | false | - | - |
| phase2 | string | false | - | - |
| outbound_spi | string | false | - | - |
| inbound_spi | string | false | - | - |
| bytes_in | string | false | - | - |
| bytes_out | string | false | - | - |
| esp_time_remaining | string | false | - | - |
| esp_port | string | false | - | - |
| phase2_algo | string | false | - | - |
| phase2_hash | string | false | - | - |
| nat_t | string | false | - | - |
| dpd | string | false | - | - |
| pfs_dh_group | string¦null | false | - | - |
| phase1 | string | false | - | - |
| isakmp_port | string | false | - | - |
| isakmp_time_remaining | string | false | - | - |
| last_dpd | string | false | - | - |
| phase1_cipher | string¦null | false | - | - |
| phase1_prf | string¦null | false | - | - |
| phase1_dh_group | string¦null | false | - | - |
| ike_version | string | false | - | - |
Enumerated Values
| Property | Value |
|---|---|
| ping_interface | eth0 |
| ping_interface | tun0 |
Get IPsec link history
Code samples
# You can also use wget
curl -X GET -u api:myapipassword https://vns3-host:8000/api/status/link_history \
-H 'Accept: application/json'
from cohesivenet import VNS3Client
api_response = vns3_client.ipsec.get_ipsec_link_history(
remote=remote,
local=local,
tunnelid=tunnelid)
print(api_response.json())
GET /status/link_history
Provides information about the connection history of the subnet or tunnel
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| remote | query | string | false | Address string in CIDR format to display link history to a remote endpoint. |
| local | query | string | false | Address string in CIDR format which will display status of the local route |
| tunnelid | query | integer | false | Will display link history of just the tunnel specified, which may be only one tunnel to a remote endpoint. |
Example responses
200 Response
{
"response": {
"remote": "string",
"local": "string",
"tunnelid": 1,
"history": [
{
"event": "string",
"timestamp": "string",
"timestamp_i": 0
}
]
}
}
400 Response
{
"error": {
"name": "APIArgumentError",
"log": "1564152672558671466135091328226684573894656",
"message": "bad or invalid remote"
}
}
Authentication information missing or invalid
{
"error": {
"name": "UnauthorizedError",
"log": "1563472268929826518356034508450851266833526",
"message": "Invalid or expired token"
}
}
403 Response
{
"unlicensedExample": {
"value": {
"error": {
"name": "PrerequisiteError",
"log": "1563472268929826518356034508450851266833526",
"message": "Must be licensed first."
}
}
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
| 400 | Bad Request | Bad request | Inline |
| 401 | Unauthorized | Authentication information missing or invalid | Inline |
| 403 | Forbidden | Request Forbidden - operation not allowed | Inline |
Response Schema
Status Code 200
LinkHistoryDetail
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| response | object | false | - | - |
| remote | string | false | - | - |
| local | string | false | - | - |
| tunnelid | integer | false | - | - |
| history | [object] | false | - | - |
| LinkEvent | object | false | - | - |
| event | string | false | - | Tunnel event, up or down |
| timestamp | string | false | - | - |
| timestamp_i | integer | false | - | - |
Status Code 400
Error
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| error | object | false | - | - |
| name | string | false | - | - |
| log | string | false | - | - |
| message | string | false | - | - |
Get connected subnets
Code samples
# You can also use wget
curl -X GET -u api:myapipassword https://vns3-host:8000/api/status/connected_subnets \
-H 'Accept: application/json'
from cohesivenet import VNS3Client
api_response = vns3_client.ipsec.get_connected_subnets(
extended_output=extended_output)
print(api_response.json())
GET /status/connected_subnets
Provides information about any connected subnets.
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| extended_output | query | boolean | false | Receive verbose information about resources |
Example responses
200 Response
{
"response": [
[
"string"
]
]
}
Authentication information missing or invalid
{
"error": {
"name": "UnauthorizedError",
"log": "1563472268929826518356034508450851266833526",
"message": "Invalid or expired token"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
| 401 | Unauthorized | Authentication information missing or invalid | Inline |
Response Schema
Status Code 200
ConnectedSubnetsDetailResponse
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| response | any | false | - | - |
oneOf
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| any | [array] | false | - | Array of arrays with each element of length 2 representing [network, subnet mask] |
xor
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| any | [object] | false | - | - |
| ConnectedSubnet | object | false | - | - |
| subnet | string | false | - | - |
| network | string | false | - | - |
| cidr_mask | string | false | - | - |
| managerid | integer | false | - | - |
| netmask | string | false | - | - |
| origin | string | false | - | ipsec, local_no_encryption, remote_manager, or ebgp |
Get IPsec details
Code samples
# You can also use wget
curl -X GET -u api:myapipassword https://vns3-host:8000/api/ipsec \
-H 'Accept: application/json'
from cohesivenet import VNS3Client
api_response = vns3_client.ipsec.get_ipsec_details()
print(api_response.json())
GET /ipsec
Get details for all IPsec endpoints/subnets
Example responses
200 Response
{
"response": {
"this_endpoint": {
"ipaddress": "3.222.68.251",
"overlay_subnet": "100.127.255.192/26",
"private_ipaddress": "192.168.1.230",
"ipsec_local_ipaddress": "192.168.1.230",
"asn": 65001
},
"remote_endpoints": {}
}
}
Authentication information missing or invalid
{
"error": {
"name": "UnauthorizedError",
"log": "1563472268929826518356034508450851266833526",
"message": "Invalid or expired token"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
| 401 | Unauthorized | Authentication information missing or invalid | Inline |
Response Schema
Status Code 200
IpsecSystemDetail
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| response | object | false | - | - |
| this_endpoint | object | false | - | - |
| nat_traversal | boolean | false | - | - |
| ipaddress | string | false | - | - |
| overlay_subnet | string | false | - | - |
| private_ipaddress | string | false | - | - |
| ipsec_local_ipaddress | string | false | - | - |
| asn | integer | false | - | - |
| remote_endpoints | object | false | - | - |
| IpsecRemoteEndpoint | object | false | - | - |
| id | integer | false | - | - |
| name | string | false | - | - |
| ipaddress | string | false | - | - |
| description | string | false | - | - |
| nat_t_enabled | boolean | false | - | - |
| ike_version | integer | false | - | - |
| pfs | boolean | false | - | Perfect forward secrecy enabled |
| private_ipaddress | string | false | - | - |
| extra_config | [string] | false | - | - |
| tunnels | object | false | - | - |
| IpsecTunnel | object | false | - | - |
| id | integer | false | - | - |
| local_subnet | string | false | - | - |
| remote_subnet | string | false | - | - |
| endpointid | integer | false | - | - |
| endpoint_id | integer | false | - | - |
| endpoint_name | string | false | - | - |
| enabled | boolean | false | - | - |
| active | boolean | false | - | - |
| description | string¦null | false | - | - |
| bounce | boolean | false | - | True if tunnel was just bounced |
| connected | boolean | false | - | - |
| ping_interface | string | false | - | - |
| ping_interval | integer¦null | false | - | Interval for ping in seconds |
| ping_ipaddress | string | false | - | - |
| tunnel_params | object | false | - | - |
| phase2 | string | false | - | - |
| outbound_spi | string | false | - | - |
| inbound_spi | string | false | - | - |
| bytes_in | string | false | - | - |
| bytes_out | string | false | - | - |
| esp_time_remaining | string | false | - | - |
| esp_port | string | false | - | - |
| phase2_algo | string | false | - | - |
| phase2_hash | string | false | - | - |
| nat_t | string | false | - | - |
| dpd | string | false | - | - |
| pfs_dh_group | string¦null | false | - | - |
| phase1 | string | false | - | - |
| isakmp_port | string | false | - | - |
| isakmp_time_remaining | string | false | - | - |
| last_dpd | string | false | - | - |
| phase1_cipher | string¦null | false | - | - |
| phase1_prf | string¦null | false | - | - |
| phase1_dh_group | string¦null | false | - | - |
| ike_version | string | false | - | - |
| bgp_peers | object | false | - | - |
| BGPPeer | object | false | - | - |
| asn | integer | false | - | - |
| ipaddress | string | false | - | - |
| access_list | string | false | - | List of "in permit CIDR" and/or "out permit CIDR" statements in a string delimited by "\n" |
| id | integer | false | - | - |
| bgp_password | string | false | - | - |
| add_network_distance | boolean | false | - | - |
| add_network_distance_direction | string | false | - | in or out |
| add_network_distance_hops | integer | false | - | - |
| connection_detail | string | false | - | - |
| type | string | false | - | Indicating Ipsec or GRE over ipsec |
| vpn_type | string | false | - | - |
| gre_interface_address | string | false | - | - |
| route_based_int_address | string | false | - | - |
| route_based_local | string | false | - | - |
| route_based_remote | string | false | - | - |
| psk | string | false | - | - |
Enumerated Values
| Property | Value |
|---|---|
| ping_interface | eth0 |
| ping_interface | tun0 |
Restart ipsec subystem
Code samples
# You can also use wget
curl -X POST -u api:myapipassword https://vns3-host:8000/api/ipsec \
-H 'Content-Type: application/json' \
-H 'Accept: application/json'
from cohesivenet import VNS3Client
api_response = vns3_client.ipsec.post_restart_ipsec_action(
restart=restart)
print(api_response.json())
POST /ipsec
Restart ipsec subystem
Body parameter
{
"restart": true
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| restart | body | boolean | true | Restarts target system on server if true |
Example responses
200 Response
{
"response": {
"restart": true
}
}
400 Response
{
"error": {
"name": "APIArgumentError",
"log": "156398145066351285906955697179258297423716",
"message": "restart is invalid"
}
}
Authentication information missing or invalid
{
"error": {
"name": "UnauthorizedError",
"log": "1563472268929826518356034508450851266833526",
"message": "Invalid or expired token"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Accepted | Inline |
| 400 | Bad Request | Bad request | Inline |
| 401 | Unauthorized | Authentication information missing or invalid | Inline |
Response Schema
Status Code 200
RestartStatus
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| response | object | false | - | - |
| restart | boolean | false | - | - |
Status Code 400
Error
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| error | object | false | - | - |
| name | string | false | - | - |
| log | string | false | - | - |
| message | string | false | - | - |
Update IPsec config
Code samples
# You can also use wget
curl -X PUT -u api:myapipassword https://vns3-host:8000/api/ipsec \
-H 'Content-Type: application/json' \
-H 'Accept: application/json'
from cohesivenet import VNS3Client
api_response = vns3_client.ipsec.put_update_ipsec_config(
ipsec_local_ipaddress=ipsec_local_ipaddress,
async=async)
print(api_response.json())
PUT /ipsec
Edit Ipsec Configuration on device. Note, This is device wide and must be set before any remote endpoint definitions are created. If it needs to be changed, all remote endpoint information and tunnel information must be deleted first.
Body parameter
{
"ipsec_local_ipaddress": "string",
"async": false
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| ipsec_local_ipaddress | body | string | true | This is effectively a "cloud NAT" address, since you don't know what your LAN address will be between invocations in a cloud, this address can be used by remote endpoints as your "behind a NAT" address, sometimes referred to Peer or IKE ID, if needed (e.g. Watchguard or Juniper). It can ALSO be thought of even more simply as an IPsec "loopback" interface that you can use to terminate traffic. |
| async | body | boolean | false | Return a task token waiting for IPsec configuration update, default is false, meaning the request will block |
Example responses
200 Response
{
"response": {
"this_endpoint": {
"nat_traversal": true,
"ipaddress": "string",
"overlay_subnet": "string",
"private_ipaddress": "string",
"ipsec_local_ipaddress": "string",
"asn": 0
},
"remote_endpoints": {
"property1": {
"id": 1,
"name": "string",
"ipaddress": "string",
"description": "string",
"nat_t_enabled": true,
"ike_version": 0,
"pfs": true,
"private_ipaddress": "string",
"extra_config": [
"string"
],
"tunnels": {
"property1": {
"id": 1,
"local_subnet": "string",
"remote_subnet": "string",
"endpointid": 1,
"endpoint_id": 1,
"endpoint_name": "string",
"enabled": true,
"active": true,
"description": "string",
"bounce": true,
"connected": true,
"ping_interface": "eth0",
"ping_interval": 0,
"ping_ipaddress": "string",
"tunnel_params": {
"phase2": "string",
"outbound_spi": "string",
"inbound_spi": "string",
"bytes_in": "string",
"bytes_out": "string",
"esp_time_remaining": "string",
"esp_port": "string",
"phase2_algo": "string",
"phase2_hash": "string",
"nat_t": "string",
"dpd": "string",
"pfs_dh_group": "string",
"phase1": "string",
"isakmp_port": "string",
"isakmp_time_remaining": "string",
"last_dpd": "string",
"phase1_cipher": "string",
"phase1_prf": "string",
"phase1_dh_group": "string",
"ike_version": "string"
}
},
"property2": {
"id": 1,
"local_subnet": "string",
"remote_subnet": "string",
"endpointid": 1,
"endpoint_id": 1,
"endpoint_name": "string",
"enabled": true,
"active": true,
"description": "string",
"bounce": true,
"connected": true,
"ping_interface": "eth0",
"ping_interval": 0,
"ping_ipaddress": "string",
"tunnel_params": {
"phase2": "string",
"outbound_spi": "string",
"inbound_spi": "string",
"bytes_in": "string",
"bytes_out": "string",
"esp_time_remaining": "string",
"esp_port": "string",
"phase2_algo": "string",
"phase2_hash": "string",
"nat_t": "string",
"dpd": "string",
"pfs_dh_group": "string",
"phase1": "string",
"isakmp_port": "string",
"isakmp_time_remaining": "string",
"last_dpd": "string",
"phase1_cipher": "string",
"phase1_prf": "string",
"phase1_dh_group": "string",
"ike_version": "string"
}
}
},
"bgp_peers": {
"property1": {
"asn": 0,
"ipaddress": "string",
"access_list": "string",
"id": 1,
"bgp_password": "string",
"add_network_distance": true,
"add_network_distance_direction": "string",
"add_network_distance_hops": 0,
"connection_detail": "string"
},
"property2": {
"asn": 0,
"ipaddress": "string",
"access_list": "string",
"id": 1,
"bgp_password": "string",
"add_network_distance": true,
"add_network_distance_direction": "string",
"add_network_distance_hops": 0,
"connection_detail": "string"
}
},
"type": "string",
"vpn_type": "string",
"gre_interface_address": "string",
"route_based_int_address": "string",
"route_based_local": "string",
"route_based_remote": "string",
"psk": "string"
},
"property2": {
"id": 1,
"name": "string",
"ipaddress": "string",
"description": "string",
"nat_t_enabled": true,
"ike_version": 0,
"pfs": true,
"private_ipaddress": "string",
"extra_config": [
"string"
],
"tunnels": {
"property1": {
"id": 1,
"local_subnet": "string",
"remote_subnet": "string",
"endpointid": 1,
"endpoint_id": 1,
"endpoint_name": "string",
"enabled": true,
"active": true,
"description": "string",
"bounce": true,
"connected": true,
"ping_interface": "eth0",
"ping_interval": 0,
"ping_ipaddress": "string",
"tunnel_params": {
"phase2": "string",
"outbound_spi": "string",
"inbound_spi": "string",
"bytes_in": "string",
"bytes_out": "string",
"esp_time_remaining": "string",
"esp_port": "string",
"phase2_algo": "string",
"phase2_hash": "string",
"nat_t": "string",
"dpd": "string",
"pfs_dh_group": "string",
"phase1": "string",
"isakmp_port": "string",
"isakmp_time_remaining": "string",
"last_dpd": "string",
"phase1_cipher": "string",
"phase1_prf": "string",
"phase1_dh_group": "string",
"ike_version": "string"
}
},
"property2": {
"id": 1,
"local_subnet": "string",
"remote_subnet": "string",
"endpointid": 1,
"endpoint_id": 1,
"endpoint_name": "string",
"enabled": true,
"active": true,
"description": "string",
"bounce": true,
"connected": true,
"ping_interface": "eth0",
"ping_interval": 0,
"ping_ipaddress": "string",
"tunnel_params": {
"phase2": "string",
"outbound_spi": "string",
"inbound_spi": "string",
"bytes_in": "string",
"bytes_out": "string",
"esp_time_remaining": "string",
"esp_port": "string",
"phase2_algo": "string",
"phase2_hash": "string",
"nat_t": "string",
"dpd": "string",
"pfs_dh_group": "string",
"phase1": "string",
"isakmp_port": "string",
"isakmp_time_remaining": "string",
"last_dpd": "string",
"phase1_cipher": "string",
"phase1_prf": "string",
"phase1_dh_group": "string",
"ike_version": "string"
}
}
},
"bgp_peers": {
"property1": {
"asn": 0,
"ipaddress": "string",
"access_list": "string",
"id": 1,
"bgp_password": "string",
"add_network_distance": true,
"add_network_distance_direction": "string",
"add_network_distance_hops": 0,
"connection_detail": "string"
},
"property2": {
"asn": 0,
"ipaddress": "string",
"access_list": "string",
"id": 1,
"bgp_password": "string",
"add_network_distance": true,
"add_network_distance_direction": "string",
"add_network_distance_hops": 0,
"connection_detail": "string"
}
},
"type": "string",
"vpn_type": "string",
"gre_interface_address": "string",
"route_based_int_address": "string",
"route_based_local": "string",
"route_based_remote": "string",
"psk": "string"
}
}
}
}
400 Response
{
"error": {
"name": "APIArgumentError",
"log": "156398145066351285906955697179258297423716",
"message": "ipsec_local_address is invalid"
}
}
Authentication information missing or invalid
{
"error": {
"name": "UnauthorizedError",
"log": "1563472268929826518356034508450851266833526",
"message": "Invalid or expired token"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Accepted | Inline |
| 400 | Bad Request | Bad request | Inline |
| 401 | Unauthorized | Authentication information missing or invalid | Inline |
Response Schema
Status Code 200
IpsecSystemDetail
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| response | object | false | - | - |
| this_endpoint | object | false | - | - |
| nat_traversal | boolean | false | - | - |
| ipaddress | string | false | - | - |
| overlay_subnet | string | false | - | - |
| private_ipaddress | string | false | - | - |
| ipsec_local_ipaddress | string | false | - | - |
| asn | integer | false | - | - |
| remote_endpoints | object | false | - | - |
| IpsecRemoteEndpoint | object | false | - | - |
| id | integer | false | - | - |
| name | string | false | - | - |
| ipaddress | string | false | - | - |
| description | string | false | - | - |
| nat_t_enabled | boolean | false | - | - |
| ike_version | integer | false | - | - |
| pfs | boolean | false | - | Perfect forward secrecy enabled |
| private_ipaddress | string | false | - | - |
| extra_config | [string] | false | - | - |
| tunnels | object | false | - | - |
| IpsecTunnel | object | false | - | - |
| id | integer | false | - | - |
| local_subnet | string | false | - | - |
| remote_subnet | string | false | - | - |
| endpointid | integer | false | - | - |
| endpoint_id | integer | false | - | - |
| endpoint_name | string | false | - | - |
| enabled | boolean | false | - | - |
| active | boolean | false | - | - |
| description | string¦null | false | - | - |
| bounce | boolean | false | - | True if tunnel was just bounced |
| connected | boolean | false | - | - |
| ping_interface | string | false | - | - |
| ping_interval | integer¦null | false | - | Interval for ping in seconds |
| ping_ipaddress | string | false | - | - |
| tunnel_params | object | false | - | - |
| phase2 | string | false | - | - |
| outbound_spi | string | false | - | - |
| inbound_spi | string | false | - | - |
| bytes_in | string | false | - | - |
| bytes_out | string | false | - | - |
| esp_time_remaining | string | false | - | - |
| esp_port | string | false | - | - |
| phase2_algo | string | false | - | - |
| phase2_hash | string | false | - | - |
| nat_t | string | false | - | - |
| dpd | string | false | - | - |
| pfs_dh_group | string¦null | false | - | - |
| phase1 | string | false | - | - |
| isakmp_port | string | false | - | - |
| isakmp_time_remaining | string | false | - | - |
| last_dpd | string | false | - | - |
| phase1_cipher | string¦null | false | - | - |
| phase1_prf | string¦null | false | - | - |
| phase1_dh_group | string¦null | false | - | - |
| ike_version | string | false | - | - |
| bgp_peers | object | false | - | - |
| BGPPeer | object | false | - | - |
| asn | integer | false | - | - |
| ipaddress | string | false | - | - |
| access_list | string | false | - | List of "in permit CIDR" and/or "out permit CIDR" statements in a string delimited by "\n" |
| id | integer | false | - | - |
| bgp_password | string | false | - | - |
| add_network_distance | boolean | false | - | - |
| add_network_distance_direction | string | false | - | in or out |
| add_network_distance_hops | integer | false | - | - |
| connection_detail | string | false | - | - |
| type | string | false | - | Indicating Ipsec or GRE over ipsec |
| vpn_type | string | false | - | - |
| gre_interface_address | string | false | - | - |
| route_based_int_address | string | false | - | - |
| route_based_local | string | false | - | - |
| route_based_remote | string | false | - | - |
| psk | string | false | - | - |
Enumerated Values
| Property | Value |
|---|---|
| ping_interface | eth0 |
| ping_interface | tun0 |
Status Code 400
Error
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| error | object | false | - | - |
| name | string | false | - | - |
| log | string | false | - | - |
| message | string | false | - | - |
Create IPsec endpoint
Code samples
# You can also use wget
curl -X POST -u api:myapipassword https://vns3-host:8000/api/ipsec/endpoints \
-H 'Content-Type: application/json' \
-H 'Accept: application/json'
from cohesivenet import VNS3Client
api_response = vns3_client.ipsec.post_create_ipsec_endpoint(
name=name,
description=description,
ipaddress=ipaddress,
secret=secret,
pfs=pfs,
ike_version=ike_version,
nat_t_enabled=nat_t_enabled,
extra_config=extra_config,
private_ipaddress=private_ipaddress,
gre=gre,
gre_interface_address=gre_interface_address,
vpn_type=vpn_type,
route_based_int_address=route_based_int_address,
route_based_local=route_based_local,
route_based_remote=route_based_remote)
print(api_response.json())
POST /ipsec/endpoints
Create IPsec connection to the defined remote gateway
Body parameter
{
"name": "string",
"description": "string",
"ipaddress": "string",
"secret": "string",
"pfs": true,
"ike_version": 1,
"nat_t_enabled": true,
"extra_config": "string",
"private_ipaddress": "string",
"gre": true,
"gre_interface_address": "string",
"vpn_type": "policy",
"route_based_int_address": "string",
"route_based_local": "string",
"route_based_remote": "string"
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| name | body | string | true | Name for the connection. |
| description | body | string | false | Description of this IPsec endpoint |
| ipaddress | body | string | true | IP of the remote gateway |
| secret | body | string | true | Pre-shared key |
| pfs | body | boolean | false | Perfect Forward Secrecy if true, disables if false. |
| ike_version | body | integer | false | Version for IKE algorithm |
| nat_t_enabled | body | boolean | false | True if you want encapsulated IPsec protocol to this gateway |
| extra_config | body | string | false | Additional optionals for connection such as 'phase1=aes256_gcm-sha2_256-dh14 phase2=aes256_gcm' |
| private_ipaddress | body | string | false | Internal NAT address of the remote gateway |
| gre | body | boolean | false | True if GRE is being used for the specific endpoint |
| gre_interface_address | body | string | false | Interface for GRE in /30 format |
| vpn_type | body | string | false | policy, gre, vti |
| route_based_int_address | body | string | false | - |
| route_based_local | body | string | false | - |
| route_based_remote | body | string | false | - |
Enumerated Values
| Parameter | Value |
|---|---|
| ike_version | 1 |
| ike_version | 2 |
Example responses
200 Response
{
"response": {
"id": 1,
"name": "EndpointB",
"ipaddress": "13.53.72.182",
"pfs": true,
"ike_version": 2,
"nat_t_enabled": true,
"private_ipaddress": "192.0.2.254",
"extra_config": [],
"description": "To datacenter B",
"tunnels": {
"3": {
"id": 3,
"local_subnet": "172.31.0.0/28",
"remote_subnet": "192.168.10.0/22",
"endpoint_id": 1,
"enabled": true,
"description": "tunnel description",
"ping_ipaddress": "",
"ping_interface": "tun0",
"ping_interval": null
}
},
"bgp_peers": {},
"type": "ipsec",
"vpn_type": "policy",
"psk": "testtest"
}
}
400 Response
{
"error": {
"name": "APIArgumentError",
"log": "156398145066351285906955697179258297423716",
"message": "ipaddress is invalid"
}
}
Authentication information missing or invalid
{
"error": {
"name": "UnauthorizedError",
"log": "1563472268929826518356034508450851266833526",
"message": "Invalid or expired token"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Created | Inline |
| 400 | Bad Request | Bad request | Inline |
| 401 | Unauthorized | Authentication information missing or invalid | Inline |
Response Schema
Status Code 200
IpsecRemoteEndpointDetail
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| response | object | false | - | - |
| id | integer | false | - | - |
| name | string | false | - | - |
| ipaddress | string | false | - | - |
| description | string | false | - | - |
| nat_t_enabled | boolean | false | - | - |
| ike_version | integer | false | - | - |
| pfs | boolean | false | - | Perfect forward secrecy enabled |
| private_ipaddress | string | false | - | - |
| extra_config | [string] | false | - | - |
| tunnels | object | false | - | - |
| IpsecTunnel | object | false | - | - |
| id | integer | false | - | - |
| local_subnet | string | false | - | - |
| remote_subnet | string | false | - | - |
| endpointid | integer | false | - | - |
| endpoint_id | integer | false | - | - |
| endpoint_name | string | false | - | - |
| enabled | boolean | false | - | - |
| active | boolean | false | - | - |
| description | string¦null | false | - | - |
| bounce | boolean | false | - | True if tunnel was just bounced |
| connected | boolean | false | - | - |
| ping_interface | string | false | - | - |
| ping_interval | integer¦null | false | - | Interval for ping in seconds |
| ping_ipaddress | string | false | - | - |
| tunnel_params | object | false | - | - |
| phase2 | string | false | - | - |
| outbound_spi | string | false | - | - |
| inbound_spi | string | false | - | - |
| bytes_in | string | false | - | - |
| bytes_out | string | false | - | - |
| esp_time_remaining | string | false | - | - |
| esp_port | string | false | - | - |
| phase2_algo | string | false | - | - |
| phase2_hash | string | false | - | - |
| nat_t | string | false | - | - |
| dpd | string | false | - | - |
| pfs_dh_group | string¦null | false | - | - |
| phase1 | string | false | - | - |
| isakmp_port | string | false | - | - |
| isakmp_time_remaining | string | false | - | - |
| last_dpd | string | false | - | - |
| phase1_cipher | string¦null | false | - | - |
| phase1_prf | string¦null | false | - | - |
| phase1_dh_group | string¦null | false | - | - |
| ike_version | string | false | - | - |
| bgp_peers | object | false | - | - |
| BGPPeer | object | false | - | - |
| asn | integer | false | - | - |
| ipaddress | string | false | - | - |
| access_list | string | false | - | List of "in permit CIDR" and/or "out permit CIDR" statements in a string delimited by "\n" |
| id | integer | false | - | - |
| bgp_password | string | false | - | - |
| add_network_distance | boolean | false | - | - |
| add_network_distance_direction | string | false | - | in or out |
| add_network_distance_hops | integer | false | - | - |
| connection_detail | string | false | - | - |
| type | string | false | - | Indicating Ipsec or GRE over ipsec |
| vpn_type | string | false | - | - |
| gre_interface_address | string | false | - | - |
| route_based_int_address | string | false | - | - |
| route_based_local | string | false | - | - |
| route_based_remote | string | false | - | - |
| psk | string | false | - | - |
Enumerated Values
| Property | Value |
|---|---|
| ping_interface | eth0 |
| ping_interface | tun0 |
Status Code 400
Error
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| error | object | false | - | - |
| name | string | false | - | - |
| log | string | false | - | - |
| message | string | false | - | - |
Get IPsec endpoint
Code samples
# You can also use wget
curl -X GET -u api:myapipassword https://vns3-host:8000/api/ipsec/endpoints/{endpoint_id} \
-H 'Accept: application/json'
from cohesivenet import VNS3Client
api_response = vns3_client.ipsec.get_ipsec_endpoint(endpoint_id)
print(api_response.json())
GET /ipsec/endpoints/{endpoint_id}
Get IPsec endpoint information
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| endpoint_id | path | integer | true | ID for IPsec endpoint |
Example responses
200 Response
{
"response": {
"id": 1,
"name": "EndpointB",
"ipaddress": "13.53.72.182",
"pfs": true,
"ike_version": 2,
"nat_t_enabled": true,
"private_ipaddress": "192.0.2.254",
"extra_config": [],
"description": "To datacenter B",
"tunnels": {
"3": {
"id": 3,
"local_subnet": "172.31.0.0/28",
"remote_subnet": "192.168.10.0/22",
"endpoint_id": 1,
"enabled": true,
"description": "tunnel description",
"ping_ipaddress": "",
"ping_interface": "tun0",
"ping_interval": null
}
},
"bgp_peers": {},
"type": "ipsec",
"vpn_type": "policy",
"psk": "testtest"
}
}
Authentication information missing or invalid
{
"error": {
"name": "UnauthorizedError",
"log": "1563472268929826518356034508450851266833526",
"message": "Invalid or expired token"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
| 401 | Unauthorized | Authentication information missing or invalid | Inline |
Response Schema
Status Code 200
IpsecRemoteEndpointDetail
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| response | object | false | - | - |
| id | integer | false | - | - |
| name | string | false | - | - |
| ipaddress | string | false | - | - |
| description | string | false | - | - |
| nat_t_enabled | boolean | false | - | - |
| ike_version | integer | false | - | - |
| pfs | boolean | false | - | Perfect forward secrecy enabled |
| private_ipaddress | string | false | - | - |
| extra_config | [string] | false | - | - |
| tunnels | object | false | - | - |
| IpsecTunnel | object | false | - | - |
| id | integer | false | - | - |
| local_subnet | string | false | - | - |
| remote_subnet | string | false | - | - |
| endpointid | integer | false | - | - |
| endpoint_id | integer | false | - | - |
| endpoint_name | string | false | - | - |
| enabled | boolean | false | - | - |
| active | boolean | false | - | - |
| description | string¦null | false | - | - |
| bounce | boolean | false | - | True if tunnel was just bounced |
| connected | boolean | false | - | - |
| ping_interface | string | false | - | - |
| ping_interval | integer¦null | false | - | Interval for ping in seconds |
| ping_ipaddress | string | false | - | - |
| tunnel_params | object | false | - | - |
| phase2 | string | false | - | - |
| outbound_spi | string | false | - | - |
| inbound_spi | string | false | - | - |
| bytes_in | string | false | - | - |
| bytes_out | string | false | - | - |
| esp_time_remaining | string | false | - | - |
| esp_port | string | false | - | - |
| phase2_algo | string | false | - | - |
| phase2_hash | string | false | - | - |
| nat_t | string | false | - | - |
| dpd | string | false | - | - |
| pfs_dh_group | string¦null | false | - | - |
| phase1 | string | false | - | - |
| isakmp_port | string | false | - | - |
| isakmp_time_remaining | string | false | - | - |
| last_dpd | string | false | - | - |
| phase1_cipher | string¦null | false | - | - |
| phase1_prf | string¦null | false | - | - |
| phase1_dh_group | string¦null | false | - | - |
| ike_version | string | false | - | - |
| bgp_peers | object | false | - | - |
| BGPPeer | object | false | - | - |
| asn | integer | false | - | - |
| ipaddress | string | false | - | - |
| access_list | string | false | - | List of "in permit CIDR" and/or "out permit CIDR" statements in a string delimited by "\n" |
| id | integer | false | - | - |
| bgp_password | string | false | - | - |
| add_network_distance | boolean | false | - | - |
| add_network_distance_direction | string | false | - | in or out |
| add_network_distance_hops | integer | false | - | - |
| connection_detail | string | false | - | - |
| type | string | false | - | Indicating Ipsec or GRE over ipsec |
| vpn_type | string | false | - | - |
| gre_interface_address | string | false | - | - |
| route_based_int_address | string | false | - | - |
| route_based_local | string | false | - | - |
| route_based_remote | string | false | - | - |
| psk | string | false | - | - |
Enumerated Values
| Property | Value |
|---|---|
| ping_interface | eth0 |
| ping_interface | tun0 |
Update IPsec endpoint
Code samples
# You can also use wget
curl -X PUT -u api:myapipassword https://vns3-host:8000/api/ipsec/endpoints/{endpoint_id} \
-H 'Content-Type: application/json' \
-H 'Accept: application/json'
from cohesivenet import VNS3Client
api_response = vns3_client.ipsec.put_update_ipsec_endpoint(endpoint_id,
name=name,
description=description,
ipaddress=ipaddress,
secret=secret,
pfs=pfs,
ike_version=ike_version,
nat_t_enabled=nat_t_enabled,
extra_config=extra_config,
private_ipaddress=private_ipaddress,
gre=gre,
gre_interface_address=gre_interface_address,
vpn_type=vpn_type,
route_based_int_address=route_based_int_address,
route_based_local=route_based_local,
route_based_remote=route_based_remote)
print(api_response.json())
PUT /ipsec/endpoints/{endpoint_id}
Edit IPsec endpoint connection configuration parameters
Body parameter
{
"name": "string",
"description": "string",
"ipaddress": "string",
"secret": "string",
"pfs": true,
"ike_version": 1,
"nat_t_enabled": true,
"extra_config": "string",
"private_ipaddress": "string",
"gre": true,
"gre_interface_address": "string",
"vpn_type": "string",
"route_based_int_address": "string",
"route_based_local": "string",
"route_based_remote": "string"
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| endpoint_id | path | integer | true | ID for IPsec endpoint |
| name | body | string | false | Name for the connection. |
| description | body | string | false | Description of this IPsec endpoint |
| ipaddress | body | string | false | IP of the remote gateway |
| secret | body | string | false | Pre-shared key |
| pfs | body | boolean | false | Perfect Forward Secrecy if true, disables if false. |
| ike_version | body | integer | false | Version for IKE algorithm |
| nat_t_enabled | body | boolean | false | True if you want encapsulated IPsec protocol to this gateway |
| extra_config | body | string | false | Additional optionals for connection such as 'phase1=aes256_gcm-sha2_256-dh14 phase2=aes256_gcm' |
| private_ipaddress | body | string | false | Internal NAT address of the remote gateway |
| gre | body | boolean | false | True if GRE is being used for the specific endpoint |
| gre_interface_address | body | string | false | Interface address for GRE |
| vpn_type | body | string | false | policy, gre, vti |
| route_based_int_address | body | string | false | - |
| route_based_local | body | string | false | - |
| route_based_remote | body | string | false | - |
Enumerated Values
| Parameter | Value |
|---|---|
| ike_version | 1 |
| ike_version | 2 |
Example responses
200 Response
{
"response": {
"id": 1,
"name": "EndpointB",
"ipaddress": "13.53.72.182",
"pfs": true,
"ike_version": 2,
"nat_t_enabled": true,
"private_ipaddress": "192.0.2.254",
"extra_config": [],
"description": "To datacenter B",
"tunnels": {
"3": {
"id": 3,
"local_subnet": "172.31.0.0/28",
"remote_subnet": "192.168.10.0/22",
"endpoint_id": 1,
"enabled": true,
"description": "tunnel description",
"ping_ipaddress": "",
"ping_interface": "tun0",
"ping_interval": null
}
},
"bgp_peers": {},
"type": "ipsec",
"vpn_type": "policy",
"psk": "testtest"
}
}
400 Response
{
"error": {
"name": "APIArgumentError",
"log": "156398145066351285906955697179258297423716",
"message": "nat_t_enabled is invalid"
}
}
Authentication information missing or invalid
{
"error": {
"name": "UnauthorizedError",
"log": "1563472268929826518356034508450851266833526",
"message": "Invalid or expired token"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Accepted | Inline |
| 400 | Bad Request | Bad request | Inline |
| 401 | Unauthorized | Authentication information missing or invalid | Inline |
Response Schema
Status Code 200
IpsecRemoteEndpointDetail
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| response | object | false | - | - |
| id | integer | false | - | - |
| name | string | false | - | - |
| ipaddress | string | false | - | - |
| description | string | false | - | - |
| nat_t_enabled | boolean | false | - | - |
| ike_version | integer | false | - | - |
| pfs | boolean | false | - | Perfect forward secrecy enabled |
| private_ipaddress | string | false | - | - |
| extra_config | [string] | false | - | - |
| tunnels | object | false | - | - |
| IpsecTunnel | object | false | - | - |
| id | integer | false | - | - |
| local_subnet | string | false | - | - |
| remote_subnet | string | false | - | - |
| endpointid | integer | false | - | - |
| endpoint_id | integer | false | - | - |
| endpoint_name | string | false | - | - |
| enabled | boolean | false | - | - |
| active | boolean | false | - | - |
| description | string¦null | false | - | - |
| bounce | boolean | false | - | True if tunnel was just bounced |
| connected | boolean | false | - | - |
| ping_interface | string | false | - | - |
| ping_interval | integer¦null | false | - | Interval for ping in seconds |
| ping_ipaddress | string | false | - | - |
| tunnel_params | object | false | - | - |
| phase2 | string | false | - | - |
| outbound_spi | string | false | - | - |
| inbound_spi | string | false | - | - |
| bytes_in | string | false | - | - |
| bytes_out | string | false | - | - |
| esp_time_remaining | string | false | - | - |
| esp_port | string | false | - | - |
| phase2_algo | string | false | - | - |
| phase2_hash | string | false | - | - |
| nat_t | string | false | - | - |
| dpd | string | false | - | - |
| pfs_dh_group | string¦null | false | - | - |
| phase1 | string | false | - | - |
| isakmp_port | string | false | - | - |
| isakmp_time_remaining | string | false | - | - |
| last_dpd | string | false | - | - |
| phase1_cipher | string¦null | false | - | - |
| phase1_prf | string¦null | false | - | - |
| phase1_dh_group | string¦null | false | - | - |
| ike_version | string | false | - | - |
| bgp_peers | object | false | - | - |
| BGPPeer | object | false | - | - |
| asn | integer | false | - | - |
| ipaddress | string | false | - | - |
| access_list | string | false | - | List of "in permit CIDR" and/or "out permit CIDR" statements in a string delimited by "\n" |
| id | integer | false | - | - |
| bgp_password | string | false | - | - |
| add_network_distance | boolean | false | - | - |
| add_network_distance_direction | string | false | - | in or out |
| add_network_distance_hops | integer | false | - | - |
| connection_detail | string | false | - | - |
| type | string | false | - | Indicating Ipsec or GRE over ipsec |
| vpn_type | string | false | - | - |
| gre_interface_address | string | false | - | - |
| route_based_int_address | string | false | - | - |
| route_based_local | string | false | - | - |
| route_based_remote | string | false | - | - |
| psk | string | false | - | - |
Enumerated Values
| Property | Value |
|---|---|
| ping_interface | eth0 |
| ping_interface | tun0 |
Status Code 400
Error
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| error | object | false | - | - |
| name | string | false | - | - |
| log | string | false | - | - |
| message | string | false | - | - |
Delete IPsec endpoint
Code samples
# You can also use wget
curl -X DELETE -u api:myapipassword https://vns3-host:8000/api/ipsec/endpoints/{endpoint_id} \
-H 'Accept: application/json'
from cohesivenet import VNS3Client
api_response = vns3_client.ipsec.delete_ipsec_endpoint(endpoint_id)
print(api_response.json())
DELETE /ipsec/endpoints/{endpoint_id}
Delete IPsec endpoint
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| endpoint_id | path | integer | true | ID for IPsec endpoint |
Example responses
200 Response
{
"response": {
"this_endpoint": {
"nat_traversal": true,
"ipaddress": "string",
"overlay_subnet": "string",
"private_ipaddress": "string",
"ipsec_local_ipaddress": "string",
"asn": 0
},
"remote_endpoints": {
"property1": {
"id": 1,
"name": "string",
"ipaddress": "string",
"description": "string",
"nat_t_enabled": true,
"ike_version": 0,
"pfs": true,
"private_ipaddress": "string",
"extra_config": [
"string"
],
"tunnels": {
"property1": {
"id": 1,
"local_subnet": "string",
"remote_subnet": "string",
"endpointid": 1,
"endpoint_id": 1,
"endpoint_name": "string",
"enabled": true,
"active": true,
"description": "string",
"bounce": true,
"connected": true,
"ping_interface": "eth0",
"ping_interval": 0,
"ping_ipaddress": "string",
"tunnel_params": {
"phase2": "string",
"outbound_spi": "string",
"inbound_spi": "string",
"bytes_in": "string",
"bytes_out": "string",
"esp_time_remaining": "string",
"esp_port": "string",
"phase2_algo": "string",
"phase2_hash": "string",
"nat_t": "string",
"dpd": "string",
"pfs_dh_group": "string",
"phase1": "string",
"isakmp_port": "string",
"isakmp_time_remaining": "string",
"last_dpd": "string",
"phase1_cipher": "string",
"phase1_prf": "string",
"phase1_dh_group": "string",
"ike_version": "string"
}
},
"property2": {
"id": 1,
"local_subnet": "string",
"remote_subnet": "string",
"endpointid": 1,
"endpoint_id": 1,
"endpoint_name": "string",
"enabled": true,
"active": true,
"description": "string",
"bounce": true,
"connected": true,
"ping_interface": "eth0",
"ping_interval": 0,
"ping_ipaddress": "string",
"tunnel_params": {
"phase2": "string",
"outbound_spi": "string",
"inbound_spi": "string",
"bytes_in": "string",
"bytes_out": "string",
"esp_time_remaining": "string",
"esp_port": "string",
"phase2_algo": "string",
"phase2_hash": "string",
"nat_t": "string",
"dpd": "string",
"pfs_dh_group": "string",
"phase1": "string",
"isakmp_port": "string",
"isakmp_time_remaining": "string",
"last_dpd": "string",
"phase1_cipher": "string",
"phase1_prf": "string",
"phase1_dh_group": "string",
"ike_version": "string"
}
}
},
"bgp_peers": {
"property1": {
"asn": 0,
"ipaddress": "string",
"access_list": "string",
"id": 1,
"bgp_password": "string",
"add_network_distance": true,
"add_network_distance_direction": "string",
"add_network_distance_hops": 0,
"connection_detail": "string"
},
"property2": {
"asn": 0,
"ipaddress": "string",
"access_list": "string",
"id": 1,
"bgp_password": "string",
"add_network_distance": true,
"add_network_distance_direction": "string",
"add_network_distance_hops": 0,
"connection_detail": "string"
}
},
"type": "string",
"vpn_type": "string",
"gre_interface_address": "string",
"route_based_int_address": "string",
"route_based_local": "string",
"route_based_remote": "string",
"psk": "string"
},
"property2": {
"id": 1,
"name": "string",
"ipaddress": "string",
"description": "string",
"nat_t_enabled": true,
"ike_version": 0,
"pfs": true,
"private_ipaddress": "string",
"extra_config": [
"string"
],
"tunnels": {
"property1": {
"id": 1,
"local_subnet": "string",
"remote_subnet": "string",
"endpointid": 1,
"endpoint_id": 1,
"endpoint_name": "string",
"enabled": true,
"active": true,
"description": "string",
"bounce": true,
"connected": true,
"ping_interface": "eth0",
"ping_interval": 0,
"ping_ipaddress": "string",
"tunnel_params": {
"phase2": "string",
"outbound_spi": "string",
"inbound_spi": "string",
"bytes_in": "string",
"bytes_out": "string",
"esp_time_remaining": "string",
"esp_port": "string",
"phase2_algo": "string",
"phase2_hash": "string",
"nat_t": "string",
"dpd": "string",
"pfs_dh_group": "string",
"phase1": "string",
"isakmp_port": "string",
"isakmp_time_remaining": "string",
"last_dpd": "string",
"phase1_cipher": "string",
"phase1_prf": "string",
"phase1_dh_group": "string",
"ike_version": "string"
}
},
"property2": {
"id": 1,
"local_subnet": "string",
"remote_subnet": "string",
"endpointid": 1,
"endpoint_id": 1,
"endpoint_name": "string",
"enabled": true,
"active": true,
"description": "string",
"bounce": true,
"connected": true,
"ping_interface": "eth0",
"ping_interval": 0,
"ping_ipaddress": "string",
"tunnel_params": {
"phase2": "string",
"outbound_spi": "string",
"inbound_spi": "string",
"bytes_in": "string",
"bytes_out": "string",
"esp_time_remaining": "string",
"esp_port": "string",
"phase2_algo": "string",
"phase2_hash": "string",
"nat_t": "string",
"dpd": "string",
"pfs_dh_group": "string",
"phase1": "string",
"isakmp_port": "string",
"isakmp_time_remaining": "string",
"last_dpd": "string",
"phase1_cipher": "string",
"phase1_prf": "string",
"phase1_dh_group": "string",
"ike_version": "string"
}
}
},
"bgp_peers": {
"property1": {
"asn": 0,
"ipaddress": "string",
"access_list": "string",
"id": 1,
"bgp_password": "string",
"add_network_distance": true,
"add_network_distance_direction": "string",
"add_network_distance_hops": 0,
"connection_detail": "string"
},
"property2": {
"asn": 0,
"ipaddress": "string",
"access_list": "string",
"id": 1,
"bgp_password": "string",
"add_network_distance": true,
"add_network_distance_direction": "string",
"add_network_distance_hops": 0,
"connection_detail": "string"
}
},
"type": "string",
"vpn_type": "string",
"gre_interface_address": "string",
"route_based_int_address": "string",
"route_based_local": "string",
"route_based_remote": "string",
"psk": "string"
}
}
}
}
400 Response
{
"error": {
"name": "APIArgumentError",
"log": "156398145066351285906955697179258297423716",
"message": "endpoint_id does not exist"
}
}
Authentication information missing or invalid
{
"error": {
"name": "UnauthorizedError",
"log": "1563472268929826518356034508450851266833526",
"message": "Invalid or expired token"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Accepted | Inline |
| 400 | Bad Request | Bad request | Inline |
| 401 | Unauthorized | Authentication information missing or invalid | Inline |
Response Schema
Status Code 200
IpsecSystemDetail
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| response | object | false | - | - |
| this_endpoint | object | false | - | - |
| nat_traversal | boolean | false | - | - |
| ipaddress | string | false | - | - |
| overlay_subnet | string | false | - | - |
| private_ipaddress | string | false | - | - |
| ipsec_local_ipaddress | string | false | - | - |
| asn | integer | false | - | - |
| remote_endpoints | object | false | - | - |
| IpsecRemoteEndpoint | object | false | - | - |
| id | integer | false | - | - |
| name | string | false | - | - |
| ipaddress | string | false | - | - |
| description | string | false | - | - |
| nat_t_enabled | boolean | false | - | - |
| ike_version | integer | false | - | - |
| pfs | boolean | false | - | Perfect forward secrecy enabled |
| private_ipaddress | string | false | - | - |
| extra_config | [string] | false | - | - |
| tunnels | object | false | - | - |
| IpsecTunnel | object | false | - | - |
| id | integer | false | - | - |
| local_subnet | string | false | - | - |
| remote_subnet | string | false | - | - |
| endpointid | integer | false | - | - |
| endpoint_id | integer | false | - | - |
| endpoint_name | string | false | - | - |
| enabled | boolean | false | - | - |
| active | boolean | false | - | - |
| description | string¦null | false | - | - |
| bounce | boolean | false | - | True if tunnel was just bounced |
| connected | boolean | false | - | - |
| ping_interface | string | false | - | - |
| ping_interval | integer¦null | false | - | Interval for ping in seconds |
| ping_ipaddress | string | false | - | - |
| tunnel_params | object | false | - | - |
| phase2 | string | false | - | - |
| outbound_spi | string | false | - | - |
| inbound_spi | string | false | - | - |
| bytes_in | string | false | - | - |
| bytes_out | string | false | - | - |
| esp_time_remaining | string | false | - | - |
| esp_port | string | false | - | - |
| phase2_algo | string | false | - | - |
| phase2_hash | string | false | - | - |
| nat_t | string | false | - | - |
| dpd | string | false | - | - |
| pfs_dh_group | string¦null | false | - | - |
| phase1 | string | false | - | - |
| isakmp_port | string | false | - | - |
| isakmp_time_remaining | string | false | - | - |
| last_dpd | string | false | - | - |
| phase1_cipher | string¦null | false | - | - |
| phase1_prf | string¦null | false | - | - |
| phase1_dh_group | string¦null | false | - | - |
| ike_version | string | false | - | - |
| bgp_peers | object | false | - | - |
| BGPPeer | object | false | - | - |
| asn | integer | false | - | - |
| ipaddress | string | false | - | - |
| access_list | string | false | - | List of "in permit CIDR" and/or "out permit CIDR" statements in a string delimited by "\n" |
| id | integer | false | - | - |
| bgp_password | string | false | - | - |
| add_network_distance | boolean | false | - | - |
| add_network_distance_direction | string | false | - | in or out |
| add_network_distance_hops | integer | false | - | - |
| connection_detail | string | false | - | - |
| type | string | false | - | Indicating Ipsec or GRE over ipsec |
| vpn_type | string | false | - | - |
| gre_interface_address | string | false | - | - |
| route_based_int_address | string | false | - | - |
| route_based_local | string | false | - | - |
| route_based_remote | string | false | - | - |
| psk | string | false | - | - |
Enumerated Values
| Property | Value |
|---|---|
| ping_interface | eth0 |
| ping_interface | tun0 |
Status Code 400
Error
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| error | object | false | - | - |
| name | string | false | - | - |
| log | string | false | - | - |
| message | string | false | - | - |
Create IPsec endpoint tunnel
Code samples
# You can also use wget
curl -X POST -u api:myapipassword https://vns3-host:8000/api/ipsec/endpoints/{endpoint_id}/tunnels \
-H 'Content-Type: application/json' \
-H 'Accept: application/json'
from cohesivenet import VNS3Client
api_response = vns3_client.ipsec.post_create_ipsec_endpoint_tunnel(endpoint_id,
remote_subnet=remote_subnet,
local_subnet=local_subnet,
ping_ipaddress=ping_ipaddress,
ping_interval=ping_interval,
ping_interface=ping_interface,
enabled=enabled,
description=description)
print(api_response.json())
POST /ipsec/endpoints/{endpoint_id}/tunnels
Create IPsec endpoint tunnel
Body parameter
{
"remote_subnet": "string",
"local_subnet": "string",
"ping_ipaddress": "string",
"ping_interval": 0,
"ping_interface": "string",
"enabled": true,
"description": "string"
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| endpoint_id | path | integer | true | ID for IPsec endpoint |
| remote_subnet | body | string | true | Remote subnet for tunnel in CIDR notation |
| local_subnet | body | string | false | Local subnet for tunnel in CIDR notation |
| ping_ipaddress | body | string | false | Exo Ping feature - remote IP destination of ping |
| ping_interval | body | integer | false | Exo Ping feature - periodicy of the ping in seconds |
| ping_interface | body | string | false | Exo Ping feature - what network interface IP of the VNS3 controller to use as the source of ping |
| enabled | body | boolean | false | Disables tunnel if set to false |
| description | body | string | false | - |
Example responses
200 Response
{
"response": {
"id": 1,
"name": "EndpointB",
"ipaddress": "13.53.72.182",
"pfs": true,
"ike_version": 2,
"nat_t_enabled": true,
"private_ipaddress": "192.0.2.254",
"extra_config": [],
"description": "To datacenter B",
"tunnels": {
"3": {
"id": 3,
"local_subnet": "172.31.0.0/28",
"remote_subnet": "192.168.10.0/22",
"endpoint_id": 1,
"enabled": true,
"description": "tunnel description",
"ping_ipaddress": "",
"ping_interface": "tun0",
"ping_interval": null
}
},
"bgp_peers": {},
"type": "ipsec",
"vpn_type": "policy",
"psk": "testtest"
}
}
400 Response
{
"error": {
"name": "APIArgumentError",
"log": "156398145066351285906955697179258297423716",
"message": "endpoint_id does not exist"
}
}
Authentication information missing or invalid
{
"error": {
"name": "UnauthorizedError",
"log": "1563472268929826518356034508450851266833526",
"message": "Invalid or expired token"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Created | Inline |
| 400 | Bad Request | Bad request | Inline |
| 401 | Unauthorized | Authentication information missing or invalid | Inline |
| 403 | Forbidden | Permission denied. Max number of tunnels reach | Inline |
Response Schema
Status Code 200
IpsecRemoteEndpointDetail
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| response | object | false | - | - |
| id | integer | false | - | - |
| name | string | false | - | - |
| ipaddress | string | false | - | - |
| description | string | false | - | - |
| nat_t_enabled | boolean | false | - | - |
| ike_version | integer | false | - | - |
| pfs | boolean | false | - | Perfect forward secrecy enabled |
| private_ipaddress | string | false | - | - |
| extra_config | [string] | false | - | - |
| tunnels | object | false | - | - |
| IpsecTunnel | object | false | - | - |
| id | integer | false | - | - |
| local_subnet | string | false | - | - |
| remote_subnet | string | false | - | - |
| endpointid | integer | false | - | - |
| endpoint_id | integer | false | - | - |
| endpoint_name | string | false | - | - |
| enabled | boolean | false | - | - |
| active | boolean | false | - | - |
| description | string¦null | false | - | - |
| bounce | boolean | false | - | True if tunnel was just bounced |
| connected | boolean | false | - | - |
| ping_interface | string | false | - | - |
| ping_interval | integer¦null | false | - | Interval for ping in seconds |
| ping_ipaddress | string | false | - | - |
| tunnel_params | object | false | - | - |
| phase2 | string | false | - | - |
| outbound_spi | string | false | - | - |
| inbound_spi | string | false | - | - |
| bytes_in | string | false | - | - |
| bytes_out | string | false | - | - |
| esp_time_remaining | string | false | - | - |
| esp_port | string | false | - | - |
| phase2_algo | string | false | - | - |
| phase2_hash | string | false | - | - |
| nat_t | string | false | - | - |
| dpd | string | false | - | - |
| pfs_dh_group | string¦null | false | - | - |
| phase1 | string | false | - | - |
| isakmp_port | string | false | - | - |
| isakmp_time_remaining | string | false | - | - |
| last_dpd | string | false | - | - |
| phase1_cipher | string¦null | false | - | - |
| phase1_prf | string¦null | false | - | - |
| phase1_dh_group | string¦null | false | - | - |
| ike_version | string | false | - | - |
| bgp_peers | object | false | - | - |
| BGPPeer | object | false | - | - |
| asn | integer | false | - | - |
| ipaddress | string | false | - | - |
| access_list | string | false | - | List of "in permit CIDR" and/or "out permit CIDR" statements in a string delimited by "\n" |
| id | integer | false | - | - |
| bgp_password | string | false | - | - |
| add_network_distance | boolean | false | - | - |
| add_network_distance_direction | string | false | - | in or out |
| add_network_distance_hops | integer | false | - | - |
| connection_detail | string | false | - | - |
| type | string | false | - | Indicating Ipsec or GRE over ipsec |
| vpn_type | string | false | - | - |
| gre_interface_address | string | false | - | - |
| route_based_int_address | string | false | - | - |
| route_based_local | string | false | - | - |
| route_based_remote | string | false | - | - |
| psk | string | false | - | - |
Enumerated Values
| Property | Value |
|---|---|
| ping_interface | eth0 |
| ping_interface | tun0 |
Status Code 400
Error
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| error | object | false | - | - |
| name | string | false | - | - |
| log | string | false | - | - |
| message | string | false | - | - |
Status Code 403
Error
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| error | object | false | - | - |
| name | string | false | - | - |
| log | string | false | - | - |
| message | string | false | - | - |
Update IPsec endpoint tunnel
Code samples
# You can also use wget
curl -X PUT -u api:myapipassword https://vns3-host:8000/api/ipsec/endpoints/{endpoint_id}/tunnels/{tunnel_id} \
-H 'Content-Type: application/json' \
-H 'Accept: application/json'
from cohesivenet import VNS3Client
api_response = vns3_client.ipsec.put_update_ipsec_endpoint_tunnel(endpoint_id,tunnel_id,
bounce=bounce,
description=description,
remote_subnet=remote_subnet,
local_subnet=local_subnet,
ping_ipaddress=ping_ipaddress,
ping_interval=ping_interval,
ping_interface=ping_interface,
enabled=enabled)
print(api_response.json())
PUT /ipsec/endpoints/{endpoint_id}/tunnels/{tunnel_id}
Edit IPsec endpoint tunnel configuration
Body parameter
{
"bounce": false,
"description": "string",
"remote_subnet": "string",
"local_subnet": "string",
"ping_ipaddress": "string",
"ping_interval": 0,
"ping_interface": "string",
"enabled": true
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| endpoint_id | path | integer | true | ID for IPsec endpoint |
| tunnel_id | path | integer | true | ID for tunnel |
| bounce | body | boolean | false | Resets the IPsec connection for this specific tunnel |
| description | body | string | false | - |
| remote_subnet | body | string | false | Remote subnet for tunnel in CIDR notation |
| local_subnet | body | string | false | Local subnet for tunnel in CIDR notation |
| ping_ipaddress | body | string | false | Exo Ping feature - remote IP destination of ping |
| ping_interval | body | integer | false | Exo Ping feature - periodicy of the ping in seconds |
| ping_interface | body | string | false | Exo Ping feature - what network interface IP of the VNS3 controller to use as the source of ping |
| enabled | body | boolean | false | Disables tunnel if set to false |
Example responses
200 Response
{
"response": {
"id": 1,
"local_subnet": "string",
"remote_subnet": "string",
"endpointid": 1,
"endpoint_id": 1,
"endpoint_name": "string",
"enabled": true,
"active": true,
"description": "string",
"bounce": true,
"connected": true,
"ping_interface": "eth0",
"ping_interval": 0,
"ping_ipaddress": "string",
"tunnel_params": {
"phase2": "string",
"outbound_spi": "string",
"inbound_spi": "string",
"bytes_in": "string",
"bytes_out": "string",
"esp_time_remaining": "string",
"esp_port": "string",
"phase2_algo": "string",
"phase2_hash": "string",
"nat_t": "string",
"dpd": "string",
"pfs_dh_group": "string",
"phase1": "string",
"isakmp_port": "string",
"isakmp_time_remaining": "string",
"last_dpd": "string",
"phase1_cipher": "string",
"phase1_prf": "string",
"phase1_dh_group": "string",
"ike_version": "string"
}
}
}
400 Response
{
"error": {
"name": "APIArgumentError",
"log": "156398145066351285906955697179258297423716",
"message": "local_subnet is invalid CIDR"
}
}
Authentication information missing or invalid
{
"error": {
"name": "UnauthorizedError",
"log": "1563472268929826518356034508450851266833526",
"message": "Invalid or expired token"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Accepted | Inline |
| 400 | Bad Request | Bad request | Inline |
| 401 | Unauthorized | Authentication information missing or invalid | Inline |
Response Schema
Status Code 200
IpsecTunnelDetail
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| response | object | false | - | - |
| id | integer | false | - | - |
| local_subnet | string | false | - | - |
| remote_subnet | string | false | - | - |
| endpointid | integer | false | - | - |
| endpoint_id | integer | false | - | - |
| endpoint_name | string | false | - | - |
| enabled | boolean | false | - | - |
| active | boolean | false | - | - |
| description | string¦null | false | - | - |
| bounce | boolean | false | - | True if tunnel was just bounced |
| connected | boolean | false | - | - |
| ping_interface | string | false | - | - |
| ping_interval | integer¦null | false | - | Interval for ping in seconds |
| ping_ipaddress | string | false | - | - |
| tunnel_params | object | false | - | - |
| phase2 | string | false | - | - |
| outbound_spi | string | false | - | - |
| inbound_spi | string | false | - | - |
| bytes_in | string | false | - | - |
| bytes_out | string | false | - | - |
| esp_time_remaining | string | false | - | - |
| esp_port | string | false | - | - |
| phase2_algo | string | false | - | - |
| phase2_hash | string | false | - | - |
| nat_t | string | false | - | - |
| dpd | string | false | - | - |
| pfs_dh_group | string¦null | false | - | - |
| phase1 | string | false | - | - |
| isakmp_port | string | false | - | - |
| isakmp_time_remaining | string | false | - | - |
| last_dpd | string | false | - | - |
| phase1_cipher | string¦null | false | - | - |
| phase1_prf | string¦null | false | - | - |
| phase1_dh_group | string¦null | false | - | - |
| ike_version | string | false | - | - |
Enumerated Values
| Property | Value |
|---|---|
| ping_interface | eth0 |
| ping_interface | tun0 |
Status Code 400
Error
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| error | object | false | - | - |
| name | string | false | - | - |
| log | string | false | - | - |
| message | string | false | - | - |
Delete IPsec tunnel
Code samples
# You can also use wget
curl -X DELETE -u api:myapipassword https://vns3-host:8000/api/ipsec/endpoints/{endpoint_id}/tunnels/{tunnel_id} \
-H 'Accept: application/json'
from cohesivenet import VNS3Client
api_response = vns3_client.ipsec.delete_ipsec_endpoint_tunnel(endpoint_id,tunnel_id)
print(api_response.json())
DELETE /ipsec/endpoints/{endpoint_id}/tunnels/{tunnel_id}
Delete IPsec tunnel
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| endpoint_id | path | integer | true | ID for IPsec endpoint |
| tunnel_id | path | integer | true | ID for tunnel |
Example responses
200 Response
{
"response": {
"id": 1,
"name": "EndpointB",
"ipaddress": "13.53.72.182",
"pfs": true,
"ike_version": 2,
"nat_t_enabled": true,
"private_ipaddress": "192.0.2.254",
"extra_config": [],
"description": "To datacenter B",
"tunnels": {
"3": {
"id": 3,
"local_subnet": "172.31.0.0/28",
"remote_subnet": "192.168.10.0/22",
"endpoint_id": 1,
"enabled": true,
"description": "tunnel description",
"ping_ipaddress": "",
"ping_interface": "tun0",
"ping_interval": null
}
},
"bgp_peers": {},
"type": "ipsec",
"vpn_type": "policy",
"psk": "testtest"
}
}
400 Response
{
"error": {
"name": "APIArgumentError",
"log": "156398145066351285906955697179258297423716",
"message": "tunnel id does not exist"
}
}
Authentication information missing or invalid
{
"error": {
"name": "UnauthorizedError",
"log": "1563472268929826518356034508450851266833526",
"message": "Invalid or expired token"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Accepted | Inline |
| 400 | Bad Request | Bad request | Inline |
| 401 | Unauthorized | Authentication information missing or invalid | Inline |
Response Schema
Status Code 200
IpsecRemoteEndpointDetail
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| response | object | false | - | - |
| id | integer | false | - | - |
| name | string | false | - | - |
| ipaddress | string | false | - | - |
| description | string | false | - | - |
| nat_t_enabled | boolean | false | - | - |
| ike_version | integer | false | - | - |
| pfs | boolean | false | - | Perfect forward secrecy enabled |
| private_ipaddress | string | false | - | - |
| extra_config | [string] | false | - | - |
| tunnels | object | false | - | - |
| IpsecTunnel | object | false | - | - |
| id | integer | false | - | - |
| local_subnet | string | false | - | - |
| remote_subnet | string | false | - | - |
| endpointid | integer | false | - | - |
| endpoint_id | integer | false | - | - |
| endpoint_name | string | false | - | - |
| enabled | boolean | false | - | - |
| active | boolean | false | - | - |
| description | string¦null | false | - | - |
| bounce | boolean | false | - | True if tunnel was just bounced |
| connected | boolean | false | - | - |
| ping_interface | string | false | - | - |
| ping_interval | integer¦null | false | - | Interval for ping in seconds |
| ping_ipaddress | string | false | - | - |
| tunnel_params | object | false | - | - |
| phase2 | string | false | - | - |
| outbound_spi | string | false | - | - |
| inbound_spi | string | false | - | - |
| bytes_in | string | false | - | - |
| bytes_out | string | false | - | - |
| esp_time_remaining | string | false | - | - |
| esp_port | string | false | - | - |
| phase2_algo | string | false | - | - |
| phase2_hash | string | false | - | - |
| nat_t | string | false | - | - |
| dpd | string | false | - | - |
| pfs_dh_group | string¦null | false | - | - |
| phase1 | string | false | - | - |
| isakmp_port | string | false | - | - |
| isakmp_time_remaining | string | false | - | - |
| last_dpd | string | false | - | - |
| phase1_cipher | string¦null | false | - | - |
| phase1_prf | string¦null | false | - | - |
| phase1_dh_group | string¦null | false | - | - |
| ike_version | string | false | - | - |
| bgp_peers | object | false | - | - |
| BGPPeer | object | false | - | - |
| asn | integer | false | - | - |
| ipaddress | string | false | - | - |
| access_list | string | false | - | List of "in permit CIDR" and/or "out permit CIDR" statements in a string delimited by "\n" |
| id | integer | false | - | - |
| bgp_password | string | false | - | - |
| add_network_distance | boolean | false | - | - |
| add_network_distance_direction | string | false | - | in or out |
| add_network_distance_hops | integer | false | - | - |
| connection_detail | string | false | - | - |
| type | string | false | - | Indicating Ipsec or GRE over ipsec |
| vpn_type | string | false | - | - |
| gre_interface_address | string | false | - | - |
| route_based_int_address | string | false | - | - |
| route_based_local | string | false | - | - |
| route_based_remote | string | false | - | - |
| psk | string | false | - | - |
Enumerated Values
| Property | Value |
|---|---|
| ping_interface | eth0 |
| ping_interface | tun0 |
Status Code 400
Error
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| error | object | false | - | - |
| name | string | false | - | - |
| log | string | false | - | - |
| message | string | false | - | - |
Firewall
Functions for managing Firewall rules, subgroups (chains) and IPSets
Get firewall rules
Code samples
# You can also use wget
curl -X GET -u api:myapipassword https://vns3-host:8000/api/firewall/rules \
-H 'Accept: application/json'
from cohesivenet import VNS3Client
api_response = vns3_client.firewall.get_firewall_rules()
print(api_response.json())
GET /firewall/rules
Get a list of current firewall rules
Example responses
200 Response
{
"response": [
[
"string"
]
]
}
Authentication information missing or invalid
{
"error": {
"name": "UnauthorizedError",
"log": "1563472268929826518356034508450851266833526",
"message": "Invalid or expired token"
}
}
403 Response
{
"response": {
"message": "Must be licensed first",
"log": "123901290309083024802120939123901023091239",
"name": "PrerequisiteError"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
| 401 | Unauthorized | Authentication information missing or invalid | Inline |
| 403 | Forbidden | Request Forbidden - operation not allowed | Inline |
Response Schema
Status Code 200
FirewallRuleListResponse
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| response | [array] | false | - | - |
| FirewallRuleTuple | [oneOf] | false | - | IPtables firewall rule represented as array [rule, position] |
oneOf
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| any | string | false | - | - |
xor
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| any | integer | false | - | - |
Status Code 403
Error
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| error | object | false | - | - |
| name | string | false | - | - |
| log | string | false | - | - |
| message | string | false | - | - |
Create firewall rule
Code samples
# You can also use wget
curl -X POST -u api:myapipassword https://vns3-host:8000/api/firewall/rules \
-H 'Content-Type: application/json' \
-H 'Accept: application/json'
from cohesivenet import VNS3Client
api_response = vns3_client.firewall.post_create_firewall_rule(
rule=rule,
position=position)
print(api_response.json())
POST /firewall/rules
Adds a firewall rule to the VNS3 Controller's firewall
Body parameter
{
"rule": "string",
"position": -1
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| rule | body | string | true | New firewall rule string that needs to be compatible with a Linux "iptables" statement |
| position | body | integer | false | Position which the rule will be inserted in the list of Firewall rules. Default is -1, which will post as the next rule in the list |
Example responses
200 Response
{
"response": {
"status": "submitted",
"rule": "MACRO_CUST -o eth0 -s 10.199.2.0/24 -j MASQUERADE",
"token": "15798987631596_5280108744805298913050300048466684878015928855"
}
}
400 Response
{
"error": {
"name": "APIArgumentError",
"log": "1564155261466915664338789304780698957922014",
"message": "Parse Error - iptables v1.4.21: host/network `10.199.2.0.' not found"
}
}
Authentication information missing or invalid
{
"error": {
"name": "UnauthorizedError",
"log": "1563472268929826518356034508450851266833526",
"message": "Invalid or expired token"
}
}
403 Response
{
"response": {
"message": "Must be licensed first",
"log": "123901290309083024802120939123901023091239",
"name": "PrerequisiteError"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Accepted | Inline |
| 400 | Bad Request | Bad request | Inline |
| 401 | Unauthorized | Authentication information missing or invalid | Inline |
| 403 | Forbidden | Request Forbidden - operation not allowed | Inline |
Response Schema
Status Code 200
FirewallRuleOperationResponse
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| response | object | false | - | - |
| status | string | false | - | - |
| rule | string | false | - | - |
| position | integer | false | - | - |
| token | string | false | - | Task token |
Status Code 400
Error
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| error | object | false | - | - |
| name | string | false | - | - |
| log | string | false | - | - |
| message | string | false | - | - |
Status Code 403
Error
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| error | object | false | - | - |
| name | string | false | - | - |
| log | string | false | - | - |
| message | string | false | - | - |
Delete firewall rule
Code samples
# You can also use wget
curl -X DELETE -u api:myapipassword https://vns3-host:8000/api/firewall/rules \
-H 'Content-Type: application/json' \
-H 'Accept: application/json'
from cohesivenet import VNS3Client
api_response = vns3_client.firewall.delete_firewall_rule_by_rule(
rule=rule)
print(api_response.json())
DELETE /firewall/rules
Delete firewall rule by passing the actual rule to delete
Body parameter
{
"rule": "string"
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| rule | body | string | true | Rule to be deleted |
Example responses
200 Response
{
"response": {
"status": "submitted",
"position": 0,
"rule": "MACRO_CUST -o eth0 -s 10.199.2.0/24 -j MASQUERADE",
"token": "15641553402765_1730986546845926230044120934882999801643412463756"
}
}
400 Response
{
"error": {
"name": "APIArgumentError",
"log": "1564155261466915664338789304780698957922014",
"message": "either position or rule argument must be provided"
}
}
Authentication information missing or invalid
{
"error": {
"name": "UnauthorizedError",
"log": "1563472268929826518356034508450851266833526",
"message": "Invalid or expired token"
}
}
403 Response
{
"response": {
"message": "Must be licensed first",
"log": "123901290309083024802120939123901023091239",
"name": "PrerequisiteError"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Accepted | Inline |
| 400 | Bad Request | Bad request | Inline |
| 401 | Unauthorized | Authentication information missing or invalid | Inline |
| 403 | Forbidden | Request Forbidden - operation not allowed | Inline |
Response Schema
Status Code 200
FirewallRuleOperationResponse
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| response | object | false | - | - |
| status | string | false | - | - |
| rule | string | false | - | - |
| position | integer | false | - | - |
| token | string | false | - | Task token |
Status Code 400
Error
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| error | object | false | - | - |
| name | string | false | - | - |
| log | string | false | - | - |
| message | string | false | - | - |
Status Code 403
Error
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| error | object | false | - | - |
| name | string | false | - | - |
| log | string | false | - | - |
| message | string | false | - | - |
Delete firewall rule by position
Code samples
# You can also use wget
curl -X DELETE -u api:myapipassword https://vns3-host:8000/api/firewall/rules/{position} \
-H 'Accept: application/json'
from cohesivenet import VNS3Client
api_response = vns3_client.firewall.delete_firewall_rule_by_position(position)
print(api_response.json())
DELETE /firewall/rules/{position}
Delete firewall rule by position in the firewall. The firewall is 0 indexed. So deleting position 0 will remove the first rule in the firewall and the second rule will become the first.
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| position | path | integer | true | index position for firewall rule, 0 is first |
Example responses
200 Response
{
"response": {
"status": "submitted",
"rule": "MACRO_CUST -o eth1 -s 10.0.2.0/24 -j MASQUERADE\\n",
"position": 0,
"token": "15641555503109_367028783492026941846541919926446643820946500940416"
}
}
400 Response
{
"error": {
"name": "APIArgumentError",
"log": "156415545591919091797511226100046886299005",
"message": "position exceeds the number of rules"
}
}
Authentication information missing or invalid
{
"error": {
"name": "UnauthorizedError",
"log": "1563472268929826518356034508450851266833526",
"message": "Invalid or expired token"
}
}
403 Response
{
"response": {
"message": "Must be licensed first",
"log": "123901290309083024802120939123901023091239",
"name": "PrerequisiteError"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Accepted | Inline |
| 400 | Bad Request | Bad request | Inline |
| 401 | Unauthorized | Authentication information missing or invalid | Inline |
| 403 | Forbidden | Request Forbidden - operation not allowed | Inline |
Response Schema
Status Code 200
FirewallRuleOperationResponse
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| response | object | false | - | - |
| status | string | false | - | - |
| rule | string | false | - | - |
| position | integer | false | - | - |
| token | string | false | - | Task token |
Status Code 400
Error
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| error | object | false | - | - |
| name | string | false | - | - |
| log | string | false | - | - |
| message | string | false | - | - |
Status Code 403
Error
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| error | object | false | - | - |
| name | string | false | - | - |
| log | string | false | - | - |
| message | string | false | - | - |
Get firewall subgroups
Code samples
# You can also use wget
curl -X GET -u api:myapipassword https://vns3-host:8000/api/firewall/rules/subgroup \
-H 'Accept: application/json'
from cohesivenet import VNS3Client
api_response = vns3_client.firewall.get_firewall_rule_subgroups(
name=name,
verbose=verbose)
print(api_response.json())
GET /firewall/rules/subgroup
Get a list of current firewall rules at subgroup (chained rules)
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| name | query | string | false | name of resource |
| verbose | query | boolean | false | True for verbose output |
Example responses
200 Response
{
"response": [
"string"
]
}
Authentication information missing or invalid
{
"error": {
"name": "UnauthorizedError",
"log": "1563472268929826518356034508450851266833526",
"message": "Invalid or expired token"
}
}
403 Response
{
"response": {
"message": "Must be licensed first",
"log": "123901290309083024802120939123901023091239",
"name": "PrerequisiteError"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
| 401 | Unauthorized | Authentication information missing or invalid | Inline |
| 403 | Forbidden | Request Forbidden - operation not allowed | Inline |
Response Schema
Status Code 200
FirewallSubgroupListResponse
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| response | any | false | - | - |
oneOf
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| any | [string] | false | - | - |
| FirewallSubgroupRule | string | false | - | Begins with name and is followed by Firewall rule. This is single rule in the chain. |
xor
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| any | [array] | false | - | - |
| FirewallSubgroupRule | string | false | - | Begins with name and is followed by Firewall rule. This is single rule in the chain. |
Status Code 403
Error
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| error | object | false | - | - |
| name | string | false | - | - |
| log | string | false | - | - |
| message | string | false | - | - |
Create firewall subgroup
Code samples
# You can also use wget
curl -X POST -u api:myapipassword https://vns3-host:8000/api/firewall/rules/subgroup \
-H 'Content-Type: application/json' \
-H 'Accept: application/json'
from cohesivenet import VNS3Client
api_response = vns3_client.firewall.post_create_firewall_subgroup(
name=name,
position=position,
flush=flush)
print(api_response.json())
POST /firewall/rules/subgroup
Create a new firewall subgroup. Subgroups are named lists of rules that can be "jumped to" from another rule. These are effectively IPtables custom chains. For example, INPUT_CUST -s 10.0.2.0/24 -j MYGROUP
Body parameter
{
"rules": "string",
"name": "string",
"position": 1,
"flush": true
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| rules | body | string | false | Chained firewall rules seperated by \n. Rule should be preceded by group name |
| name | body | string | false | 'name of the subgroup. Must be valid chain that begins with one of the following: PRE_C_, PST_C_, FWD_C_, INP_C_, OUT_C_.' |
| position | body | integer | false | Position which the chain will be inserted in the list of Firewall rules. Default is 0, which is first in the ruleset |
| flush | body | boolean | false | - |
One of the following param combinations are required:
name
rules
Example responses
200 Response
{
"response": {
"status": "ok",
"rules": "Rule 1\\n Rule 2\\n Rule 3"
}
}
400 Response
{
"error": {
"name": "APIArgumentError",
"log": "1564155261466915664338789304780698957922014",
"message": "invalid subgroup name - some bad name"
}
}
Authentication information missing or invalid
{
"error": {
"name": "UnauthorizedError",
"log": "1563472268929826518356034508450851266833526",
"message": "Invalid or expired token"
}
}
403 Response
{
"response": {
"message": "Must be licensed first",
"log": "123901290309083024802120939123901023091239",
"name": "PrerequisiteError"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Accepted | Inline |
| 400 | Bad Request | Bad request | Inline |
| 401 | Unauthorized | Authentication information missing or invalid | Inline |
| 403 | Forbidden | Request Forbidden - operation not allowed | Inline |
Response Schema
Status Code 400
Error
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| error | object | false | - | - |
| name | string | false | - | - |
| log | string | false | - | - |
| message | string | false | - | - |
Status Code 403
Error
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| error | object | false | - | - |
| name | string | false | - | - |
| log | string | false | - | - |
| message | string | false | - | - |
Reload firewall subgroups
Code samples
# You can also use wget
curl -X PUT -u api:myapipassword https://vns3-host:8000/api/firewall/rules/subgroup \
-H 'Content-Type: application/json' \
-H 'Accept: application/json'
from cohesivenet import VNS3Client
api_response = vns3_client.firewall.put_reinitialize_firewall_subgroups(
reinitialize=reinitialize)
print(api_response.json())
PUT /firewall/rules/subgroup
Reload firewall subgroups
Body parameter
{
"reinitialize": true
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| reinitialize | body | boolean | false | - |
Example responses
Authentication information missing or invalid
{
"error": {
"name": "UnauthorizedError",
"log": "1563472268929826518356034508450851266833526",
"message": "Invalid or expired token"
}
}
403 Response
{
"response": {
"message": "Must be licensed first",
"log": "123901290309083024802120939123901023091239",
"name": "PrerequisiteError"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | - |
| 401 | Unauthorized | Authentication information missing or invalid | Inline |
| 403 | Forbidden | Request Forbidden - operation not allowed | Inline |
Response Schema
Status Code 403
Error
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| error | object | false | - | - |
| name | string | false | - | - |
| log | string | false | - | - |
| message | string | false | - | - |
Delete firewall subgroup
Code samples
# You can also use wget
curl -X DELETE -u api:myapipassword https://vns3-host:8000/api/firewall/rules/subgroup \
-H 'Content-Type: application/json' \
-H 'Accept: application/json'
from cohesivenet import VNS3Client
api_response = vns3_client.firewall.delete_firewall_subgroup(
rules=rules,
name=name)
print(api_response.json())
DELETE /firewall/rules/subgroup
Delete Firewall subgroup by name or rules
Body parameter
{
"rules": "string",
"name": "string"
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| rules | body | string | false | Chained firewall rules seperated by "\n" |
| name | body | string | false | Name of the subgroup chain. Must be valid chain name. |
Example responses
200 Response
{
"response": {
"status": "string"
}
}
Authentication information missing or invalid
{
"error": {
"name": "UnauthorizedError",
"log": "1563472268929826518356034508450851266833526",
"message": "Invalid or expired token"
}
}
403 Response
{
"response": {
"message": "Must be licensed first",
"log": "123901290309083024802120939123901023091239",
"name": "PrerequisiteError"
}
}
404 Response
{
"error": {
"name": "APINotFoundError",
"log": "15640808375976073208002188741879242245537",
"message": "Chain named some BAD_NAME not found."
}
}
410 Response
{
"error": {
"name": "APINotFoundError",
"log": "15640808375976073208002188741879242245537",
"message": "Chain references remain for CHAIN_NAME, although rules were deleted."
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
| 401 | Unauthorized | Authentication information missing or invalid | Inline |
| 403 | Forbidden | Request Forbidden - operation not allowed | Inline |
| 404 | Not Found | Not found | Inline |
| 410 | Gone | Resource gone | Inline |
Response Schema
Status Code 200
SimpleStatusResponse
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| response | object | false | - | - |
| status | string | false | - | - |
Status Code 403
Error
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| error | object | false | - | - |
| name | string | false | - | - |
| log | string | false | - | - |
| message | string | false | - | - |
Status Code 404
Error
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| error | object | false | - | - |
| name | string | false | - | - |
| log | string | false | - | - |
| message | string | false | - | - |
Status Code 410
Error
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| error | object | false | - | - |
| name | string | false | - | - |
| log | string | false | - | - |
| message | string | false | - | - |
Get firewall FWSets
Code samples
# You can also use wget
curl -X GET -u api:myapipassword https://vns3-host:8000/api/firewall/fwsets \
-H 'Accept: application/json'
from cohesivenet import VNS3Client
api_response = vns3_client.firewall.get_firewall_fw_sets(
name=name,
verbose=verbose)
print(api_response.json())
GET /firewall/fwsets
Get a list of current firewall rule sets. These are IPsets that allow for faster matching of rules against IPs. See http://ipset.netfilter.org for more details.
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| name | query | string | false | name of resource |
| verbose | query | boolean | false | True for verbose output |
Example responses
200 Response
{
"response": [
"string"
]
}
Authentication information missing or invalid
{
"error": {
"name": "UnauthorizedError",
"log": "1563472268929826518356034508450851266833526",
"message": "Invalid or expired token"
}
}
403 Response
{
"response": {
"message": "Must be licensed first",
"log": "123901290309083024802120939123901023091239",
"name": "PrerequisiteError"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
| 401 | Unauthorized | Authentication information missing or invalid | Inline |
| 403 | Forbidden | Request Forbidden - operation not allowed | Inline |
Response Schema
Status Code 200
FirewallFWSetListResponse
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| response | [string] | false | - | - |
| FirewallFWSetString | string | false | - | Begins with name and is followed by Firewall rules. This is an indexed rule that allows for speedy matching on IPs |
Status Code 403
Error
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| error | object | false | - | - |
| name | string | false | - | - |
| log | string | false | - | - |
| message | string | false | - | - |
Create firewall FWSet
Code samples
# You can also use wget
curl -X POST -u api:myapipassword https://vns3-host:8000/api/firewall/fwsets \
-H 'Content-Type: application/json' \
-H 'Accept: application/json'
from cohesivenet import VNS3Client
api_response = vns3_client.firewall.post_create_firewall_fw_set(
rules=rules,
name=name,
flush=flush)
print(api_response.json())
POST /firewall/fwsets
Create a new firewall FWSet for fast rule matching
Body parameter
{
"rules": "string",
"name": "string",
"flush": true
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| rules | body | string | false | Chained firewall rules seperated by "\n" |
| name | body | string | false | 'name of the FWSet. Must be valid chain that begins with one of the following: NETS_, PORTS_, LIST_.' |
| flush | body | boolean | false | - |
Example responses
200 Response
{
"response": {
"status": "ok",
"rules": "Rule 1\\n Rule 2\\n Rule 3"
}
}
400 Response
{
"error": {
"name": "APIArgumentError",
"log": "1564155261466915664338789304780698957922014",
"message": "invalid FWSet name - some bad name"
}
}
Authentication information missing or invalid
{
"error": {
"name": "UnauthorizedError",
"log": "1563472268929826518356034508450851266833526",
"message": "Invalid or expired token"
}
}
403 Response
{
"response": {
"message": "Must be licensed first",
"log": "123901290309083024802120939123901023091239",
"name": "PrerequisiteError"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Accepted | Inline |
| 400 | Bad Request | Bad request | Inline |
| 401 | Unauthorized | Authentication information missing or invalid | Inline |
| 403 | Forbidden | Request Forbidden - operation not allowed | Inline |
Response Schema
Status Code 400
Error
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| error | object | false | - | - |
| name | string | false | - | - |
| log | string | false | - | - |
| message | string | false | - | - |
Status Code 403
Error
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| error | object | false | - | - |
| name | string | false | - | - |
| log | string | false | - | - |
| message | string | false | - | - |
Reload all firewall FWsets
Code samples
# You can also use wget
curl -X PUT -u api:myapipassword https://vns3-host:8000/api/firewall/fwsets \
-H 'Content-Type: application/json' \
-H 'Accept: application/json'
from cohesivenet import VNS3Client
api_response = vns3_client.firewall.put_reinitialize_fw_sets(
reinitialize=reinitialize)
print(api_response.json())
PUT /firewall/fwsets
Reload all firewall FWsets
Body parameter
{
"reinitialize": true
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| reinitialize | body | boolean | false | - |
Example responses
Authentication information missing or invalid
{
"error": {
"name": "UnauthorizedError",
"log": "1563472268929826518356034508450851266833526",
"message": "Invalid or expired token"
}
}
403 Response
{
"response": {
"message": "Must be licensed first",
"log": "123901290309083024802120939123901023091239",
"name": "PrerequisiteError"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | - |
| 401 | Unauthorized | Authentication information missing or invalid | Inline |
| 403 | Forbidden | Request Forbidden - operation not allowed | Inline |
Response Schema
Status Code 403
Error
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| error | object | false | - | - |
| name | string | false | - | - |
| log | string | false | - | - |
| message | string | false | - | - |
Delete firewall FWSet
Code samples
# You can also use wget
curl -X DELETE -u api:myapipassword https://vns3-host:8000/api/firewall/fwsets \
-H 'Content-Type: application/json' \
-H 'Accept: application/json'
from cohesivenet import VNS3Client
api_response = vns3_client.firewall.delete_firewall_fw_set(
rules=rules,
name=name)
print(api_response.json())
DELETE /firewall/fwsets
Delete Firewall FWSet by name or rules
Body parameter
{
"rules": "string",
"name": "string"
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| rules | body | string | false | Chained firewall rules seperated by "\n" |
| name | body | string | false | Name of the FWSet. Must be valid chain that begins with one of the following: NETS_, PORTS_, LIST_. |
Example responses
200 Response
{
"response": {
"status": "finished_ok"
}
}
400 Response
{
"error": {
"name": "APIArgumentError",
"log": "1564155261466915664338789304780698957922014",
"message": "More than one FWSet name found in rules"
}
}
Authentication information missing or invalid
{
"error": {
"name": "UnauthorizedError",
"log": "1563472268929826518356034508450851266833526",
"message": "Invalid or expired token"
}
}
403 Response
{
"response": {
"message": "Must be licensed first",
"log": "123901290309083024802120939123901023091239",
"name": "PrerequisiteError"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
| 400 | Bad Request | Bad request | Inline |
| 401 | Unauthorized | Authentication information missing or invalid | Inline |
| 403 | Forbidden | Request Forbidden - operation not allowed | Inline |
Response Schema
Status Code 200
SimpleStatusResponse
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| response | object | false | - | - |
| status | string | false | - | - |
Status Code 400
Error
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| error | object | false | - | - |
| name | string | false | - | - |
| log | string | false | - | - |
| message | string | false | - | - |
Status Code 403
Error
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| error | object | false | - | - |
| name | string | false | - | - |
| log | string | false | - | - |
| message | string | false | - | - |
Routing
Control the network route table
Get routes
Code samples
# You can also use wget
curl -X GET -u api:myapipassword https://vns3-host:8000/api/routes \
-H 'Accept: application/json'
from cohesivenet import VNS3Client
api_response = vns3_client.routing.get_routes()
print(api_response.json())
GET /routes
Describes routes that this manager has access to via its network interfaces (virtual or otherwise). If advertized, other VNS3 Controllers will receive the route instantly. Network clients will receive it when they get their next route push, which is normally on a re-connect or in neartime if they use the VNS3 Routing agent on their cloud servers. Remote endpoints (other data centers) would not receive the route unless specified as part of their IPsec Configuration AND the Configuration of such a tunnel on the VNS3 controller.
Example responses
200 Response
{
"response": {
"1": {
"netmask": "240.0.0.0",
"id": 1,
"cidr": "224.0.0.0/4",
"interface": "tun0",
"description": "Multicast (auto-added)",
"advertise": false,
"metric": 0
},
"2": {
"netmask": "255.255.255.0",
"id": 2,
"cidr": "192.168.1.0/24",
"gateway": "192.168.1.1",
"interface": "eth0",
"description": "US West Peer",
"advertise": false,
"metric": 0
}
}
}
Authentication information missing or invalid
{
"error": {
"name": "UnauthorizedError",
"log": "1563472268929826518356034508450851266833526",
"message": "Invalid or expired token"
}
}
403 Response
{
"unlicensedExample": {
"value": {
"error": {
"name": "PrerequisiteError",
"log": "1563472268929826518356034508450851266833526",
"message": "Must be licensed first."
}
}
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
| 401 | Unauthorized | Authentication information missing or invalid | Inline |
| 403 | Forbidden | Request Forbidden - operation not allowed | Inline |
Response Schema
Status Code 200
RoutesListResponse
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| response | object | false | - | - |
| Route | object | false | - | - |
| netmask | string | false | - | - |
| id | integer | false | - | - |
| cidr | string | false | - | - |
| interface | string | false | - | - |
| description | string | false | - | - |
| advertise | boolean | false | - | - |
| metric | integer | false | - | - |
| gateway | string | false | - | - |
| tunnel | object | false | - | - |
| id | integer | false | - | - |
| local_subnet | string | false | - | - |
| remote_subnet | string | false | - | - |
| endpointid | integer | false | - | - |
| endpoint_id | integer | false | - | - |
| endpoint_name | string | false | - | - |
| enabled | boolean | false | - | - |
| active | boolean | false | - | - |
| description | string¦null | false | - | - |
| bounce | boolean | false | - | True if tunnel was just bounced |
| connected | boolean | false | - | - |
| ping_interface | string | false | - | - |
| ping_interval | integer¦null | false | - | Interval for ping in seconds |
| ping_ipaddress | string | false | - | - |
| tunnel_params | object | false | - | - |
| phase2 | string | false | - | - |
| outbound_spi | string | false | - | - |
| inbound_spi | string | false | - | - |
| bytes_in | string | false | - | - |
| bytes_out | string | false | - | - |
| esp_time_remaining | string | false | - | - |
| esp_port | string | false | - | - |
| phase2_algo | string | false | - | - |
| phase2_hash | string | false | - | - |
| nat_t | string | false | - | - |
| dpd | string | false | - | - |
| pfs_dh_group | string¦null | false | - | - |
| phase1 | string | false | - | - |
| isakmp_port | string | false | - | - |
| isakmp_time_remaining | string | false | - | - |
| last_dpd | string | false | - | - |
| phase1_cipher | string¦null | false | - | - |
| phase1_prf | string¦null | false | - | - |
| phase1_dh_group | string¦null | false | - | - |
| ike_version | string | false | - | - |
Enumerated Values
| Property | Value |
|---|---|
| ping_interface | eth0 |
| ping_interface | tun0 |
Create route
Code samples
# You can also use wget
curl -X POST -u api:myapipassword https://vns3-host:8000/api/routes \
-H 'Content-Type: application/json' \
-H 'Accept: application/json'
from cohesivenet import VNS3Client
api_response = vns3_client.routing.post_create_route(
cidr=cidr,
description=description,
interface=interface,
gateway=gateway,
tunnel=tunnel,
advertise=advertise,
metric=metric)
print(api_response.json())
POST /routes
Pushes routes that this manager has access to via its network interfaces (virtual or otherwise)
Body parameter
{
"cidr": "string",
"description": "string",
"interface": "string",
"gateway": "string",
"tunnel": 1,
"advertise": true,
"metric": 0
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| cidr | body | string | true | CIDR of a route that the VNS3 Controller has access to that it wants to publish throughout the Routing tables of the overlay network |
| description | body | string | false | - |
| interface | body | string | false | Sets the interface where this route will be advertised. |
| gateway | body | string | false | If interface is set, a specific gateway address reachable from that interface |
| tunnel | body | integer | false | numerical reference for the GRE endpoint id (must provide either tunnel OR interface) |
| advertise | body | boolean | false | advertise route to overlay network |
| metric | body | integer | false | weight for route |
Example responses
200 Response
{
"response": {
"1": {
"netmask": "240.0.0.0",
"id": 1,
"cidr": "224.0.0.0/4",
"interface": "tun0",
"description": "Multicast (auto-added)",
"advertise": false,
"metric": 0
},
"2": {
"netmask": "255.255.255.0",
"id": 2,
"cidr": "192.168.1.0/24",
"interface": "eth0",
"gateway": "192.168.1.1",
"description": "Peer 1 subnet Gateway",
"advertise": false,
"metric": 0
}
}
}
400 Response
{
"error": {
"name": "APIArgumentError",
"log": "156348346294205629750334447737345166168929",
"message": "Validation failed: Ipsec tunnel bad tunnel ID"
}
}
Authentication information missing or invalid
{
"error": {
"name": "UnauthorizedError",
"log": "1563472268929826518356034508450851266833526",
"message": "Invalid or expired token"
}
}
403 Response
{
"unlicensedExample": {
"value": {
"error": {
"name": "PrerequisiteError",
"log": "1563472268929826518356034508450851266833526",
"message": "Must be licensed first."
}
}
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Created | Inline |
| 400 | Bad Request | Bad request | Inline |
| 401 | Unauthorized | Authentication information missing or invalid | Inline |
| 403 | Forbidden | Request Forbidden - operation not allowed | Inline |
Response Schema
Status Code 200
RoutesListResponse
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| response | object | false | - | - |
| Route | object | false | - | - |
| netmask | string | false | - | - |
| id | integer | false | - | - |
| cidr | string | false | - | - |
| interface | string | false | - | - |
| description | string | false | - | - |
| advertise | boolean | false | - | - |
| metric | integer | false | - | - |
| gateway | string | false | - | - |
| tunnel | object | false | - | - |
| id | integer | false | - | - |
| local_subnet | string | false | - | - |
| remote_subnet | string | false | - | - |
| endpointid | integer | false | - | - |
| endpoint_id | integer | false | - | - |
| endpoint_name | string | false | - | - |
| enabled | boolean | false | - | - |
| active | boolean | false | - | - |
| description | string¦null | false | - | - |
| bounce | boolean | false | - | True if tunnel was just bounced |
| connected | boolean | false | - | - |
| ping_interface | string | false | - | - |
| ping_interval | integer¦null | false | - | Interval for ping in seconds |
| ping_ipaddress | string | false | - | - |
| tunnel_params | object | false | - | - |
| phase2 | string | false | - | - |
| outbound_spi | string | false | - | - |
| inbound_spi | string | false | - | - |
| bytes_in | string | false | - | - |
| bytes_out | string | false | - | - |
| esp_time_remaining | string | false | - | - |
| esp_port | string | false | - | - |
| phase2_algo | string | false | - | - |
| phase2_hash | string | false | - | - |
| nat_t | string | false | - | - |
| dpd | string | false | - | - |
| pfs_dh_group | string¦null | false | - | - |
| phase1 | string | false | - | - |
| isakmp_port | string | false | - | - |
| isakmp_time_remaining | string | false | - | - |
| last_dpd | string | false | - | - |
| phase1_cipher | string¦null | false | - | - |
| phase1_prf | string¦null | false | - | - |
| phase1_dh_group | string¦null | false | - | - |
| ike_version | string | false | - | - |
Enumerated Values
| Property | Value |
|---|---|
| ping_interface | eth0 |
| ping_interface | tun0 |
Status Code 400
Error
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| error | object | false | - | - |
| name | string | false | - | - |
| log | string | false | - | - |
| message | string | false | - | - |
Delete route
Code samples
# You can also use wget
curl -X DELETE -u api:myapipassword https://vns3-host:8000/api/routes/{route_id} \
-H 'Accept: application/json'
from cohesivenet import VNS3Client
api_response = vns3_client.routing.delete_route(route_id)
print(api_response.json())
DELETE /routes/{route_id}
Delete route
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| route_id | path | integer | true | ID for Route |
Example responses
200 Response
{
"response": {
"property1": {
"netmask": "string",
"id": 1,
"cidr": "string",
"interface": "string",
"description": "string",
"advertise": true,
"metric": 0,
"gateway": "string",
"tunnel": {
"id": 1,
"local_subnet": "string",
"remote_subnet": "string",
"endpointid": 1,
"endpoint_id": 1,
"endpoint_name": "string",
"enabled": true,
"active": true,
"description": "string",
"bounce": true,
"connected": true,
"ping_interface": "eth0",
"ping_interval": 0,
"ping_ipaddress": "string",
"tunnel_params": {
"phase2": "string",
"outbound_spi": "string",
"inbound_spi": "string",
"bytes_in": "string",
"bytes_out": "string",
"esp_time_remaining": "string",
"esp_port": "string",
"phase2_algo": "string",
"phase2_hash": "string",
"nat_t": "string",
"dpd": "string",
"pfs_dh_group": "string",
"phase1": "string",
"isakmp_port": "string",
"isakmp_time_remaining": "string",
"last_dpd": "string",
"phase1_cipher": "string",
"phase1_prf": "string",
"phase1_dh_group": "string",
"ike_version": "string"
}
}
},
"property2": {
"netmask": "string",
"id": 1,
"cidr": "string",
"interface": "string",
"description": "string",
"advertise": true,
"metric": 0,
"gateway": "string",
"tunnel": {
"id": 1,
"local_subnet": "string",
"remote_subnet": "string",
"endpointid": 1,
"endpoint_id": 1,
"endpoint_name": "string",
"enabled": true,
"active": true,
"description": "string",
"bounce": true,
"connected": true,
"ping_interface": "eth0",
"ping_interval": 0,
"ping_ipaddress": "string",
"tunnel_params": {
"phase2": "string",
"outbound_spi": "string",
"inbound_spi": "string",
"bytes_in": "string",
"bytes_out": "string",
"esp_time_remaining": "string",
"esp_port": "string",
"phase2_algo": "string",
"phase2_hash": "string",
"nat_t": "string",
"dpd": "string",
"pfs_dh_group": "string",
"phase1": "string",
"isakmp_port": "string",
"isakmp_time_remaining": "string",
"last_dpd": "string",
"phase1_cipher": "string",
"phase1_prf": "string",
"phase1_dh_group": "string",
"ike_version": "string"
}
}
}
}
}
400 Response
{
"error": {
"name": "APIArgumentError",
"log": "156348346294205629750334447737345166168929",
"message": "bad route id or route not found"
}
}
Authentication information missing or invalid
{
"error": {
"name": "UnauthorizedError",
"log": "1563472268929826518356034508450851266833526",
"message": "Invalid or expired token"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Accepted | Inline |
| 400 | Bad Request | Bad request | Inline |
| 401 | Unauthorized | Authentication information missing or invalid | Inline |
Response Schema
Status Code 200
RoutesListResponse
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| response | object | false | - | - |
| Route | object | false | - | - |
| netmask | string | false | - | - |
| id | integer | false | - | - |
| cidr | string | false | - | - |
| interface | string | false | - | - |
| description | string | false | - | - |
| advertise | boolean | false | - | - |
| metric | integer | false | - | - |
| gateway | string | false | - | - |
| tunnel | object | false | - | - |
| id | integer | false | - | - |
| local_subnet | string | false | - | - |
| remote_subnet | string | false | - | - |
| endpointid | integer | false | - | - |
| endpoint_id | integer | false | - | - |
| endpoint_name | string | false | - | - |
| enabled | boolean | false | - | - |
| active | boolean | false | - | - |
| description | string¦null | false | - | - |
| bounce | boolean | false | - | True if tunnel was just bounced |
| connected | boolean | false | - | - |
| ping_interface | string | false | - | - |
| ping_interval | integer¦null | false | - | Interval for ping in seconds |
| ping_ipaddress | string | false | - | - |
| tunnel_params | object | false | - | - |
| phase2 | string | false | - | - |
| outbound_spi | string | false | - | - |
| inbound_spi | string | false | - | - |
| bytes_in | string | false | - | - |
| bytes_out | string | false | - | - |
| esp_time_remaining | string | false | - | - |
| esp_port | string | false | - | - |
| phase2_algo | string | false | - | - |
| phase2_hash | string | false | - | - |
| nat_t | string | false | - | - |
| dpd | string | false | - | - |
| pfs_dh_group | string¦null | false | - | - |
| phase1 | string | false | - | - |
| isakmp_port | string | false | - | - |
| isakmp_time_remaining | string | false | - | - |
| last_dpd | string | false | - | - |
| phase1_cipher | string¦null | false | - | - |
| phase1_prf | string¦null | false | - | - |
| phase1_dh_group | string¦null | false | - | - |
| ike_version | string | false | - | - |
Enumerated Values
| Property | Value |
|---|---|
| ping_interface | eth0 |
| ping_interface | tun0 |
Status Code 400
Error
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| error | object | false | - | - |
| name | string | false | - | - |
| log | string | false | - | - |
| message | string | false | - | - |
Overlay Network
Configure and control encrypted overlay network
Get clients status
Code samples
# You can also use wget
curl -X GET -u api:myapipassword https://vns3-host:8000/api/status/clients \
-H 'Accept: application/json'
from cohesivenet import VNS3Client
api_response = vns3_client.overlay_network.get_clients_status()
print(api_response.json())
GET /status/clients
Describe overlay clients
Example responses
200 Response
{
"response": {
"property1": {
"managerid": 1,
"overlay_ipaddress": "string",
"ipaddress": "string",
"tags": {
"property1": "string",
"property2": "string"
}
},
"property2": {
"managerid": 1,
"overlay_ipaddress": "string",
"ipaddress": "string",
"tags": {
"property1": "string",
"property2": "string"
}
}
}
}
Authentication information missing or invalid
{
"error": {
"name": "UnauthorizedError",
"log": "1563472268929826518356034508450851266833526",
"message": "Invalid or expired token"
}
}
403 Response
{
"unlicensedExample": {
"value": {
"error": {
"name": "PrerequisiteError",
"log": "1563472268929826518356034508450851266833526",
"message": "Must be licensed first."
}
}
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
| 401 | Unauthorized | Authentication information missing or invalid | Inline |
| 403 | Forbidden | Request Forbidden - operation not allowed | Inline |
Response Schema
Status Code 200
OverlayClientsListResponse
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| response | object | false | - | Client details with IPs as keys |
| OverlayClient | object | false | - | - |
| managerid | integer | false | - | - |
| overlay_ipaddress | string | false | - | - |
| ipaddress | string | false | - | - |
| tags | object | false | - | Key, value object of tags |
| additionalProperties | string | false | - | - |
Get clientpacks
Code samples
# You can also use wget
curl -X GET -u api:myapipassword https://vns3-host:8000/api/clientpacks \
-H 'Accept: application/json'
from cohesivenet import VNS3Client
api_response = vns3_client.overlay_network.get_clientpacks(
sorted=sorted)
print(api_response.json())
GET /clientpacks
Returns detailed information about all of the clientpacks in the topology. If manager's are properly peered, this information can come from any of the controllers.
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| sorted | query | boolean | false | Sort resources |
Example responses
200 Response
{
"response": {
"property1": {
"name": "string",
"overlay_ipaddress": "string",
"linux_onefile": "string",
"enabled": true,
"conf_sha1": "string",
"windows_onefile": "string",
"ovpn_sha1": "string",
"tarball_file": "string",
"tarball_sha1": "string",
"sequential_id": 0,
"checked_out": true,
"zip_sha1": "string",
"zip_file": "string",
"last_connect": "string",
"last_disconnect": "string",
"status": "string",
"connected": true,
"tags": {
"property1": "string",
"property2": "string"
}
},
"property2": {
"name": "string",
"overlay_ipaddress": "string",
"linux_onefile": "string",
"enabled": true,
"conf_sha1": "string",
"windows_onefile": "string",
"ovpn_sha1": "string",
"tarball_file": "string",
"tarball_sha1": "string",
"sequential_id": 0,
"checked_out": true,
"zip_sha1": "string",
"zip_file": "string",
"last_connect": "string",
"last_disconnect": "string",
"status": "string",
"connected": true,
"tags": {
"property1": "string",
"property2": "string"
}
}
}
}
Authentication information missing or invalid
{
"error": {
"name": "UnauthorizedError",
"log": "1563472268929826518356034508450851266833526",
"message": "Invalid or expired token"
}
}
403 Response
{
"response": {
"message": "Keyset is missing",
"log": "123901290309083024802120939123901023091239",
"name": "PrerequisiteError"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
| 401 | Unauthorized | Authentication information missing or invalid | Inline |
| 403 | Forbidden | Request Forbidden - operation not allowed | Inline |
Response Schema
Status Code 200
ClientpackListResponse
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| response | object | false | - | - |
| ClientPack | object | false | - | - |
| name | string | false | - | - |
| overlay_ipaddress | string | false | - | - |
| linux_onefile | string | false | - | - |
| enabled | boolean | false | - | - |
| conf_sha1 | string | false | - | - |
| windows_onefile | string | false | - | - |
| ovpn_sha1 | string | false | - | - |
| tarball_file | string | false | - | - |
| tarball_sha1 | string | false | - | - |
| sequential_id | integer | false | - | - |
| checked_out | boolean | false | - | - |
| zip_sha1 | string | false | - | - |
| zip_file | string | false | - | - |
| last_connect | string | false | - | - |
| last_disconnect | string | false | - | - |
| status | string | false | - | - |
| connected | boolean | false | - | - |
| tags | object | false | - | Key, value object of tags |
| additionalProperties | string | false | - | - |
Status Code 403
Error
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| error | object | false | - | - |
| name | string | false | - | - |
| log | string | false | - | - |
| message | string | false | - | - |
Update all clientpacks
Code samples
# You can also use wget
curl -X PUT -u api:myapipassword https://vns3-host:8000/api/clientpacks \
-H 'Content-Type: application/json' \
-H 'Accept: application/json'
from cohesivenet import VNS3Client
api_response = vns3_client.overlay_network.put_update_all_clientpacks(
enabled=enabled,
checked_out=checked_out)
print(api_response.json())
PUT /clientpacks
For bulk set of the enabled (true/false) state for all clientpacks and the checked_out (true/false) state for all clientpacks. This enables a variety of work flows by calling these functions after key generation, but before general provisioning of addresses to devivces
Body parameter
{
"enabled": true,
"checked_out": true
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| enabled | body | boolean | false | Enable or disable clientpacks. |
| checked_out | body | boolean | false | Update whether clientpacks are checked out and thus unavailable |
Example responses
200 Response
{
"response": {
"enabled": true,
"checked_out": true
}
}
400 Response
{
"error": {
"name": "APIArgumentError",
"log": "156383509848878372758564869593812797782733",
"message": "Argument must have a true or false value"
}
}
Authentication information missing or invalid
{
"error": {
"name": "UnauthorizedError",
"log": "1563472268929826518356034508450851266833526",
"message": "Invalid or expired token"
}
}
403 Response
{
"response": {
"message": "Must be licensed first.",
"log": "123901290309083024802120939123901023091239",
"name": "PrerequisiteError"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
| 400 | Bad Request | Bad request | Inline |
| 401 | Unauthorized | Authentication information missing or invalid | Inline |
| 403 | Forbidden | Request Forbidden - operation not allowed | Inline |
Response Schema
Status Code 200
UpdateClientpacksStatusResponse
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| response | object | false | - | - |
| enabled | boolean | false | - | - |
| checked_out | boolean | false | - | - |
Status Code 400
Error
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| error | object | false | - | - |
| name | string | false | - | - |
| log | string | false | - | - |
| message | string | false | - | - |
Status Code 403
Error
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| error | object | false | - | - |
| name | string | false | - | - |
| log | string | false | - | - |
| message | string | false | - | - |
Create new clientpack
Code samples
# You can also use wget
curl -X POST -u api:myapipassword https://vns3-host:8000/api/clientpacks/add_clientpacks \
-H 'Content-Type: application/json' \
-H 'Accept: application/json'
from cohesivenet import VNS3Client
api_response = vns3_client.overlay_network.post_add_clientpacks(
requested_ips=requested_ips)
print(api_response.json())
POST /clientpacks/add_clientpacks
Incrementally add new clientpacks for use
Body parameter
{
"requested_ips": "string"
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| requested_ips | body | string | true | CSV of IP addresses to be used for new clientpacks |
Example responses
200 Response
{
"response": "string"
}
Authentication information missing or invalid
{
"error": {
"name": "UnauthorizedError",
"log": "1563472268929826518356034508450851266833526",
"message": "Invalid or expired token"
}
}
403 Response
{
"response": {
"message": "Not enough room in license for 5 more clientpacks.",
"log": "123901290309083024802120939123901023091239",
"name": "OperationNotAllowedError"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
| 401 | Unauthorized | Authentication information missing or invalid | Inline |
| 403 | Forbidden | Request Forbidden - operation not allowed | Inline |
Response Schema
Status Code 200
SimpleStringResponse
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| response | string | false | - | - |
Status Code 403
Error
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| error | object | false | - | - |
| name | string | false | - | - |
| log | string | false | - | - |
| message | string | false | - | - |
Get clientpack details
Code samples
# You can also use wget
curl -X GET -u api:myapipassword https://vns3-host:8000/api/clientpacks/{clientpack_name} \
-H 'Accept: application/json'
from cohesivenet import VNS3Client
api_response = vns3_client.overlay_network.get_clientpack(clientpack_name)
print(api_response.json())
GET /clientpacks/{clientpack_name}
Returns detailed information about all of the clientpacks in the topology. If manager's are properly peered, this information can come from any of the controllers.
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| clientpack_name | path | string | true | name of clientpack |
Example responses
200 Response
{
"response": {
"clientpack": {
"name": "string",
"overlay_ipaddress": "string",
"linux_onefile": "string",
"enabled": true,
"conf_sha1": "string",
"windows_onefile": "string",
"ovpn_sha1": "string",
"tarball_file": "string",
"tarball_sha1": "string",
"sequential_id": 0,
"checked_out": true,
"zip_sha1": "string",
"zip_file": "string",
"last_connect": "string",
"last_disconnect": "string",
"status": "string",
"connected": true,
"tags": {
"property1": "string",
"property2": "string"
}
}
}
}
Authentication information missing or invalid
{
"error": {
"name": "UnauthorizedError",
"log": "1563472268929826518356034508450851266833526",
"message": "Invalid or expired token"
}
}
403 Response
{
"response": {
"message": "Keyset is missing",
"log": "123901290309083024802120939123901023091239",
"name": "PrerequisiteError"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
| 401 | Unauthorized | Authentication information missing or invalid | Inline |
| 403 | Forbidden | Request Forbidden - operation not allowed | Inline |
Response Schema
Status Code 200
ClientpackDetailResponse
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| response | object | false | - | - |
| clientpack | object | false | - | - |
| name | string | false | - | - |
| overlay_ipaddress | string | false | - | - |
| linux_onefile | string | false | - | - |
| enabled | boolean | false | - | - |
| conf_sha1 | string | false | - | - |
| windows_onefile | string | false | - | - |
| ovpn_sha1 | string | false | - | - |
| tarball_file | string | false | - | - |
| tarball_sha1 | string | false | - | - |
| sequential_id | integer | false | - | - |
| checked_out | boolean | false | - | - |
| zip_sha1 | string | false | - | - |
| zip_file | string | false | - | - |
| last_connect | string | false | - | - |
| last_disconnect | string | false | - | - |
| status | string | false | - | - |
| connected | boolean | false | - | - |
| tags | object | false | - | Key, value object of tags |
| additionalProperties | string | false | - | - |
Status Code 403
Error
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| error | object | false | - | - |
| name | string | false | - | - |
| log | string | false | - | - |
| message | string | false | - | - |
Download clientpack
Code samples
# You can also use wget
curl -X GET -u api:myapipassword https://vns3-host:8000/api/clientpack?name=string&fileformat=string \
-H 'Accept: application/octet-stream'
from cohesivenet import VNS3Client
api_response = vns3_client.overlay_network.get_download_clientpack(
name=name,
fileformat=fileformat)
print(api_response.file_download) # path to downloaded file
GET /clientpack
Returns clientpack file. Clientpacks are files with the necessary information and credentials for an overlay client to be connected to the VNS3 topology
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| name | query | string | true | name of clientpack. Typical IP address with underscores. e.g. 100_127_255_200. |
| fileformat | query | string | true | One of tarball, tar.gz, zip, conf, ovpn |
Example responses
200 Response
"string"
Authentication information missing or invalid
{
"error": {
"name": "UnauthorizedError",
"log": "1563472268929826518356034508450851266833526",
"message": "Invalid or expired token"
}
}
403 Response
{
"response": {
"message": "Must be licensed first",
"log": "123901290309083024802120939123901023091239",
"name": "PrerequisiteError"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Clientpack file | string |
| 401 | Unauthorized | Authentication information missing or invalid | Inline |
| 403 | Forbidden | Request Forbidden - operation not allowed | Inline |
Response Schema
Status Code 403
Error
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| error | object | false | - | - |
| name | string | false | - | - |
| log | string | false | - | - |
| message | string | false | - | - |
Update clientpack
Code samples
# You can also use wget
curl -X PUT -u api:myapipassword https://vns3-host:8000/api/clientpack \
-H 'Content-Type: application/json' \
-H 'Accept: application/json'
from cohesivenet import VNS3Client
api_response = vns3_client.overlay_network.put_update_clientpack(
name=name,
enabled=enabled)
print(api_response.json())
PUT /clientpack
Change properties of clientpacks; enabling or disabling, checking in or out, or regenerating
Body parameter
{
"name": "string",
"enabled": true,
"checked_out": true,
"regenerate": true
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| name | body | string | false | Name of the clientpack (IP snake case) |
| enabled | body | boolean | false | Enable or disable clientpack. |
| checked_out | body | boolean | false | Update whether clientpack is checked out and thus unavailable |
| regenerate | body | boolean | false | Regenerate clientpack file. Returns a task token in the response. |
One of the following param combinations are required:
name, enabled
name, checked_out
name, regenerate
Example responses
200 Response
{
"response": {
"token": "string"
}
}
400 Response
{
"error": {
"name": "APIArgumentError",
"log": "156383509848878372758564869593812797782733",
"message": "name argument must be set"
}
}
Authentication information missing or invalid
{
"error": {
"name": "UnauthorizedError",
"log": "1563472268929826518356034508450851266833526",
"message": "Invalid or expired token"
}
}
403 Response
{
"response": {
"message": "Must be licensed first",
"log": "123901290309083024802120939123901023091239",
"name": "PrerequisiteError"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
| 400 | Bad Request | Bad request | Inline |
| 401 | Unauthorized | Authentication information missing or invalid | Inline |
| 403 | Forbidden | Request Forbidden - operation not allowed | Inline |
Response Schema
Status Code 200
UpdateClientpack
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| UpdateClientpack | any | false | - | - |
oneOf
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| any | object | false | - | - |
| response | object | false | - | - |
| token | string | false | - | - |
xor
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| any | object | false | - | - |
| response | object | false | - | - |
| name | string | false | - | - |
| overlay_ipaddress | string | false | - | - |
| linux_onefile | string | false | - | - |
| enabled | boolean | false | - | - |
| conf_sha1 | string | false | - | - |
| windows_onefile | string | false | - | - |
| ovpn_sha1 | string | false | - | - |
| tarball_file | string | false | - | - |
| tarball_sha1 | string | false | - | - |
| sequential_id | integer | false | - | - |
| checked_out | boolean | false | - | - |
| zip_sha1 | string | false | - | - |
| zip_file | string | false | - | - |
| last_connect | string | false | - | - |
| last_disconnect | string | false | - | - |
| status | string | false | - | - |
| connected | boolean | false | - | - |
| tags | object | false | - | Key, value object of tags |
| additionalProperties | string | false | - | - |
Status Code 400
Error
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| error | object | false | - | - |
| name | string | false | - | - |
| log | string | false | - | - |
| message | string | false | - | - |
Status Code 403
Error
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| error | object | false | - | - |
| name | string | false | - | - |
| log | string | false | - | - |
| message | string | false | - | - |
Checkout next clientpack
Code samples
# You can also use wget
curl -X POST -u api:myapipassword https://vns3-host:8000/api/clientpacks/next_available \
-H 'Content-Type: application/json' \
-H 'Accept: application/json'
from cohesivenet import VNS3Client
api_response = vns3_client.overlay_network.post_checkout_next_clientpack(
low_ip=low_ip,
high_ip=high_ip,
include_disabled=include_disabled)
print(api_response.json())
POST /clientpacks/next_available
Get next sequential client pack. Provides sufficient information to call GET /clientpack. Note, Using this resource against multiple controllers in the same topology could cause distribution of the same clientpack to multiple overlay devices which is not allowed.
Body parameter
{
"low_ip": "string",
"high_ip": "string",
"include_disabled": false
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| low_ip | body | string | false | Set the lower bound for the resulting IP |
| high_ip | body | string | false | Set the upper bound for the resulting IP |
| include_disabled | body | boolean | false | Allows clientpack allocation from the disabled pool, for workflows where all clientpacks are disabled at the start. |
Example responses
200 Response
{
"response": {
"token": "string"
}
}
Authentication information missing or invalid
{
"error": {
"name": "UnauthorizedError",
"log": "1563472268929826518356034508450851266833526",
"message": "Invalid or expired token"
}
}
403 Response
{
"response": {
"message": "Keyset is missing",
"log": "123901290309083024802120939123901023091239",
"name": "PrerequisiteError"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
| 401 | Unauthorized | Authentication information missing or invalid | Inline |
| 403 | Forbidden | Request Forbidden - operation not allowed | Inline |
Response Schema
Status Code 200
UpdateClientpack
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| UpdateClientpack | any | false | - | - |
oneOf
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| any | object | false | - | - |
| response | object | false | - | - |
| token | string | false | - | - |
xor
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| any | object | false | - | - |
| response | object | false | - | - |
| name | string | false | - | - |
| overlay_ipaddress | string | false | - | - |
| linux_onefile | string | false | - | - |
| enabled | boolean | false | - | - |
| conf_sha1 | string | false | - | - |
| windows_onefile | string | false | - | - |
| ovpn_sha1 | string | false | - | - |
| tarball_file | string | false | - | - |
| tarball_sha1 | string | false | - | - |
| sequential_id | integer | false | - | - |
| checked_out | boolean | false | - | - |
| zip_sha1 | string | false | - | - |
| zip_file | string | false | - | - |
| last_connect | string | false | - | - |
| last_disconnect | string | false | - | - |
| status | string | false | - | - |
| connected | boolean | false | - | - |
| tags | object | false | - | Key, value object of tags |
| additionalProperties | string | false | - | - |
Status Code 403
Error
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| error | object | false | - | - |
| name | string | false | - | - |
| log | string | false | - | - |
| message | string | false | - | - |
Reset client
Code samples
# You can also use wget
curl -X POST -u api:myapipassword https://vns3-host:8000/api/client/reset \
-H 'Content-Type: application/json' \
-H 'Accept: application/json'
from cohesivenet import VNS3Client
api_response = vns3_client.overlay_network.post_reset_client(
name=name,
disconnect=disconnect)
print(api_response.json())
POST /client/reset
For resetting the connection of a client to a VNS3 Controller
Body parameter
{
"name": "string",
"disconnect": true
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| name | body | string | true | Name of the clientpack as returned by the "desc_clientpacks" call |
| disconnect | body | boolean | false | - |
Example responses
200 Response
{
"response": {
"disconnecting": "string",
"overlay_ipaddress": "string"
}
}
Authentication information missing or invalid
{
"error": {
"name": "UnauthorizedError",
"log": "1563472268929826518356034508450851266833526",
"message": "Invalid or expired token"
}
}
403 Response
{
"response": {
"message": "Must be licensed first",
"log": "123901290309083024802120939123901023091239",
"name": "PrerequisiteError"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
| 401 | Unauthorized | Authentication information missing or invalid | Inline |
| 403 | Forbidden | Request Forbidden - operation not allowed | Inline |
Response Schema
Status Code 200
ClientpackStatusResponse
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| response | object | false | - | - |
| disconnecting | string | false | - | - |
| overlay_ipaddress | string | false | - | - |
Status Code 403
Error
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| error | object | false | - | - |
| name | string | false | - | - |
| log | string | false | - | - |
| message | string | false | - | - |
Reset all clients
Code samples
# You can also use wget
curl -X POST -u api:myapipassword https://vns3-host:8000/api/clients/reset_all \
-H 'Accept: application/json'
from cohesivenet import VNS3Client
api_response = vns3_client.overlay_network.post_reset_all_clients()
print(api_response.json())
POST /clients/reset_all
For resetting all of the connections of clients connected to the VNS3 Controller
Example responses
200 Response
{
"response": {
"resetting": [
"string"
]
}
}
Authentication information missing or invalid
{
"error": {
"name": "UnauthorizedError",
"log": "1563472268929826518356034508450851266833526",
"message": "Invalid or expired token"
}
}
403 Response
{
"response": {
"message": "Must be licensed first",
"log": "123901290309083024802120939123901023091239",
"name": "PrerequisiteError"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
| 401 | Unauthorized | Authentication information missing or invalid | Inline |
| 403 | Forbidden | Request Forbidden - operation not allowed | Inline |
Response Schema
Status Code 200
BulkClientResetStatusResponse
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| response | object | false | - | - |
| resetting | [string] | false | - | Cient IPs being reset |
Status Code 403
Error
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| error | object | false | - | - |
| name | string | false | - | - |
| log | string | false | - | - |
| message | string | false | - | - |
Download clientpack by name
Code samples
# You can also use wget
curl -X GET -u api:myapipassword https://vns3-host:8000/api/clientpack/{clientpack_name} \
-H 'Accept: application/octet-stream'
from cohesivenet import VNS3Client
api_response = vns3_client.overlay_network.get_download_named_clientpack(clientpack_name)
print(api_response.file_download) # path to downloaded file
GET /clientpack/{clientpack_name}
Returns clientpack binary file. Clientpacks are files with the necessary information and credentials for an overlay client to be connected to the VNS3 topology
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| clientpack_name | path | string | true | name of clientpack |
Example responses
200 Response
"string"
Authentication information missing or invalid
{
"error": {
"name": "UnauthorizedError",
"log": "1563472268929826518356034508450851266833526",
"message": "Invalid or expired token"
}
}
403 Response
{
"response": {
"message": "Must be licensed first",
"log": "123901290309083024802120939123901023091239",
"name": "PrerequisiteError"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Clientpack file | string |
| 401 | Unauthorized | Authentication information missing or invalid | Inline |
| 403 | Forbidden | Request Forbidden - operation not allowed | Inline |
Response Schema
Status Code 403
Error
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| error | object | false | - | - |
| name | string | false | - | - |
| log | string | false | - | - |
| message | string | false | - | - |
Disconnect clientpack
Code samples
# You can also use wget
curl -X PUT -u api:myapipassword https://vns3-host:8000/api/clientpack/{clientpack_name} \
-H 'Content-Type: application/json' \
-H 'Accept: application/json'
from cohesivenet import VNS3Client
api_response = vns3_client.overlay_network.put_disconnect_clientpack(clientpack_name,
disconnect=disconnect)
print(api_response.json())
PUT /clientpack/{clientpack_name}
Force disconnect client for named clientpack
Body parameter
{
"disconnect": true
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| clientpack_name | path | string | true | name of clientpack |
| disconnect | body | boolean | true | - |
Example responses
200 Response
{
"response": {
"disconnecting": "string",
"overlay_ipaddress": "string"
}
}
400 Response
{
"error": {
"name": "APIArgumentError",
"log": "156383509848878372758564869593812797782733",
"message": "Overlay IP address 172.0.10.4 is not connected"
}
}
Authentication information missing or invalid
{
"error": {
"name": "UnauthorizedError",
"log": "1563472268929826518356034508450851266833526",
"message": "Invalid or expired token"
}
}
403 Response
{
"response": {
"message": "Keyset is missing",
"log": "123901290309083024802120939123901023091239",
"name": "PrerequisiteError"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
| 400 | Bad Request | Bad request | Inline |
| 401 | Unauthorized | Authentication information missing or invalid | Inline |
| 403 | Forbidden | Request Forbidden - operation not allowed | Inline |
Response Schema
Status Code 200
ClientpackStatusResponse
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| response | object | false | - | - |
| disconnecting | string | false | - | - |
| overlay_ipaddress | string | false | - | - |
Status Code 400
Error
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| error | object | false | - | - |
| name | string | false | - | - |
| log | string | false | - | - |
| message | string | false | - | - |
Status Code 403
Error
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| error | object | false | - | - |
| name | string | false | - | - |
| log | string | false | - | - |
| message | string | false | - | - |
Create clientpack tag
Code samples
# You can also use wget
curl -X POST -u api:myapipassword https://vns3-host:8000/api/clientpack/{clientpack_name} \
-H 'Content-Type: application/json' \
-H 'Accept: application/json'
from cohesivenet import VNS3Client
api_response = vns3_client.overlay_network.post_create_clientpack_tag(clientpack_name,
key=key,
value=value)
print(api_response.json())
POST /clientpack/{clientpack_name}
For tagging individual clientpacks.
Body parameter
{
"key": "string",
"value": "string"
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| clientpack_name | path | string | true | name of clientpack |
| key | body | string | true | Alphanumeric characters allowed in snake_case or kebab-case |
| value | body | string | true | - |
Example responses
200 Response
{
"response": {
"name": "string",
"tags": {
"property1": "string",
"property2": "string"
}
}
}
400 Response
{
"error": {
"name": "APIArgumentError",
"log": "156383509848878372758564869593812797782733",
"message": "bad tag key: badcharac!er!!"
}
}
Authentication information missing or invalid
{
"error": {
"name": "UnauthorizedError",
"log": "1563472268929826518356034508450851266833526",
"message": "Invalid or expired token"
}
}
403 Response
{
"response": {
"message": "Keyset is missing",
"log": "123901290309083024802120939123901023091239",
"name": "PrerequisiteError"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
| 400 | Bad Request | Bad request | Inline |
| 401 | Unauthorized | Authentication information missing or invalid | Inline |
| 403 | Forbidden | Request Forbidden - operation not allowed | Inline |
Response Schema
Status Code 200
ClientpackTagsResponse
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| response | object | false | - | - |
| name | string | false | - | Clientpack name |
| tags | object | false | - | - |
| additionalProperties | string | false | - | - |
Status Code 400
Error
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| error | object | false | - | - |
| name | string | false | - | - |
| log | string | false | - | - |
| message | string | false | - | - |
Status Code 403
Error
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| error | object | false | - | - |
| name | string | false | - | - |
| log | string | false | - | - |
| message | string | false | - | - |
Delete clientpack tag
Code samples
# You can also use wget
curl -X DELETE -u api:myapipassword https://vns3-host:8000/api/clientpack/{clientpack_name} \
-H 'Content-Type: application/json' \
-H 'Accept: application/json'
from cohesivenet import VNS3Client
api_response = vns3_client.overlay_network.delete_clientpack_tag(clientpack_name,
key=key)
print(api_response.json())
DELETE /clientpack/{clientpack_name}
For deleting individual clientpack tags
Body parameter
{
"key": "string"
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| clientpack_name | path | string | true | name of clientpack |
| key | body | string | true | - |
Example responses
200 Response
{
"response": {
"name": "string",
"tags": {
"property1": "string",
"property2": "string"
}
}
}
400 Response
{
"error": {
"name": "APIArgumentError",
"log": "156383509848878372758564869593812797782733",
"message": "Clientpack named '10_0_100_4' does not exist"
}
}
Authentication information missing or invalid
{
"error": {
"name": "UnauthorizedError",
"log": "1563472268929826518356034508450851266833526",
"message": "Invalid or expired token"
}
}
403 Response
{
"response": {
"message": "Keyset is missing",
"log": "123901290309083024802120939123901023091239",
"name": "PrerequisiteError"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
| 400 | Bad Request | Bad request | Inline |
| 401 | Unauthorized | Authentication information missing or invalid | Inline |
| 403 | Forbidden | Request Forbidden - operation not allowed | Inline |
Response Schema
Status Code 200
ClientpackTagsResponse
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| response | object | false | - | - |
| name | string | false | - | Clientpack name |
| tags | object | false | - | - |
| additionalProperties | string | false | - | - |
Status Code 400
Error
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| error | object | false | - | - |
| name | string | false | - | - |
| log | string | false | - | - |
| message | string | false | - | - |
Status Code 403
Error
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| error | object | false | - | - |
| name | string | false | - | - |
| log | string | false | - | - |
| message | string | false | - | - |
Peering
Manage VNS3 controller peering for mesh topologies
Get peering status
Code samples
# You can also use wget
curl -X GET -u api:myapipassword https://vns3-host:8000/api/peering \
-H 'Accept: application/json'
from cohesivenet import VNS3Client
api_response = vns3_client.peering.get_peering_status()
print(api_response.json())
GET /peering
Provides the status of whether a Controller is peered to other Controllers
Example responses
200 Response
{
"response": {
"id": 1,
"peered": true,
"managers": {
"property1": {
"id": 1,
"not_set": true,
"self": true,
"mtu": "string",
"reachable": true,
"address": "string",
"overlay_ipaddress": "string"
},
"property2": {
"id": 1,
"not_set": true,
"self": true,
"mtu": "string",
"reachable": true,
"address": "string",
"overlay_ipaddress": "string"
}
},
"controllers": {
"property1": {
"id": 1,
"not_set": true,
"self": true,
"mtu": "string",
"reachable": true,
"address": "string",
"overlay_ipaddress": "string"
},
"property2": {
"id": 1,
"not_set": true,
"self": true,
"mtu": "string",
"reachable": true,
"address": "string",
"overlay_ipaddress": "string"
}
}
}
}
Authentication information missing or invalid
{
"error": {
"name": "UnauthorizedError",
"log": "1563472268929826518356034508450851266833526",
"message": "Invalid or expired token"
}
}
403 Response
{
"unlicensedExample": {
"value": {
"error": {
"name": "PrerequisiteError",
"log": "1563472268929826518356034508450851266833526",
"message": "Must be licensed first."
}
}
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
| 401 | Unauthorized | Authentication information missing or invalid | Inline |
| 403 | Forbidden | Request Forbidden - operation not allowed | Inline |
Response Schema
Status Code 200
PeersDetailResponse
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| response | object | false | - | - |
| id | integer | false | - | - |
| peered | boolean | false | - | - |
| managers | object | false | - | - |
| VNS3ControllerPeer | object | false | - | - |
| id | integer | false | - | - |
| not_set | boolean | false | - | - |
| self | boolean | false | - | - |
| mtu | string | false | - | - |
| reachable | boolean | false | - | - |
| address | string | false | - | - |
| overlay_ipaddress | string | false | - | - |
| controllers | object | false | - | - |
| VNS3ControllerPeer | object | false | - | - |
| id | integer | false | - | - |
| not_set | boolean | false | - | - |
| self | boolean | false | - | - |
| mtu | string | false | - | - |
| reachable | boolean | false | - | - |
| address | string | false | - | - |
| overlay_ipaddress | string | false | - | - |
Set peering ID
Code samples
# You can also use wget
curl -X PUT -u api:myapipassword https://vns3-host:8000/api/peering/self \
-H 'Content-Type: application/json' \
-H 'Accept: application/json'
from cohesivenet import VNS3Client
api_response = vns3_client.peering.put_self_peering_id(
id=id,
force=force)
print(api_response.json())
PUT /peering/self
Sets the Controller ID of a controller so that it can be peered within a topology
Body parameter
{
"id": 0,
"force": true
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| id | body | integer | true | Cannot be the same as the id of another manager in the topology, and cannot be greater than the number of controllers in the topology |
| force | body | boolean | false | - |
Example responses
200 Response
{
"peered": true,
"id": 1,
"managers": {
"1": {
"overlay_ipaddress": "100.127.255.253",
"self": true
},
"2": {
"overlay_ipaddress": "100.127.255.252",
"not_set": true,
"id": 2
}
}
}
400 Response
{
"error": {
"name": "APIArgumentError",
"log": "1563565922480638538304998251646824695267891",
"message": "id is invalid"
}
}
Authentication information missing or invalid
{
"error": {
"name": "UnauthorizedError",
"log": "1563472268929826518356034508450851266833526",
"message": "Invalid or expired token"
}
}
403 Response
{
"unlicensedExample": {
"value": {
"error": {
"name": "PrerequisiteError",
"log": "1563472268929826518356034508450851266833526",
"message": "Must be licensed first."
}
}
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | Inline |
| 400 | Bad Request | Bad request | Inline |
| 401 | Unauthorized | Authentication information missing or invalid | Inline |
| 403 | Forbidden | Request Forbidden - operation not allowed | Inline |
Response Schema
Status Code 200
PeersDetailResponse
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| response | object | false | - | - |
| id | integer | false | - | - |
| peered | boolean | false | - | - |
| managers | object | false | - | - |
| VNS3ControllerPeer | object | false | - | - |
| id | integer | false | - | - |
| not_set | boolean | false | - | - |
| self | boolean | false | - | - |
| mtu | string | false | - | - |
| reachable | boolean | false | - | - |
| address | string | false | - | - |
| overlay_ipaddress | string | false | - | - |
| controllers | object | false | - | - |
| VNS3ControllerPeer | object | false | - | - |
| id | integer | false | - | - |
| not_set | boolean | false | - | - |
| self | boolean | false | - | - |
| mtu | string | false | - | - |
| reachable | boolean | false | - | - |
| address | string | false | - | - |
| overlay_ipaddress | string | false | - | - |
Status Code 400
Error
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| error | object | false | - | - |
| name | string | false | - | - |
| log | string | false | - | - |
| message | string | false | - | - |
Create peer
Code samples
# You can also use wget
curl -X POST -u api:myapipassword https://vns3-host:8000/api/peering/peers \
-H 'Content-Type: application/json' \
-H 'Accept: application/json'
from cohesivenet import VNS3Client
api_response = vns3_client.peering.post_create_peer(
id=id,
name=name,
overlay_mtu=overlay_mtu,
force=force)
print(api_response.json())
POST /peering/peers
Creates a peering relationship from a controller to another controller. The peering call is unidirectional. Reciprocal calls must be made to peer two controllers together and complete the peering process.
Body parameter
{
"id": 0,
"name": "string",
"overlay_mtu": "string",
"force": true
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| id | body | integer | true | Manager ID as an integer of the the manager you are peering with, NOT the id of the one you are calling from |
| name | body | string | true | IP address or host name of the one you are peering with. |
| overlay_mtu | body | string | false | link MTU between 500 and 4800. Defaults to 1500 |
| force | body | boolean | false | Setting false will NOT finalize the peering operation. A peer "reconfigure" call would then be required. Default is true |
Example responses
200 Response
{
"r