cURL Python

Introduction

The VNS3 API provides a programmable interface on top of your network edge. This allows you to automate your network infrastructure deployment and reactive behavior to real time events.

Getting started

The fastest way to get started is by launching a free version of VNS3 in your cloud of choice. (Trying to run programmable SDN appliance on prem? We can run anywhere - Get in touch at support@cohesive.net)

We have free versions as well as bring-your-own-license images ready for any and all environments:

SDKs and Clients

Currently we support a python SDK and ruby CLI.

We have a zero-dependency CLI in the roadmap!

Topology starters

We provide some topology starters to get going with fully automating the build of your network here. https://github.com/cohesive/vns3-infra-templates.git. We'll be continually updating and revising this, with user input.

Don't see your use case there? Looking to use cloudformation or Azure Resource Templates? Get in touch. We'd be happy to help you get going with your automation of choice.

Some cloud quickstarts:

# Spin up VNS3 controller mesh
module "vns3_mesh" {
  source              = "github.com/cohesive/vns3-infra-templates.git//modules/aws-vns3-public"
  topology_name       = "${var.topology_name}"
  vns3_version        = "${var.vns3_version}"       # searches for latest AMI of version
  vns3_license_type   = "byol"
  vns3_instance_type  = "${var.vns3_instance_type}"
  vns3_account_owner  = "${var.vns3_account_owner}"
  vpc_id              = "${module.aws_vpc.vpc_id}"
  vpc_route_table_id  = "${module.aws_vpc.route_table_id}"
  access_cidr         = "${var.access_cidr}"
  client_cidrs        = ["${var.client_cidrs}"]
  subnet_ids          = "${length(module.aws_vpc.subnet_ids) == 0 ? [] : slice(module.aws_vpc.subnet_ids, 0, var.vns3_instance_count)}"
  common_tags         = "${var.common_tags}"
}

VNS3 Controller API v4.9.2

Cohesive networks VNS3 provides complete control of your network's addressing, routes, rules and edge enabling a secure, connected and reactive cloud network.

Download spec

Base URLs:

Terms of service Email: Cohesive Networks Support team Web: Cohesive Networks Support team

Authentication

# Authenticate via cURL with user:password
curl -X GET -u api:myapipassword https://55.55.55.55:8000/api/config
from cohesivenet import VNS3Client, Configuration

vns3_client = VNS3Client(
    configuration=Configuration(
        host="55.55.55.55:8000",
        username="api",
        password="myapipassword",
        verify_ssl=False,   # if SSL Certs installed, set to True
    )
)

System Administration

Sysadmin functions for system status, device access and system actions

Get remote support

Code samples

# You can also use wget
curl -X GET -u api:myapipassword https://vns3-host:8000/api/remote_support \
  -H 'Accept: application/json'

from cohesivenet import VNS3Client

api_response = vns3_client.sys_admin.get_remote_support_details()

print(api_response.json())

GET /remote_support

Get remote support configuration details

Example responses

200 Response

{
  "enabled": true
}

Authentication information missing or invalid

{
  "error": {
    "name": "UnauthorizedError",
    "log": "1563472268929826518356034508450851266833526",
    "message": "Invalid or expired token"
  }
}

Responses

Status Meaning Description Schema
200 OK Accepted Inline
401 Unauthorized Authentication information missing or invalid Inline

Response Schema

Status Code 200

RemoteSupportConfigResponse

Name Type Required Constraints Description
  response object false - -
   enabled boolean false - -

Update remote support config

Code samples

# You can also use wget
curl -X PUT -u api:myapipassword https://vns3-host:8000/api/remote_support \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json'

from cohesivenet import VNS3Client

api_response = vns3_client.sys_admin.put_update_remote_support(
    enabled=enabled,
    revoke_credential=revoke_credential)

print(api_response.json())

PUT /remote_support

Enables and disables remote support. Revokes the validity of current remote support keypair

Body parameter

{
  "enabled": true,
  "revoke_credential": true
}

Parameters

Name In Type Required Description
enabled body boolean false True if remote support should be enabled
revoke_credential body boolean false True if remote support credential should be revoked

Example responses

200 Response

{
  "enabled": true,
  "revoke_credential": false
}

400 Response

{
  "error": {
    "name": "APIArgumentError",
    "log": "156347731532179638778333642624237974834407",
    "message": "enabled is invalid"
  }
}

Authentication information missing or invalid

{
  "error": {
    "name": "UnauthorizedError",
    "log": "1563472268929826518356034508450851266833526",
    "message": "Invalid or expired token"
  }
}

Responses

Status Meaning Description Schema
200 OK Accepted Inline
400 Bad Request Bad request Inline
401 Unauthorized Authentication information missing or invalid Inline

Response Schema

Status Code 200

RemoteSupportStatusResponse

Name Type Required Constraints Description
  response object false - -
   enabled boolean false - -
   revoke_credential boolean false - -

Status Code 400

Error

Name Type Required Constraints Description
  error object false - -
   name string false - -
   log string false - -
   message string false - -

Generate support keypair

Code samples

# You can also use wget
curl -X POST -u api:myapipassword https://vns3-host:8000/api/remote_support/keypair \
  -H 'Content-Type: text/plain' \
  -H 'Accept: application/octet-stream'

from cohesivenet import VNS3Client

api_response = vns3_client.sys_admin.post_generate_support_keypair()

print(api_response.file_download)   # path to downloaded file

POST /remote_support/keypair

Generating a remote support key which can be shared with Cohesive to provide access to the internal of the VNS3 Manager remotely as a "one time key". Once Cohesive has used the key it can be revoked and access terminated.

Body parameter

string

Example responses

201 Response

"string"

400 Response

{
  "error": {
    "name": "APIArgumentError",
    "log": "156347797058992573673734848595852371200179",
    "message": "Bad encrypted passphrase"
  }
}

Authentication information missing or invalid

{
  "error": {
    "name": "UnauthorizedError",
    "log": "1563472268929826518356034508450851266833526",
    "message": "Invalid or expired token"
  }
}

Responses

Status Meaning Description Schema
201 Created SSH key .pem file string
400 Bad Request Bad request Inline
401 Unauthorized Authentication information missing or invalid Inline

Response Schema

Status Code 400

Error

Name Type Required Constraints Description
  error object false - -
   name string false - -
   log string false - -
   message string false - -

Get cloud details

Code samples

# You can also use wget
curl -X GET -u api:myapipassword https://vns3-host:8000/api/cloud_data \
  -H 'Accept: application/json'

from cohesivenet import VNS3Client

api_response = vns3_client.sys_admin.get_cloud_data()

print(api_response.json())

GET /cloud_data

Returns cloud-specific data depending upon cloud type. Supports EC2 and GCE. More clouds coming soon.

Example responses

200 Response

{
  "response": {
    "cloud_type": "ec2",
    "cloud_data": {
      "accountId": "10801293012",
      "availabilityZone": "us-east-1a",
      "ramdiskId": null,
      "kernelId": null,
      "pendingTime": "2019-07-19T21:45:07Z",
      "architecture": "x86_64",
      "privateIp": "192.168.1.211",
      "devpayProductCodes": null,
      "marketplaceProductCodes": null,
      "version": "2017-09-30",
      "region": "us-east-1",
      "imageId": "ami-8400209011nsd0111",
      "billingProducts": null,
      "instanceId": "i-123123asdf0t41211",
      "instanceType": "t2.micro"
    }
  }
}

Authentication information missing or invalid

{
  "error": {
    "name": "UnauthorizedError",
    "log": "1563472268929826518356034508450851266833526",
    "message": "Invalid or expired token"
  }
}

Responses

Status Meaning Description Schema
200 OK OK Inline
401 Unauthorized Authentication information missing or invalid Inline

Response Schema

Status Code 200

CloudInfoDetail

Name Type Required Constraints Description
  response object false - -
   cloud_type string false - ec2, gce, azure, hpcloud, centurylink
   cloud_data any false - -

oneOf

Name Type Required Constraints Description
    any object false - Metadata returned from AWS instance metadata call.
     accountId string false - -
     availabilityZone string false - -
     ramdiskId string¦null false - -
     kernelId string¦null false - -
     pendingTime string false - -
     architecture string false - -
     privateIp string false - -
     devpayProductCodes string¦null false - -
     marketplaceProductCodes string¦null false - -
     version string false - -
     region string false - -
     imageId string false - -
     billingProducts string¦null false - -
     instanceId string false - -
     instanceType string false - -

xor

Name Type Required Constraints Description
    any object false - Metadata returned from GCE metadata call.
     projectId string false - -

Take server action

Code samples

# You can also use wget
curl -X PUT -u api:myapipassword https://vns3-host:8000/api/server \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json'

from cohesivenet import VNS3Client

api_response = vns3_client.sys_admin.put_server_action(
    reboot=reboot)

print(api_response.json())

PUT /server

Server action for VNS3 controller. Currently only reboot supported.

Body parameter

{
  "reboot": true
}

Parameters

Name In Type Required Description
reboot body boolean false -

Example responses

200 Response

{
  "response": {
    "status": "rebooting"
  }
}

400 Response

{
  "error": {
    "name": "APIArgumentError",
    "log": "156348220177382578437853325229350053485636",
    "message": "Nothing to do"
  }
}

Authentication information missing or invalid

{
  "error": {
    "name": "UnauthorizedError",
    "log": "1563472268929826518356034508450851266833526",
    "message": "Invalid or expired token"
  }
}

Responses

Status Meaning Description Schema
200 OK Accepted Inline
400 Bad Request Bad request Inline
401 Unauthorized Authentication information missing or invalid Inline

Response Schema

Status Code 200

SimpleStatusResponse

Name Type Required Constraints Description
  response object false - -
   status string false - -

Status Code 400

Error

Name Type Required Constraints Description
  error object false - -
   name string false - -
   log string false - -
   message string false - -

Get runtime status

Code samples

# You can also use wget
curl -X GET -u api:myapipassword https://vns3-host:8000/api/status \
  -H 'Accept: application/json'

from cohesivenet import VNS3Client

api_response = vns3_client.sys_admin.get_runtime_status()

print(api_response.json())

GET /status

Describe Runtime status details

Example responses

200 Response

{
  "response": {
    "connected_clients": {
      "property1": {
        "managerid": 1,
        "overlay_ipaddress": "string",
        "ipaddress": "string",
        "tags": {
          "property1": "string",
          "property2": "string"
        }
      },
      "property2": {
        "managerid": 1,
        "overlay_ipaddress": "string",
        "ipaddress": "string",
        "tags": {
          "property1": "string",
          "property2": "string"
        }
      }
    },
    "connected_subnets": [
      [
        "string"
      ]
    ],
    "ipsec": {
      "property1": {
        "id": 1,
        "local_subnet": "string",
        "remote_subnet": "string",
        "endpointid": 1,
        "endpoint_id": 1,
        "endpoint_name": "string",
        "enabled": true,
        "active": true,
        "description": "string",
        "bounce": true,
        "connected": true,
        "ping_interface": "eth0",
        "ping_interval": 0,
        "ping_ipaddress": "string",
        "tunnel_params": {
          "phase2": "string",
          "outbound_spi": "string",
          "inbound_spi": "string",
          "bytes_in": "string",
          "bytes_out": "string",
          "esp_time_remaining": "string",
          "esp_port": "string",
          "phase2_algo": "string",
          "phase2_hash": "string",
          "nat_t": "string",
          "dpd": "string",
          "pfs_dh_group": 0,
          "phase1": "string",
          "isakmp_port": "string",
          "isakmp_time_remaining": "string",
          "last_dpd": "string",
          "phase1_cipher": "string",
          "phase1_prf": "string",
          "phase1_dh_group": 0,
          "ike_version": "string"
        }
      },
      "property2": {
        "id": 1,
        "local_subnet": "string",
        "remote_subnet": "string",
        "endpointid": 1,
        "endpoint_id": 1,
        "endpoint_name": "string",
        "enabled": true,
        "active": true,
        "description": "string",
        "bounce": true,
        "connected": true,
        "ping_interface": "eth0",
        "ping_interval": 0,
        "ping_ipaddress": "string",
        "tunnel_params": {
          "phase2": "string",
          "outbound_spi": "string",
          "inbound_spi": "string",
          "bytes_in": "string",
          "bytes_out": "string",
          "esp_time_remaining": "string",
          "esp_port": "string",
          "phase2_algo": "string",
          "phase2_hash": "string",
          "nat_t": "string",
          "dpd": "string",
          "pfs_dh_group": 0,
          "phase1": "string",
          "isakmp_port": "string",
          "isakmp_time_remaining": "string",
          "last_dpd": "string",
          "phase1_cipher": "string",
          "phase1_prf": "string",
          "phase1_dh_group": 0,
          "ike_version": "string"
        }
      }
    }
  }
}

Authentication information missing or invalid

{
  "error": {
    "name": "UnauthorizedError",
    "log": "1563472268929826518356034508450851266833526",
    "message": "Invalid or expired token"
  }
}

403 Response

{
  "unlicensedExample": {
    "value": {
      "error": {
        "name": "PrerequisiteError",
        "log": "1563472268929826518356034508450851266833526",
        "message": "Must be licensed first."
      }
    }
  }
}

Responses

Status Meaning Description Schema
200 OK OK Inline
401 Unauthorized Authentication information missing or invalid Inline
403 Forbidden Request Forbidden - operation not allowed Inline

Response Schema

Status Code 200

RuntimeStatusDetail

Name Type Required Constraints Description
  response object false - -
   connected_clients object false - clients keyed by ip address
    OverlayClient object false - -
     managerid integer false - -
     overlay_ipaddress string false - -
     ipaddress string false - -
     tags object false - Key, value object of tags
      additionalProperties string false - -
   connected_subnets [array] false - Array of arrays with each element of length 2 representing [network, subnet mask]
   ipsec object false - IPSEC tunnels keyed by tunnel ID
    IpsecTunnel object false - -
     id integer false - -
     local_subnet string false - -
     remote_subnet string false - -
     endpointid integer false - -
     endpoint_id integer false - -
     endpoint_name string false - -
     enabled boolean false - -
     active boolean false - -
     description string¦null false - -
     bounce boolean false - True if tunnel was just bounced
     connected boolean false - -
     ping_interface string false - -
     ping_interval integer¦null false - Interval for ping in seconds
     ping_ipaddress string false - -
     tunnel_params object false - -
      phase2 string false - -
      outbound_spi string false - -
      inbound_spi string false - -
      bytes_in string false - -
      bytes_out string false - -
      esp_time_remaining string false - -
      esp_port string false - -
      phase2_algo string false - -
      phase2_hash string false - -
      nat_t string false - -
      dpd string false - -
      pfs_dh_group integer¦null false - -
      phase1 string false - -
      isakmp_port string false - -
      isakmp_time_remaining string false - -
      last_dpd string false - -
      phase1_cipher string¦null false - -
      phase1_prf string¦null false - -
      phase1_dh_group integer¦null false - -
      ike_version string false - -

Enumerated Values

Property Value
ping_interface eth0
ping_interface tun0

Get system status

Code samples

# You can also use wget
curl -X GET -u api:myapipassword https://vns3-host:8000/api/status/system \
  -H 'Accept: application/json'

from cohesivenet import VNS3Client

api_response = vns3_client.sys_admin.get_system_status(
    timestamp=timestamp)

print(api_response.json())

GET /status/system

Provides information about the underlying appliance; memory, cpu, disk space, etc.

Parameters

Name In Type Required Description
timestamp query integer false Unix timestamp

Example responses

200 Response

{
  "response": {
    "timestamp": "string",
    "timestamp_i": 0,
    "vns3_version": "string",
    "kernel_version": "string",
    "uptime": 0,
    "loadavg": [
      "string"
    ],
    "diskinfo": [
      [
        "string"
      ]
    ],
    "meminfo": [
      "string"
    ],
    "swapinfo": [
      "string"
    ],
    "container_system": {
      "container_system_running": true,
      "images_limit": 0,
      "images_stored": 0,
      "containers_limit": 0,
      "containers_active": 0,
      "container_network": "string"
    },
    "data": {
      "sysstat": [
        [
          "vnscubed",
          "597",
          "1564089901",
          "all",
          "%user",
          "2.91"
        ],
        [
          "vnscubed",
          "597",
          "1564089901",
          "all",
          "%nice",
          "0.02"
        ],
        [
          "vnscubed",
          "597",
          "1564089901",
          "all",
          "%system",
          "1.49"
        ],
        [
          "vnscubed",
          "597",
          "1564089901",
          "all",
          "%iowait",
          "0.51"
        ],
        [
          "vnscubed",
          "597",
          "1564089901",
          "all",
          "%steal",
          "0.01"
        ]
      ]
    }
  }
}

Authentication information missing or invalid

{
  "error": {
    "name": "UnauthorizedError",
    "log": "1563472268929826518356034508450851266833526",
    "message": "Invalid or expired token"
  }
}

403 Response

{
  "unlicensedExample": {
    "value": {
      "error": {
        "name": "PrerequisiteError",
        "log": "1563472268929826518356034508450851266833526",
        "message": "Must be licensed first."
      }
    }
  }
}

Responses

Status Meaning Description Schema
200 OK OK Inline
401 Unauthorized Authentication information missing or invalid Inline
403 Forbidden Request Forbidden - operation not allowed Inline

Response Schema

Status Code 200

SystemStatusDetail

Name Type Required Constraints Description
  response object false - -
   timestamp string false - -
   timestamp_i integer false - -
   vns3_version string false - -
   kernel_version string false - -
   uptime integer false - -
   loadavg [string] false - -
   diskinfo [array] false - -
   meminfo [string] false - -
   swapinfo [string] false - -
   container_system object false - -
    container_system_running boolean false - -
    images_limit integer false - -
    images_stored integer false - -
    containers_limit integer false - -
    containers_active integer false - -
    container_network string false - -
   data object false - -
    sysstat [array] false - -

Get task status

Code samples

# You can also use wget
curl -X GET -u api:myapipassword https://vns3-host:8000/api/status/task \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json'

from cohesivenet import VNS3Client

api_response = vns3_client.sys_admin.get_task_status(
    token=token)

print(api_response.json())

GET /status/task

Describe task status details

Body parameter

{
  "token": "string"
}

Parameters

Name In Type Required Description
token body string false -

Example responses

200 Response

{
  "response": {
    "task_status": "string"
  }
}

400 Response

{
  "error": {
    "name": "APIArgumentError",
    "log": "1564152929359289894296619951832390615371038",
    "message": "token is missing"
  }
}

Authentication information missing or invalid

{
  "error": {
    "name": "UnauthorizedError",
    "log": "1563472268929826518356034508450851266833526",
    "message": "Invalid or expired token"
  }
}

403 Response

{
  "unlicensedExample": {
    "value": {
      "error": {
        "name": "PrerequisiteError",
        "log": "1563472268929826518356034508450851266833526",
        "message": "Must be licensed first."
      }
    }
  }
}

Responses

Status Meaning Description Schema
200 OK OK Inline
400 Bad Request Bad request Inline
401 Unauthorized Authentication information missing or invalid Inline
403 Forbidden Request Forbidden - operation not allowed Inline

Response Schema

Status Code 200

TaskStatusDetail

Name Type Required Constraints Description
  response object false - -
   task_status string false - -

Status Code 400

Error

Name Type Required Constraints Description
  error object false - -
   name string false - -
   log string false - -
   message string false - -

Access

Manage access to VNS3 with API tokens and admin access URLs

Get API access tokens

Code samples

# You can also use wget
curl -X GET -u api:myapipassword https://vns3-host:8000/api/access/tokens \
  -H 'Accept: application/json'

from cohesivenet import VNS3Client

api_response = vns3_client.access.get_api_tokens()

print(api_response.json())

GET /access/tokens

Retrieve list of api tokens

Example responses

200 Response

{
  "response": [
    {
      "id": 1,
      "created_at": "2021-03-25T22:59:08Z",
      "token": "string",
      "created_ip": "string",
      "description": "string",
      "expires_at": "2021-03-25T22:59:08Z",
      "lifetime": "string",
      "refreshes": true,
      "expired": true,
      "last_accessed_at": "string",
      "last_accessed_ip": "string"
    }
  ]
}

Authentication information missing or invalid

{
  "error": {
    "name": "UnauthorizedError",
    "log": "1563472268929826518356034508450851266833526",
    "message": "Invalid or expired token"
  }
}

Responses

Status Meaning Description Schema
200 OK OK Inline
401 Unauthorized Authentication information missing or invalid Inline

Response Schema

Status Code 200

AccessTokenListResponse

Name Type Required Constraints Description
  response [object] false - -
   AccessToken object false - -
    id integer false - -
    created_at string(date-time) false - -
    token string false - -
    created_ip string false - -
    description string false - -
    expires_at string(date-time) false - -
    lifetime string false - -
    refreshes boolean false - -
    expired boolean false - -
    last_accessed_at string¦null false - -
    last_accessed_ip string¦null false - -

Create API token

Code samples

# You can also use wget
curl -X POST -u api:myapipassword https://vns3-host:8000/api/access/token \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json'

from cohesivenet import VNS3Client

api_response = vns3_client.access.create_api_token(
    expires=expires,
    token_name=token_name,
    refreshes=refreshes)

print(api_response.json())

POST /access/token

Create api token

Body parameter

{
  "expires": 3600,
  "token_name": "string",
  "refreshes": true
}

Parameters

Name In Type Required Description
expires body integer false Number of seconds before expiration
token_name body string false Optional description of token
refreshes body boolean false Token lifetime refreshes when used

Example responses

201 Response

{
  "response": {
    "id": 1,
    "created_at": "2021-03-25T22:59:08Z",
    "token": "string",
    "created_ip": "string",
    "description": "string",
    "expires_at": "2021-03-25T22:59:08Z",
    "lifetime": "string",
    "refreshes": true,
    "expired": true,
    "last_accessed_at": "string",
    "last_accessed_ip": "string"
  }
}

400 Response

{
  "error": {
    "name": "APIArgumentError",
    "log": "156347797058992573673734848595852371200179",
    "message": "expires range must be between 60 and 31,536,000"
  }
}

Authentication information missing or invalid

{
  "error": {
    "name": "UnauthorizedError",
    "log": "1563472268929826518356034508450851266833526",
    "message": "Invalid or expired token"
  }
}

Responses

Status Meaning Description Schema
201 Created Created Inline
400 Bad Request Bad request Inline
401 Unauthorized Authentication information missing or invalid Inline

Response Schema

Status Code 201

AccessTokenDetail

Name Type Required Constraints Description
  response object false - -
   id integer false - -
   created_at string(date-time) false - -
   token string false - -
   created_ip string false - -
   description string false - -
   expires_at string(date-time) false - -
   lifetime string false - -
   refreshes boolean false - -
   expired boolean false - -
   last_accessed_at string¦null false - -
   last_accessed_ip string¦null false - -

Status Code 400

Error

Name Type Required Constraints Description
  error object false - -
   name string false - -
   log string false - -
   message string false - -

Get API access token

Code samples

# You can also use wget
curl -X GET -u api:myapipassword https://vns3-host:8000/api/access/token/{token_id} \
  -H 'Accept: application/json'

from cohesivenet import VNS3Client

api_response = vns3_client.access.get_api_token(token_id)

print(api_response.json())

GET /access/token/{token_id}

Retrieve details for specific access token (including expired ones)

Parameters

Name In Type Required Description
token_id path integer true Token ID

Example responses

200 Response

{
  "response": {
    "id": 1,
    "created_at": "2021-03-25T22:59:08Z",
    "token": "string",
    "created_ip": "string",
    "description": "string",
    "expires_at": "2021-03-25T22:59:08Z",
    "lifetime": "string",
    "refreshes": true,
    "expired": true,
    "last_accessed_at": "string",
    "last_accessed_ip": "string"
  }
}

Authentication information missing or invalid

{
  "error": {
    "name": "UnauthorizedError",
    "log": "1563472268929826518356034508450851266833526",
    "message": "Invalid or expired token"
  }
}

404 Response

{
  "error": {
    "name": "APINotFoundError",
    "log": "15640808375976073208002188741879242245537",
    "message": "Requested api token does not exist"
  }
}

Responses

Status Meaning Description Schema
200 OK OK Inline
401 Unauthorized Authentication information missing or invalid Inline
404 Not Found Not found Inline

Response Schema

Status Code 200

AccessTokenDetail

Name Type Required Constraints Description
  response object false - -
   id integer false - -
   created_at string(date-time) false - -
   token string false - -
   created_ip string false - -
   description string false - -
   expires_at string(date-time) false - -
   lifetime string false - -
   refreshes boolean false - -
   expired boolean false - -
   last_accessed_at string¦null false - -
   last_accessed_ip string¦null false - -

Status Code 404

Error

Name Type Required Constraints Description
  error object false - -
   name string false - -
   log string false - -
   message string false - -

Expire API token

Code samples

# You can also use wget
curl -X PUT -u api:myapipassword https://vns3-host:8000/api/access/token/{token_id} \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json'

from cohesivenet import VNS3Client

api_response = vns3_client.access.put_expire_api_token(token_id,
    expired=expired)

print(api_response.json())

PUT /access/token/{token_id}

Expire API token

Body parameter

{
  "expired": true
}

Parameters

Name In Type Required Description
token_id path integer true Token ID
expired body boolean false -

Example responses

200 Response

{
  "response": {
    "id": 1,
    "created_at": "2021-03-25T22:59:08Z",
    "token": "string",
    "created_ip": "string",
    "description": "string",
    "expires_at": "2021-03-25T22:59:08Z",
    "lifetime": "string",
    "refreshes": true,
    "expired": true,
    "last_accessed_at": "string",
    "last_accessed_ip": "string"
  }
}

Authentication information missing or invalid

{
  "error": {
    "name": "UnauthorizedError",
    "log": "1563472268929826518356034508450851266833526",
    "message": "Invalid or expired token"
  }
}

404 Response

{
  "error": {
    "name": "APINotFoundError",
    "log": "15640808375976073208002188741879242245537",
    "message": "Requested api token does not exist"
  }
}

Responses

Status Meaning Description Schema
200 OK OK Inline
401 Unauthorized Authentication information missing or invalid Inline
404 Not Found Not found Inline

Response Schema

Status Code 200

AccessTokenDetail

Name Type Required Constraints Description
  response object false - -
   id integer false - -
   created_at string(date-time) false - -
   token string false - -
   created_ip string false - -
   description string false - -
   expires_at string(date-time) false - -
   lifetime string false - -
   refreshes boolean false - -
   expired boolean false - -
   last_accessed_at string¦null false - -
   last_accessed_ip string¦null false - -

Status Code 404

Error

Name Type Required Constraints Description
  error object false - -
   name string false - -
   log string false - -
   message string false - -

Delete API token

Code samples

# You can also use wget
curl -X DELETE -u api:myapipassword https://vns3-host:8000/api/access/token/{token_id} \
  -H 'Accept: application/json'

from cohesivenet import VNS3Client

api_response = vns3_client.access.delete_api_token(token_id)

print(api_response.json())

DELETE /access/token/{token_id}

Delete API token by ID

Parameters

Name In Type Required Description
token_id path integer true Token ID

Example responses

200 Response

{
  "response": "Token deleted"
}

Authentication information missing or invalid

{
  "error": {
    "name": "UnauthorizedError",
    "log": "1563472268929826518356034508450851266833526",
    "message": "Invalid or expired token"
  }
}

404 Response

{
  "error": {
    "name": "APINotFoundError",
    "log": "15640808375976073208002188741879242245537",
    "message": "Requested api token does not exist"
  }
}

Responses

Status Meaning Description Schema
200 OK OK Inline
401 Unauthorized Authentication information missing or invalid Inline
404 Not Found Not found Inline

Response Schema

Status Code 200

SimpleStringResponse

Name Type Required Constraints Description
  response string false - -

Status Code 404

Error

Name Type Required Constraints Description
  error object false - -
   name string false - -
   log string false - -
   message string false - -

Get access URLs

Code samples

# You can also use wget
curl -X GET -u api:myapipassword https://vns3-host:8000/api/access/urls \
  -H 'Accept: application/json'

from cohesivenet import VNS3Client

api_response = vns3_client.access.get_access_urls()

print(api_response.json())

GET /access/urls

Retrieve list of users' access urls, including expired ones

Example responses

200 Response

{
  "response": [
    {
      "id": 1,
      "url": "string",
      "created_at": "2021-03-25T22:59:08Z",
      "created_ip": "string",
      "description": "string",
      "expires_at": "2021-03-25T22:59:08Z",
      "lifetime": "string",
      "expired": true,
      "last_accessed_at": "string",
      "last_accessed_ip": "string"
    }
  ]
}

Authentication information missing or invalid

{
  "error": {
    "name": "UnauthorizedError",
    "log": "1563472268929826518356034508450851266833526",
    "message": "Invalid or expired token"
  }
}

Responses

Status Meaning Description Schema
200 OK OK Inline
401 Unauthorized Authentication information missing or invalid Inline

Response Schema

Status Code 200

AccessUrlListResponse

Name Type Required Constraints Description
  response [object] false - -
   AccessUrl object false - -
    id integer false - -
    url string false - -
    created_at string(date-time) false - -
    created_ip string false - -
    description string false - -
    expires_at string(date-time) false - -
    lifetime string false - -
    expired boolean false - -
    last_accessed_at string¦null false - -
    last_accessed_ip string¦null false - -

Create access URL

Code samples

# You can also use wget
curl -X POST -u api:myapipassword https://vns3-host:8000/api/access/url \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json'

from cohesivenet import VNS3Client

api_response = vns3_client.access.create_access_url(
    expires=expires,
    description=description)

print(api_response.json())

POST /access/url

Create access URL

Body parameter

{
  "expires": 3600,
  "description": "string"
}

Parameters

Name In Type Required Description
expires body integer false Number of seconds before expiration
description body string false -

Example responses

201 Response

{
  "response": {
    "id": 1,
    "url": "string",
    "created_at": "2021-03-25T22:59:08Z",
    "created_ip": "string",
    "description": "string",
    "expires_at": "2021-03-25T22:59:08Z",
    "lifetime": "string",
    "expired": true,
    "last_accessed_at": "string",
    "last_accessed_ip": "string"
  }
}

400 Response

{
  "error": {
    "name": "APIArgumentError",
    "log": "156347797058992573673734848595852371200179",
    "message": "expires range must be between 60 and 259200"
  }
}

Authentication information missing or invalid

{
  "error": {
    "name": "UnauthorizedError",
    "log": "1563472268929826518356034508450851266833526",
    "message": "Invalid or expired token"
  }
}

Responses

Status Meaning Description Schema
201 Created Created Inline
400 Bad Request Bad request Inline
401 Unauthorized Authentication information missing or invalid Inline

Response Schema

Status Code 201

AccessUrlDetail

Name Type Required Constraints Description
  response object false - -
   id integer false - -
   url string false - -
   created_at string(date-time) false - -
   created_ip string false - -
   description string false - -
   expires_at string(date-time) false - -
   lifetime string false - -
   expired boolean false - -
   last_accessed_at string¦null false - -
   last_accessed_ip string¦null false - -

Status Code 400

Error

Name Type Required Constraints Description
  error object false - -
   name string false - -
   log string false - -
   message string false - -

Find and delete access URL

Code samples

# You can also use wget
curl -X DELETE -u api:myapipassword https://vns3-host:8000/api/access/url \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json'

from cohesivenet import VNS3Client

api_response = vns3_client.access.delete_access_url_by_search(
    access_url_id=access_url_id)

print(api_response.json())

DELETE /access/url

Delete access URL by ID or URL

Body parameter

{
    "access_url_id": 1,
    "access_url": "string"
}

Parameters

Name In Type Required Description
access_url_id body integer false ID of access URL
access_url body string false -

One of the following param combinations are required:

Example responses

200 Response

{
  "response": "Access url deleted"
}

Authentication information missing or invalid

{
  "error": {
    "name": "UnauthorizedError",
    "log": "1563472268929826518356034508450851266833526",
    "message": "Invalid or expired token"
  }
}

404 Response

{
  "error": {
    "name": "APINotFoundError",
    "log": "15640808375976073208002188741879242245537",
    "message": "Invalid or missing access url"
  }
}

Responses

Status Meaning Description Schema
200 OK OK Inline
401 Unauthorized Authentication information missing or invalid Inline
404 Not Found Not found Inline

Response Schema

Status Code 200

SimpleStringResponse

Name Type Required Constraints Description
  response string false - -

Status Code 404

Error

Name Type Required Constraints Description
  error object false - -
   name string false - -
   log string false - -
   message string false - -

Get access URL

Code samples

# You can also use wget
curl -X GET -u api:myapipassword https://vns3-host:8000/api/access/url/{access_url_id} \
  -H 'Accept: application/json'

from cohesivenet import VNS3Client

api_response = vns3_client.access.get_access_url(access_url_id)

print(api_response.json())

GET /access/url/{access_url_id}

Retrieve details for specific access url (including expired ones)

Parameters

Name In Type Required Description
access_url_id path integer true Access URL ID

Example responses

200 Response

{
  "response": {
    "id": 1,
    "url": "string",
    "created_at": "2021-03-25T22:59:08Z",
    "created_ip": "string",
    "description": "string",
    "expires_at": "2021-03-25T22:59:08Z",
    "lifetime": "string",
    "expired": true,
    "last_accessed_at": "string",
    "last_accessed_ip": "string"
  }
}

Authentication information missing or invalid

{
  "error": {
    "name": "UnauthorizedError",
    "log": "1563472268929826518356034508450851266833526",
    "message": "Invalid or expired token"
  }
}

404 Response

{
  "error": {
    "name": "APINotFoundError",
    "log": "15640808375976073208002188741879242245537",
    "message": "Invalid or missing access url"
  }
}

Responses

Status Meaning Description Schema
200 OK OK Inline
401 Unauthorized Authentication information missing or invalid Inline
404 Not Found Not found Inline

Response Schema

Status Code 200

AccessUrlDetail

Name Type Required Constraints Description
  response object false - -
   id integer false - -
   url string false - -
   created_at string(date-time) false - -
   created_ip string false - -
   description string false - -
   expires_at string(date-time) false - -
   lifetime string false - -
   expired boolean false - -
   last_accessed_at string¦null false - -
   last_accessed_ip string¦null false - -

Status Code 404

Error

Name Type Required Constraints Description
  error object false - -
   name string false - -
   log string false - -
   message string false - -

Expire access URL

Code samples

# You can also use wget
curl -X PUT -u api:myapipassword https://vns3-host:8000/api/access/url/{access_url_id} \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json'

from cohesivenet import VNS3Client

api_response = vns3_client.access.put_expire_access_url(access_url_id,
    expired=expired)

print(api_response.json())

PUT /access/url/{access_url_id}

Expire access URL

Body parameter

{
  "expired": true
}

Parameters

Name In Type Required Description
access_url_id path integer true Access URL ID
expired body boolean false -

Example responses

200 Response

{
  "response": {
    "id": 1,
    "url": "string",
    "created_at": "2021-03-25T22:59:08Z",
    "created_ip": "string",
    "description": "string",
    "expires_at": "2021-03-25T22:59:08Z",
    "lifetime": "string",
    "expired": true,
    "last_accessed_at": "string",
    "last_accessed_ip": "string"
  }
}

Authentication information missing or invalid

{
  "error": {
    "name": "UnauthorizedError",
    "log": "1563472268929826518356034508450851266833526",
    "message": "Invalid or expired token"
  }
}

404 Response

{
  "error": {
    "name": "APINotFoundError",
    "log": "15640808375976073208002188741879242245537",
    "message": "Invalid or missing access url"
  }
}

Responses

Status Meaning Description Schema
200 OK OK Inline
401 Unauthorized Authentication information missing or invalid Inline
404 Not Found Not found Inline

Response Schema

Status Code 200

AccessUrlDetail

Name Type Required Constraints Description
  response object false - -
   id integer false - -
   url string false - -
   created_at string(date-time) false - -
   created_ip string false - -
   description string false - -
   expires_at string(date-time) false - -
   lifetime string false - -
   expired boolean false - -
   last_accessed_at string¦null false - -
   last_accessed_ip string¦null false - -

Status Code 404

Error

Name Type Required Constraints Description
  error object false - -
   name string false - -
   log string false - -
   message string false - -

Delete access URL

Code samples

# You can also use wget
curl -X DELETE -u api:myapipassword https://vns3-host:8000/api/access/url/{access_url_id} \
  -H 'Accept: application/json'

from cohesivenet import VNS3Client

api_response = vns3_client.access.delete_access_url(access_url_id)

print(api_response.json())

DELETE /access/url/{access_url_id}

Delete access URL by ID

Parameters

Name In Type Required Description
access_url_id path integer true Access URL ID

Example responses

200 Response

{
  "response": "Access url deleted"
}

Authentication information missing or invalid

{
  "error": {
    "name": "UnauthorizedError",
    "log": "1563472268929826518356034508450851266833526",
    "message": "Invalid or expired token"
  }
}

404 Response

{
  "error": {
    "name": "APINotFoundError",
    "log": "15640808375976073208002188741879242245537",
    "message": "Invalid or missing access url"
  }
}

Responses

Status Meaning Description Schema
200 OK OK Inline
401 Unauthorized Authentication information missing or invalid Inline
404 Not Found Not found Inline

Response Schema

Status Code 200

SimpleStringResponse

Name Type Required Constraints Description
  response string false - -

Status Code 404

Error

Name Type Required Constraints Description
  error object false - -
   name string false - -
   log string false - -
   message string false - -

Put LDAP settings

Code samples

# You can also use wget
curl -X PUT -u api:myapipassword https://vns3-host:8000/api/settings/ldap \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json'

from cohesivenet import VNS3Client

api_response = vns3_client.access.put_ldap_settings(
    host=host,
    port=port,
    encrypt=encrypt,
    encrypt_ldaps=encrypt_ldaps,
    encrypt_auth=encrypt_auth,
    encrypt_verify_ca=encrypt_verify_ca,
    binddn=binddn,
    bindpw=bindpw)

print(api_response.json())

PUT /settings/ldap

Put LDAP settings

Body parameter

{
  "host": "string",
  "port": 0,
  "encrypt": true,
  "encrypt_ldaps": true,
  "encrypt_auth": true,
  "encrypt_verify_ca": true,
  "binddn": "string",
  "bindpw": "string"
}

Parameters

Name In Type Required Description
host body string true IP address or resolvable hostname
port body integer false -
encrypt body boolean false Use SSL
encrypt_ldaps body boolean false Use LDAPS or start TLS (default)?
encrypt_auth body boolean false Use certificates to authenticate via encrypted connection
encrypt_verify_ca body boolean false Verify certicate using authority
binddn body string false Bind Username
bindpw body string false Bind Password

Example responses

200 Response

{
  "response": {
    "host": "string",
    "port": 0,
    "encrypt": true,
    "encrypt_ldaps": true,
    "encrypt_auth": true,
    "encrypt_auth_key": true,
    "encrypt_auth_cert": true,
    "encrypt_verify_ca": true,
    "encrypt_ca_cert": true,
    "binddn": "string"
  }
}

Authentication information missing or invalid

{
  "error": {
    "name": "UnauthorizedError",
    "log": "1563472268929826518356034508450851266833526",
    "message": "Invalid or expired token"
  }
}

Responses

Status Meaning Description Schema
200 OK OK Inline
401 Unauthorized Authentication information missing or invalid Inline

Response Schema

Status Code 200

LdapSettingsResponse

Name Type Required Constraints Description
  response object false - -
   host string false - IP address or resolvable hostname
   port integer false - -
   encrypt boolean false - Use SSL
   encrypt_ldaps boolean false - Use LDAPS or start TLS (default)?
   encrypt_auth boolean false - Use certificates to authenticate via encrypted connection
   encrypt_auth_key boolean false - -
   encrypt_auth_cert boolean false - -
   encrypt_verify_ca boolean false - Verify certicate using authority
   encrypt_ca_cert boolean false - -
   binddn string false - Bind username

Test LDAP settings

Code samples

# You can also use wget
curl -X POST -u api:myapipassword https://vns3-host:8000/api/settings/ldap \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json'

from cohesivenet import VNS3Client

api_response = vns3_client.access.post_test_ldap_settings(
    host=host,
    port=port,
    encrypt=encrypt,
    encrypt_ldaps=encrypt_ldaps,
    encrypt_auth=encrypt_auth,
    encrypt_verify_ca=encrypt_verify_ca,
    binddn=binddn,
    bindpw=bindpw)

print(api_response.json())

POST /settings/ldap

Test LDAP settings

Body parameter

{
  "host": "string",
  "port": 0,
  "encrypt": true,
  "encrypt_ldaps": true,
  "encrypt_auth": true,
  "encrypt_verify_ca": true,
  "binddn": "string",
  "bindpw": "string"
}

Parameters

Name In Type Required Description
host body string true IP address or resolvable hostname
port body integer false -
encrypt body boolean false Use SSL
encrypt_ldaps body boolean false Use LDAPS or start TLS (default)?
encrypt_auth body boolean false Use certificates to authenticate via encrypted connection
encrypt_verify_ca body boolean false Verify certicate using authority
binddn body string false Bind Username
bindpw body string false Bind Password

Example responses

200 Response

{
  "response": {
    "connect_success": true,
    "message": "string"
  }
}

Authentication information missing or invalid

{
  "error": {
    "name": "UnauthorizedError",
    "log": "1563472268929826518356034508450851266833526",
    "message": "Invalid or expired token"
  }
}

Responses

Status Meaning Description Schema
200 OK OK Inline
401 Unauthorized Authentication information missing or invalid Inline

Response Schema

Status Code 200

Name Type Required Constraints Description
  response object false - -
   connect_success boolean false - -
   message string false - -

Get LDAP settings

Code samples

# You can also use wget
curl -X GET -u api:myapipassword https://vns3-host:8000/api/settings/ldap \
  -H 'Accept: application/json'

from cohesivenet import VNS3Client

api_response = vns3_client.access.get_ldap_settings()

print(api_response.json())

GET /settings/ldap

get LDAP settings

Example responses

200 Response

{
  "response": {
    "host": "string",
    "port": 0,
    "encrypt": true,
    "encrypt_ldaps": true,
    "encrypt_auth": true,
    "encrypt_auth_key": true,
    "encrypt_auth_cert": true,
    "encrypt_verify_ca": true,
    "encrypt_ca_cert": true,
    "binddn": "string"
  }
}

Authentication information missing or invalid

{
  "error": {
    "name": "UnauthorizedError",
    "log": "1563472268929826518356034508450851266833526",
    "message": "Invalid or expired token"
  }
}

Responses

Status Meaning Description Schema
200 OK OK Inline
401 Unauthorized Authentication information missing or invalid Inline

Response Schema

Status Code 200

LdapSettingsResponse

Name Type Required Constraints Description
  response object false - -
   host string false - IP address or resolvable hostname
   port integer false - -
   encrypt boolean false - Use SSL
   encrypt_ldaps boolean false - Use LDAPS or start TLS (default)?
   encrypt_auth boolean false - Use certificates to authenticate via encrypted connection
   encrypt_auth_key boolean false - -
   encrypt_auth_cert boolean false - -
   encrypt_verify_ca boolean false - Verify certicate using authority
   encrypt_ca_cert boolean false - -
   binddn string false - Bind username

Put LDAP user schema settings

Code samples

# You can also use wget
curl -X PUT -u api:myapipassword https://vns3-host:8000/api/settings/ldap/user_schema \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json'

from cohesivenet import VNS3Client

api_response = vns3_client.access.put_ldap_user_schema_settings(
    user_base=user_base,
    user_id_attribute=user_id_attribute,
    user_list_filter=user_list_filter)

print(api_response.json())

PUT /settings/ldap/user_schema

Put LDAP user schema settings

Body parameter

{
  "user_base": "string",
  "user_id_attribute": "string",
  "user_list_filter": "string"
}

Parameters

Name In Type Required Description
user_base body string true Base DN from which to search for Users
user_id_attribute body string true Attribute type for the Users
user_list_filter body string false Search filter for Users

Example responses

200 Response

{
  "response": {
    "user_base": "string",
    "user_id_attribute": 0,
    "user_list_filter": "string"
  }
}

Authentication information missing or invalid

{
  "error": {
    "name": "UnauthorizedError",
    "log": "1563472268929826518356034508450851266833526",
    "message": "Invalid or expired token"
  }
}

Responses

Status Meaning Description Schema
200 OK OK Inline
401 Unauthorized Authentication information missing or invalid Inline

Response Schema

Status Code 200

LdapUserSettingsResponse

Name Type Required Constraints Description
  response object false - -
   user_base string false - Base DN from which to search for Users
   user_id_attribute integer false - Attribute type for the Users
   user_list_filter string false - Search filter for Users

Test LDAP user schema settings

Code samples

# You can also use wget
curl -X POST -u api:myapipassword https://vns3-host:8000/api/settings/ldap/user_schema \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json'

from cohesivenet import VNS3Client

api_response = vns3_client.access.post_test_ldap_user_schema_settings(
    user_base=user_base,
    user_id_attribute=user_id_attribute,
    user_list_filter=user_list_filter,
    limit=limit)

print(api_response.json())

POST /settings/ldap/user_schema

Test LDAP user schema settings

Body parameter

{
  "user_base": "string",
  "user_id_attribute": "string",
  "user_list_filter": "string",
  "limit": 100
}

Parameters

Name In Type Required Description
user_base body string true Base DN from which to search for Users
user_id_attribute body string true Attribute type for the Users
user_list_filter body string false Search filter for Users
limit body integer false Number of records to return. Default = 100

Example responses

200 Response

{
  "response": [
    "string"
  ]
}

Authentication information missing or invalid

{
  "error": {
    "name": "UnauthorizedError",
    "log": "1563472268929826518356034508450851266833526",
    "message": "Invalid or expired token"
  }
}

Responses

Status Meaning Description Schema
200 OK OK Inline
401 Unauthorized Authentication information missing or invalid Inline

Response Schema

Status Code 200

Name Type Required Constraints Description
  response [string] false - -

Get LDAP user schema settings

Code samples

# You can also use wget
curl -X GET -u api:myapipassword https://vns3-host:8000/api/settings/ldap/user_schema \
  -H 'Accept: application/json'

from cohesivenet import VNS3Client

api_response = vns3_client.access.get_ldap_user_schema_settings()

print(api_response.json())

GET /settings/ldap/user_schema

get LDAP user schema settings

Example responses

200 Response

{
  "response": {
    "user_base": "string",
    "user_id_attribute": 0,
    "user_list_filter": "string"
  }
}

Authentication information missing or invalid

{
  "error": {
    "name": "UnauthorizedError",
    "log": "1563472268929826518356034508450851266833526",
    "message": "Invalid or expired token"
  }
}

Responses

Status Meaning Description Schema
200 OK OK Inline
401 Unauthorized Authentication information missing or invalid Inline

Response Schema

Status Code 200

LdapUserSettingsResponse

Name Type Required Constraints Description
  response object false - -
   user_base string false - Base DN from which to search for Users
   user_id_attribute integer false - Attribute type for the Users
   user_list_filter string false - Search filter for Users

Put LDAP group schema settings

Code samples

# You can also use wget
curl -X PUT -u api:myapipassword https://vns3-host:8000/api/settings/ldap/group_schema \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json'

from cohesivenet import VNS3Client

api_response = vns3_client.access.put_ldap_group_schema_settings(
    group_required=group_required,
    group_base=group_base,
    group_id_attribute=group_id_attribute,
    group_list_filter=group_list_filter,
    group_member_attribute=group_member_attribute,
    group_member_attr_format=group_member_attr_format,
    group_search_scope=group_search_scope)

print(api_response.json())

PUT /settings/ldap/group_schema

Put LDAP group schema settings

Body parameter

{
  "group_required": true,
  "group_base": "string",
  "group_id_attribute": "string",
  "group_list_filter": "string",
  "group_member_attribute": "string",
  "group_member_attr_format": "string",
  "group_search_scope": "string"
}

Parameters

Name In Type Required Description
group_required body boolean true Require use of LDAP groups
group_base body string false Base DN from which to search for Groups
group_id_attribute body string false Attribute type for the Groups
group_list_filter body string false Search filter for Groups
group_member_attribute body string false ttribute used to search for a user within the Group
group_member_attr_format body string false Format of the Group Member attribute
group_search_scope body string false Default=subtree

Example responses

200 Response

{
  "response": {
    "group_required": true,
    "group_base": "string",
    "group_id_attribute": "string",
    "group_list_filter": "string",
    "group_member_attribute": "string",
    "group_member_attr_format": "UserDN",
    "group_search_scope": "subtree"
  }
}

Authentication information missing or invalid

{
  "error": {
    "name": "UnauthorizedError",
    "log": "1563472268929826518356034508450851266833526",
    "message": "Invalid or expired token"
  }
}

Responses

Status Meaning Description Schema
200 OK OK Inline
401 Unauthorized Authentication information missing or invalid Inline

Response Schema

Status Code 200

LdapGroupSettingsResponse

Name Type Required Constraints Description
  response object false - -
   group_required boolean false - Require used of LDAP groups
   group_base string false - Base DN from which to search for Groups
   group_id_attribute string false - Attribute type for the Groups
   group_list_filter string false - Search filter for Groups
   group_member_attribute string false - Attribute used to search for a user within the Group
   group_member_attr_format string false - Format of the Group Member attribute
   group_search_scope string false - Format of the Group Member attribute

Test LDAP group schema settings

Code samples

# You can also use wget
curl -X POST -u api:myapipassword https://vns3-host:8000/api/settings/ldap/group_schema \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json'

from cohesivenet import VNS3Client

api_response = vns3_client.access.post_test_ldap_group_schema_settings(
    group_base=group_base,
    group_id_attribute=group_id_attribute,
    group_list_filter=group_list_filter,
    group_member_attribute=group_member_attribute,
    group_member_attr_format=group_member_attr_format,
    group_search_scope=group_search_scope,
    limit=limit)

print(api_response.json())

POST /settings/ldap/group_schema

Test LDAP group schema settings

Body parameter

{
  "group_base": "string",
  "group_id_attribute": "string",
  "group_list_filter": "string",
  "group_member_attribute": "string",
  "group_member_attr_format": "string",
  "group_search_scope": "string",
  "limit": 100
}

Parameters

Name In Type Required Description
group_base body string true Base DN from which to search for Groups
group_id_attribute body string true Attribute type for the Groups
group_list_filter body string false Search filter for Groups
group_member_attribute body string false ttribute used to search for a user within the Group
group_member_attr_format body string false Format of the Group Member attribute
group_search_scope body string false Default=subtree
limit body integer false Number of records to return. Default = 100

Example responses

200 Response

{
  "response": [
    {
      "ldap_group": "string",
      "ldap_user": [
        "string"
      ]
    }
  ]
}

Authentication information missing or invalid

{
  "error": {
    "name": "UnauthorizedError",
    "log": "1563472268929826518356034508450851266833526",
    "message": "Invalid or expired token"
  }
}

Responses

Status Meaning Description Schema
200 OK OK Inline
401 Unauthorized Authentication information missing or invalid Inline

Response Schema

Status Code 200

Name Type Required Constraints Description
  response [object] false - -
   ldap_group string false - -
   ldap_user [string] false - -

Get LDAP group schema settings

Code samples

# You can also use wget
curl -X GET -u api:myapipassword https://vns3-host:8000/api/settings/ldap/group_schema \
  -H 'Accept: application/json'

from cohesivenet import VNS3Client

api_response = vns3_client.access.get_ldap_group_schema_settings()

print(api_response.json())

GET /settings/ldap/group_schema

get LDAP group schema settings

Example responses

200 Response

{
  "response": {
    "group_required": true,
    "group_base": "string",
    "group_id_attribute": "string",
    "group_list_filter": "string",
    "group_member_attribute": "string",
    "group_member_attr_format": "UserDN",
    "group_search_scope": "subtree"
  }
}

Authentication information missing or invalid

{
  "error": {
    "name": "UnauthorizedError",
    "log": "1563472268929826518356034508450851266833526",
    "message": "Invalid or expired token"
  }
}

Responses

Status Meaning Description Schema
200 OK OK Inline
401 Unauthorized Authentication information missing or invalid Inline

Response Schema

Status Code 200

LdapGroupSettingsResponse

Name Type Required Constraints Description
  response object false - -
   group_required boolean false - Require used of LDAP groups
   group_base string false - Base DN from which to search for Groups
   group_id_attribute string false - Attribute type for the Groups
   group_list_filter string false - Search filter for Groups
   group_member_attribute string false - Attribute used to search for a user within the Group
   group_member_attr_format string false - Format of the Group Member attribute
   group_search_scope string false - Format of the Group Member attribute

Enable/disable LDAP

Code samples

# You can also use wget
curl -X PUT -u api:myapipassword https://vns3-host:8000/api/settings/ldap/enabled \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json'

from cohesivenet import VNS3Client

api_response = vns3_client.access.put_enable_ldap(
    enabled=enabled)

print(api_response.json())

PUT /settings/ldap/enabled

Enable/disable LDAP

Body parameter

{
  "enabled": true
}

Parameters

Name In Type Required Description
enabled body boolean true True to enable LDAP

Example responses

200 Response

{
  "response": {
    "enabled": true
  }
}

Authentication information missing or invalid

{
  "error": {
    "name": "UnauthorizedError",
    "log": "1563472268929826518356034508450851266833526",
    "message": "Invalid or expired token"
  }
}

Responses

Status Meaning Description Schema
200 OK OK Inline
401 Unauthorized Authentication information missing or invalid Inline

Response Schema

Status Code 200

SimpleEnabledResponse

Name Type Required Constraints Description
  response object false - -
   enabled boolean false - -

Upload LDAP Auth Cert

Code samples

# You can also use wget
curl -X PUT -u api:myapipassword https://vns3-host:8000/api/settings/ldap/encrypt_auth_cert \
  -H 'Content-Type: text/plain' \
  -H 'Accept: application/json'

from cohesivenet import VNS3Client

api_response = vns3_client.access.put_upload_ldap_auth_cert()

print(api_response.json())

PUT /settings/ldap/encrypt_auth_cert

Upload LDAP authentication certicate file

Body parameter

string

Example responses

200 Response

{
  "response": "Authentication certificate saved!"
}

Authentication information missing or invalid

{
  "error": {
    "name": "UnauthorizedError",
    "log": "1563472268929826518356034508450851266833526",
    "message": "Invalid or expired token"
  }
}

Responses

Status Meaning Description Schema
200 OK OK Inline
401 Unauthorized Authentication information missing or invalid Inline

Response Schema

Status Code 200

Name Type Required Constraints Description
  response string false - -

Upload LDAP Auth Key

Code samples

# You can also use wget
curl -X PUT -u api:myapipassword https://vns3-host:8000/api/settings/ldap/encrypt_auth_key \
  -H 'Content-Type: text/plain' \
  -H 'Accept: application/json'

from cohesivenet import VNS3Client

api_response = vns3_client.access.put_upload_ldap_auth_key()

print(api_response.json())

PUT /settings/ldap/encrypt_auth_key

Upload authentication key file

Body parameter

string

Example responses

200 Response

{
  "response": "Authentication certificate removed!"
}

Authentication information missing or invalid

{
  "error": {
    "name": "UnauthorizedError",
    "log": "1563472268929826518356034508450851266833526",
    "message": "Invalid or expired token"
  }
}

Responses

Status Meaning Description Schema
200 OK OK Inline
401 Unauthorized Authentication information missing or invalid Inline

Response Schema

Status Code 200

Name Type Required Constraints Description
  response string false - -

Upload LDAP CA cert

Code samples

# You can also use wget
curl -X PUT -u api:myapipassword https://vns3-host:8000/api/settings/ldap/encrypt_ca_cert \
  -H 'Content-Type: text/plain' \
  -H 'Accept: application/json'

from cohesivenet import VNS3Client

api_response = vns3_client.access.put_upload_ldap_ca_cert()

print(api_response.json())

PUT /settings/ldap/encrypt_ca_cert

Upload LDAP CA certicate file

Body parameter

string

Example responses

200 Response

{
  "response": "CA certificate saved!"
}

Authentication information missing or invalid

{
  "error": {
    "name": "UnauthorizedError",
    "log": "1563472268929826518356034508450851266833526",
    "message": "Invalid or expired token"
  }
}

Responses

Status Meaning Description Schema
200 OK OK Inline
401 Unauthorized Authentication information missing or invalid Inline

Response Schema

Status Code 200

Name Type Required Constraints Description
  response string false - -

Configuration

VNS3 configuration such as licensing, VNS3:Management System, SSL certs and keyset generation

Update admin UI settings

Code samples

# You can also use wget
curl -X PUT -u api:myapipassword https://vns3-host:8000/api/admin_ui \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json'

from cohesivenet import VNS3Client

api_response = vns3_client.config.put_update_admin_ui(
    enabled=enabled,
    admin_username=admin_username,
    admin_password=admin_password)

print(api_response.json())

PUT /admin_ui

Update Admin UI settings. Enable/Disable and set credentials.

Body parameter

{
  "enabled": true,
  "admin_username": "string",
  "admin_password": "string"
}

Parameters

Name In Type Required Description
enabled body boolean false -
admin_username body string false -
admin_password body string false -

Example responses

200 Response

{
  "response": {
    "enabled": true,
    "username": "vnscubed_user"
  }
}

400 Response

{
  "error": {
    "name": "APIArgumentError",
    "log": "156348220177382578437853325229350053485636",
    "message": "admin_username is invalid"
  }
}

Authentication information missing or invalid

{
  "error": {
    "name": "UnauthorizedError",
    "log": "1563472268929826518356034508450851266833526",
    "message": "Invalid or expired token"
  }
}

Responses

Status Meaning Description Schema
200 OK Accepted Inline
400 Bad Request Bad request Inline
401 Unauthorized Authentication information missing or invalid Inline

Response Schema

Status Code 200

AdminUISettingsDetail

Name Type Required Constraints Description
  response object false - -
   enabled boolean false - -
   username string false - -

Status Code 400

Error

Name Type Required Constraints Description
  error object false - -
   name string false - -
   log string false - -
   message string false - -

Update API password

Code samples

# You can also use wget
curl -X PUT -u api:myapipassword https://vns3-host:8000/api/api_password \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json'

from cohesivenet import VNS3Client

api_response = vns3_client.config.put_update_api_password(
    password=password)

print(api_response.json())

PUT /api_password

Allows you to change the API password/secret key. To change the Web UI password (or username) use PUT admin_ui.

Body parameter

{
  "password": "string"
}

Parameters

Name In Type Required Description
password body string false -

Example responses

200 Response

{
  "response": {
    "password_reset": "ok"
  }
}

400 Response

{
  "error": {
    "name": "APIArgumentError",
    "log": "156348220177382578437853325229350053485636",
    "message": "Invalid password"
  }
}

Authentication information missing or invalid

{
  "error": {
    "name": "UnauthorizedError",
    "log": "1563472268929826518356034508450851266833526",
    "message": "Invalid or expired token"
  }
}

Responses

Status Meaning Description Schema
200 OK Accepted Inline
400 Bad Request Bad request Inline
401 Unauthorized Authentication information missing or invalid Inline

Response Schema

Status Code 200

PasswordResetResponse

Name Type Required Constraints Description
  response object false - -
   password_reset string false - -

Status Code 400

Error

Name Type Required Constraints Description
  error object false - -
   name string false - -
   log string false - -
   message string false - -

Get configuration details

Code samples

# You can also use wget
curl -X GET -u api:myapipassword https://vns3-host:8000/api/config \
  -H 'Accept: application/json'

from cohesivenet import VNS3Client

api_response = vns3_client.config.get_config()

print(api_response.json())

GET /config

Describe Runtime Configuration for VNS3 Controller

Example responses

200 Response

{
  "response": {
    "asn": 65001,
    "topology_name": "Cohesive",
    "topology_checksum": "a04a92073a4f6f32a2abce45439a2d8c016334dc",
    "manager_id": 1,
    "ntp_hosts": "0.ubuntu.pool.ntp.org 1.ubuntu.pool.ntp.org 2.ubuntu.pool.ntp.org 3.ubuntu.pool.ntp.org ntp.ubuntu.com time.apple.com",
    "vns3_version": "4.5.0",
    "licensed": true,
    "overlay_ipaddress": "172.31.0.100",
    "peered": true,
    "public_ipaddress": "50.240.142.209",
    "private_ipaddress": "192.168.30.247"
  }
}

Authentication information missing or invalid

{
  "error": {
    "name": "UnauthorizedError",
    "log": "1563472268929826518356034508450851266833526",
    "message": "Invalid or expired token"
  }
}

Responses

Status Meaning Description Schema
200 OK Get runtime Configuration details Inline
401 Unauthorized Authentication information missing or invalid Inline

Response Schema

Status Code 200

ConfigDetail

Name Type Required Constraints Description
  response object false - -
   asn integer false - Autonomous system number for controller if peered
   topology_name string false - -
   topology_checksum string false - -
   manager_id integer false - This managers ID in peered topology
   ntp_hosts string false - NTP host endpoints, whitespace delimited
   vns3_version string false - -
   licensed boolean false - -
   overlay_ipaddress string false - This managers overlay IP in peered topology
   peered boolean false - -
   public_ipaddress string false - -
   private_ipaddress string false - -
   security_token string false - Security token in peered topology

Update configuration

Code samples

# You can also use wget
curl -X PUT -u api:myapipassword https://vns3-host:8000/api/config \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json'

from cohesivenet import VNS3Client

api_response = vns3_client.config.put_config(
    topology_name=topology_name,
    ntp_hosts=ntp_hosts)

print(api_response.json())

PUT /config

Provides general information about the manager's topology, license state and checksums and allows you to set the topology name.

Body parameter

{
  "topology_name": "string",
  "ntp_hosts": "string"
}

Parameters

Name In Type Required Description
topology_name body string false Specifies a text name to display at the top of the web ui and in the desc_config API response
ntp_hosts body string false Single or space separated list of ntp server IPs or dns names. Using this argument overwrites the existing Configuration.

Example responses

200 Response

{
  "response": {
    "asn": 0,
    "topology_name": "string",
    "topology_checksum": "string",
    "manager_id": 1,
    "ntp_hosts": "string",
    "vns3_version": "string",
    "licensed": true,
    "overlay_ipaddress": "string",
    "peered": true,
    "public_ipaddress": "string",
    "private_ipaddress": "string",
    "security_token": "string"
  }
}

400 Response

{
  "error": {
    "name": "APIArgumentError",
    "log": "156348220177382578437853325229350053485636",
    "message": "ntp_hosts is not in proper domain name format or ipv4 address format. Update abandoned."
  }
}

Authentication information missing or invalid

{
  "error": {
    "name": "UnauthorizedError",
    "log": "1563472268929826518356034508450851266833526",
    "message": "Invalid or expired token"
  }
}

Responses

Status Meaning Description Schema
200 OK OK Inline
400 Bad Request Bad request Inline
401 Unauthorized Authentication information missing or invalid Inline

Response Schema

Status Code 200

ConfigDetail

Name Type Required Constraints Description
  response object false - -
   asn integer false - Autonomous system number for controller if peered
   topology_name string false - -
   topology_checksum string false - -
   manager_id integer false - This managers ID in peered topology
   ntp_hosts string false - NTP host endpoints, whitespace delimited
   vns3_version string false - -
   licensed boolean false - -
   overlay_ipaddress string false - This managers overlay IP in peered topology
   peered boolean false - -
   public_ipaddress string false - -
   private_ipaddress string false - -
   security_token string false - Security token in peered topology

Status Code 400

Error

Name Type Required Constraints Description
  error object false - -
   name string false - -
   log string false - -
   message string false - -

Upload new SSL cert and key pair

Code samples

# You can also use wget
curl -X PUT -u api:myapipassword https://vns3-host:8000/api/system/ssl/keypair \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json'

from cohesivenet import VNS3Client

api_response = vns3_client.config.put_upload_ssl_keypair(
    cert=cert,
    key=key)

print(api_response.json())

PUT /system/ssl/keypair

Upload new SSL cert and key pair

Body parameter

{
  "cert": "string",
  "key": "string"
}

Parameters

Name In Type Required Description
cert body string true -
key body string true -

Example responses

200 Response

{
  "response": "Valid key/cert files uploaded"
}

400 Response

{
  "error": {
    "name": "APIArgumentError",
    "log": "156348346294205629750334447737345166168929",
    "message": "cert is missing, key is missing"
  }
}

Authentication information missing or invalid

{
  "error": {
    "name": "UnauthorizedError",
    "log": "1563472268929826518356034508450851266833526",
    "message": "Invalid or expired token"
  }
}

403 Response

{
  "unlicensedExample": {
    "value": {
      "error": {
        "name": "PrerequisiteError",
        "log": "1563472268929826518356034508450851266833526",
        "message": "Must be licensed first."
      }
    }
  }
}

Responses

Status Meaning Description Schema
200 OK OK Inline
400 Bad Request Bad request Inline
401 Unauthorized Authentication information missing or invalid Inline
403 Forbidden Request Forbidden - operation not allowed Inline

Response Schema

Status Code 200

SimpleStringResponse

Name Type Required Constraints Description
  response string false - -

Status Code 400

Error

Name Type Required Constraints Description
  error object false - -
   name string false - -
   log string false - -
   message string false - -

Install SSL cert and key pair

Code samples

# You can also use wget
curl -X PUT -u api:myapipassword https://vns3-host:8000/api/system/ssl/install \
  -H 'Accept: application/json'

from cohesivenet import VNS3Client

api_response = vns3_client.config.put_install_ssl_keypair()

print(api_response.json())

PUT /system/ssl/install

Install SSL cert and key pair

Example responses

200 Response

{
  "response": {
    "status": "SSL Cert installation queued",
    "uuid": "10923jnowfdhgu039jon4r09201"
  }
}

400 Response

{
  "error": {
    "name": "APIArgumentError",
    "log": "156348346294205629750334447737345166168929",
    "message": "cert is missing, key is missing"
  }
}

Authentication information missing or invalid

{
  "error": {
    "name": "UnauthorizedError",
    "log": "1563472268929826518356034508450851266833526",
    "message": "Invalid or expired token"
  }
}

403 Response

{
  "unlicensedExample": {
    "value": {
      "error": {
        "name": "PrerequisiteError",
        "log": "1563472268929826518356034508450851266833526",
        "message": "Must be licensed first."
      }
    }
  }
}

Responses

Status Meaning Description Schema
200 OK OK Inline
400 Bad Request Bad request Inline
401 Unauthorized Authentication information missing or invalid Inline
403 Forbidden Request Forbidden - operation not allowed Inline

Response Schema

Status Code 200

ServerSSLDetailResponse

Name Type Required Constraints Description
  response object false - -
   uuid string false - -
   status string false - -
   state string false - -

Status Code 400

Error

Name Type Required Constraints Description
  error object false - -
   name string false - -
   log string false - -
   message string false - -

Get SSL installation status

Code samples

# You can also use wget
curl -X GET -u api:myapipassword https://vns3-host:8000/api/system/ssl/install/{uuid} \
  -H 'Accept: application/json'

from cohesivenet import VNS3Client

api_response = vns3_client.config.get_ssl_install_status(uuid)

print(api_response.json())

GET /system/ssl/install/{uuid}

Get status for ssl installation task

Parameters

Name In Type Required Description
uuid path string true uuid of resource

Example responses

200 Response

{
  "response": {
    "uuid": "19230109239012390129031012312",
    "status": "Job pending",
    "state": "pending"
  }
}

Authentication information missing or invalid

{
  "error": {
    "name": "UnauthorizedError",
    "log": "1563472268929826518356034508450851266833526",
    "message": "Invalid or expired token"
  }
}

403 Response

{
  "unlicensedExample": {
    "value": {
      "error": {
        "name": "PrerequisiteError",
        "log": "1563472268929826518356034508450851266833526",
        "message": "Must be licensed first."
      }
    }
  }
}

404 Response

{
  "error": {
    "name": "APINotFoundError",
    "log": "15640808375976073208002188741879242245537",
    "message": "Unknown Job ID: 1234"
  }
}

Responses

Status Meaning Description Schema
200 OK OK Inline
401 Unauthorized Authentication information missing or invalid Inline
403 Forbidden Request Forbidden - operation not allowed Inline
404 Not Found Not found Inline

Response Schema

Status Code 200

ServerSSLDetailResponse

Name Type Required Constraints Description
  response object false - -
   uuid string false - -
   status string false - -
   state string false - -

Status Code 404

Error

Name Type Required Constraints Description
  error object false - -
   name string false - -
   log string false - -
   message string false - -

Get topology keyset

Code samples

# You can also use wget
curl -X GET -u api:myapipassword https://vns3-host:8000/api/keyset \
  -H 'Accept: application/json'

from cohesivenet import VNS3Client

api_response = vns3_client.undefined.get_keyset()

print(api_response.json())

GET /keyset

Returns keyset details. The keyset is a set of cryptographic credentials used for encrypting all data on the overlay network.

Example responses

200 Response

{
  "response": {
    "keyset_present": true,
    "created_at": "2019-07-19T19:44:02.191+00:00",
    "created_at_i": 1563565442,
    "checksum": "6093b865464ec3f7ab7213975c3b952763d1df14",
    "uuid": "8effb1ea-aa5d-11e9-aaf4-02935c82307a"
  }
}

Authentication information missing or invalid

{
  "error": {
    "name": "UnauthorizedError",
    "log": "1563472268929826518356034508450851266833526",
    "message": "Invalid or expired token"
  }
}

403 Response

{
  "response": {
    "message": "Must be licensed first",
    "log": "123901290309083024802120939123901023091239",
    "name": "PrerequisiteError"
  }
}

Responses

Status Meaning Description Schema
200 OK OK Inline
401 Unauthorized Authentication information missing or invalid Inline
403 Forbidden Request Forbidden - operation not allowed Inline

Response Schema

Status Code 200

KeysetDetail

Name Type Required Constraints Description
  response object false - -
   in_progress boolean false - -
   running integer false - -
   keyset_present boolean false - -
   checksum string false - -
   created_at string false - -
   created_at_i integer false - -
   started_at string false - -
   started_at_i integer false - -
   uuid string false - -

Status Code 403

Error

Name Type Required Constraints Description
  error object false - -
   name string false - -
   log string false - -
   message string false - -

Generate keyset

Code samples

# You can also use wget
curl -X PUT -u api:myapipassword https://vns3-host:8000/api/keyset \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json'

from cohesivenet import VNS3Client

api_response = vns3_client.config.put_keyset(
    source=source,
    token=token,
    topology_name=topology_name)

print(api_response.json())

PUT /keyset

Generate keyset The keyset is a set of cryptographic credentials used for encrypting all data on the overlay network. Keyset generation happens in background. Poll on GET /keyset in_progress value for keyset status.

Body parameter

{
  "source": "string",
  "token": "string",
  "topology_name": "string"
}

Parameters

Name In Type Required Description
source body string false If provided, fetches keyset from source manager
token body string true Arbitrary key used to help randomize the checksum, it must be identical for each manager in a topology.
topology_name body string false Name for the topology

Example responses

200 Response

{
  "response": {
    "keyset_preset": false,
    "in_progress": true,
    "started_at": "2019-07-19T19:43:00.147+00:00",
    "started_at_i": 1563565380,
    "running": 0
  }
}

400 Response

{
  "error": {
    "name": "APIArgumentError",
    "log": "156348346294205629750334447737345166168929",
    "message": "token is missing"
  }
}

Authentication information missing or invalid

{
  "error": {
    "name": "UnauthorizedError",
    "log": "1563472268929826518356034508450851266833526",
    "message": "Invalid or expired token"
  }
}

Responses

Status Meaning Description Schema
200 OK OK Inline
400 Bad Request Bad request Inline
401 Unauthorized Authentication information missing or invalid Inline

Response Schema

Status Code 200

KeysetDetail

Name Type Required Constraints Description
  response object false - -
   in_progress boolean false - -
   running integer false - -
   keyset_present boolean false - -
   checksum string false - -
   created_at string false - -
   created_at_i integer false - -
   started_at string false - -
   started_at_i integer false - -
   uuid string false - -

Status Code 400

Error

Name Type Required Constraints Description
  error object false - -
   name string false - -
   log string false - -
   message string false - -

Get license details

Code samples

# You can also use wget
curl -X GET -u api:myapipassword https://vns3-host:8000/api/license \
  -H 'Accept: application/json'

from cohesivenet import VNS3Client

api_response = vns3_client.licensing.get_license()

print(api_response.json())

GET /license

Get license details

Example responses

200 Response

{
  "response": {
    "capabilities": [
      "string"
    ],
    "finalized": true,
    "my_manager_vip": "string",
    "license": "string",
    "license_present": true,
    "sha1_checksum": "string",
    "uploaded_at": "string",
    "custom_addressing": true,
    "uploaded_at_i": 0,
    "container_details": {
      "containers_run_count": 0,
      "containers_image_count": 0
    },
    "topology": {
      "clients": [
        {
          "ip_address": "string",
          "octets": [
            0
          ]
        }
      ],
      "managers": [
        {
          "asn": 0,
          "manager_id": 1,
          "overlay_ipaddress": {
            "ip_address": "string",
            "octets": [
              0
            ]
          }
        }
      ],
      "total_clients": 0,
      "ipsec_max_subnets": 0,
      "ipsec_max_endpoints": 0,
      "license_upgrades": [
        "string"
      ],
      "overlay_max_clients": 0,
      "overlay_subnet": "string"
    }
  }
}

Authentication information missing or invalid

{
  "error": {
    "name": "UnauthorizedError",
    "log": "1563472268929826518356034508450851266833526",
    "message": "Invalid or expired token"
  }
}

403 Response

{
  "response": {
    "message": "Must be licensed first",
    "log": "9009012801280138018910283081301390103",
    "name": "PrerequisiteError"
  }
}

Responses

Status Meaning Description Schema
200 OK Get license topology details Inline
401 Unauthorized Authentication information missing or invalid Inline
403 Forbidden Request Forbidden - operation not allowed Inline

Response Schema

Status Code 200

LicenseDetail

Name Type Required Constraints Description
  response object false - -
   capabilities [string] false - Features available such as eBGP, CloudWAN etc.
   finalized boolean false - -
   my_manager_vip string false - -
   license string false - State of license, accepted, in-progress, failed
   license_present boolean false - -
   sha1_checksum string false - -
   uploaded_at string false - -
   custom_addressing boolean false - -
   uploaded_at_i integer false - -
   container_details object false - -
    containers_run_count integer false - -
    containers_image_count integer false - -
   topology object false - -
    clients [object] false - IPs for clientpacks
     ip_address string false - -
     octets [integer] false - -
    managers [object] false - -
     VNS3Controller object false - -
      asn integer false - -
      manager_id integer false - -
      overlay_ipaddress object false - -
       ip_address string false - -
       octets [integer] false - -
    total_clients integer false - -
    ipsec_max_subnets integer false - -
    ipsec_max_endpoints integer false - -
    license_upgrades [string] false - -
    overlay_max_clients integer false - -
    overlay_subnet string false - CIDR for overlay clients

Status Code 403

Error

Name Type Required Constraints Description
  error object false - -
   name string false - -
   log string false - -
   message string false - -

Upload license

Code samples

# You can also use wget
curl -X PUT -u api:myapipassword https://vns3-host:8000/api/license \
  -H 'Content-Type: text/plain' \
  -H 'Accept: application/json'

from cohesivenet import VNS3Client

api_response = vns3_client.licensing.upload_license()

print(api_response.json())

PUT /license

License a VNS3 Controller to be a part of a specific topology. Must not be licensed already.

Body parameter

string

Example responses

200 Response

{
  "response": {
    "capabilities": [
      "string"
    ],
    "finalized": true,
    "license": "string",
    "license_present": true,
    "default_topology": {
      "clients": [
        {
          "ip_address": "string",
          "octets": [
            0
          ]
        }
      ],
      "managers": [
        {
          "asn": 0,
          "manager_id": 1,
          "overlay_ipaddress": {
            "ip_address": "string",
            "octets": [
              0
            ]
          }
        }
      ],
      "total_clients": 0,
      "ipsec_max_subnets": 0,
      "ipsec_max_endpoints": 0,
      "license_upgrades": [
        "string"
      ],
      "overlay_max_clients": 0,
      "overlay_subnet": "string"
    }
  }
}

400 Response

{
  "error": {
    "name": "APIArgumentError",
    "log": "156348220177382578437853325229350053485636",
    "message": "Bad license"
  }
}

Authentication information missing or invalid

{
  "error": {
    "name": "UnauthorizedError",
    "log": "1563472268929826518356034508450851266833526",
    "message": "Invalid or expired token"
  }
}

Responses

Status Meaning Description Schema
200 OK Upload license response Inline
400 Bad Request Bad request Inline
401 Unauthorized Authentication information missing or invalid Inline

Response Schema

Status Code 200

InitLicenseDetail

Name Type Required Constraints Description
  response object false - -
   capabilities [string] false - Features available such as eBGP, CloudWAN, Containers etc.
   finalized boolean false - -
   license string false - State of license, accepted, in-progress, failed
   license_present boolean false - -
   default_topology object false - -
    clients [object] false - IPs for clientpacks
     ip_address string false - -
     octets [integer] false - -
    managers [object] false - -
     VNS3Controller object false - -
      asn integer false - -
      manager_id integer false - -
      overlay_ipaddress object false - -
       ip_address string false - -
       octets [integer] false - -
    total_clients integer false - -
    ipsec_max_subnets integer false - -
    ipsec_max_endpoints integer false - -
    license_upgrades [string] false - -
    overlay_max_clients integer false - -
    overlay_subnet string false - CIDR for overlay clients

Status Code 400

Error

Name Type Required Constraints Description
  error object false - -
   name string false - -
   log string false - -
   message string false - -

Set license parameters

Code samples

# You can also use wget
curl -X PUT -u api:myapipassword https://vns3-host:8000/api/license/parameters \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json'

from cohesivenet import VNS3Client

api_response = vns3_client.licensing.put_set_license_parameters(
    subnet=subnet,
    managers=managers,
    asns=asns,
    clients=clients,
    my_manager_vip=my_manager_vip,
    default=default)

print(api_response.json())

PUT /license/parameters

Set and accept license parameters. Triggers reboot. Irreversible operation.

Body parameter

{
  "subnet": "string",
  "managers": "string",
  "asns": "string",
  "clients": "string",
  "my_manager_vip": "string",
  "default": false
}

Parameters

Name In Type Required Description
subnet body string false Specifies the CIDR of the virtual network created for use with the VNS3 Manager
managers body string false Whitespace delimited address string in the subnet to use for the VNS3 Controllers' virtual interfaces.
asns body string false Whitespace delimited string of ASNs (autonomous system numbers) corresponding to the order of the controllers
clients body string false Comma delimited, or hyphenated sequence of addresses for use as client addresses in the virtual network.
my_manager_vip body string false IPAddress that must be allocated from the subnet, and be the same for all controllers
default body boolean false Specifices whether to use defualt topology addressing as specified by the license

Example responses

200 Response

{
  "response": {
    "license": "string",
    "finalized": true,
    "parameters": {
      "subnet": "string",
      "controllers": [
        "string"
      ],
      "managers": [
        "string"
      ],
      "clients": [
        "string"
      ],
      "asns": [
        0
      ],
      "my_manager_vip": "string"
    }
  }
}

400 Response

{
  "error": {
    "name": "APIArgumentError",
    "log": "156348346294205629750334447737345166168929",
    "message": "invalid asns field"
  }
}

Authentication information missing or invalid

{
  "error": {
    "name": "UnauthorizedError",
    "log": "1563472268929826518356034508450851266833526",
    "message": "Invalid or expired token"
  }
}

Responses

Status Meaning Description Schema
200 OK Put new license parameters for topology Inline
400 Bad Request Bad request Inline
401 Unauthorized Authentication information missing or invalid Inline

Response Schema

Status Code 200

LicenseParametersDetail

Name Type Required Constraints Description
  response object false - -
   license string false - -
   finalized boolean false - -
   parameters object false - -
    subnet string false - -
    controllers [string] false - IP addresses of VNS3 controllers in topology
    managers [string] false - IP addresses of VNS3 controllers in topology
    clients [string] false - IP addresses of clients in topology
    asns [integer] false - ASNs used by controllers in topology
    my_manager_vip string false - -

Status Code 400

Error

Name Type Required Constraints Description
  error object false - -
   name string false - -
   log string false - -
   message string false - -

Upgrade license

Code samples

# You can also use wget
curl -X PUT -u api:myapipassword https://vns3-host:8000/api/license/upgrade \
  -H 'Content-Type: text/plain' \
  -H 'Accept: application/json'

from cohesivenet import VNS3Client

api_response = vns3_client.licensing.put_license_upgrade()

print(api_response.json())

PUT /license/upgrade

Upload new license to controller

Body parameter

string

Example responses

200 Response

{
  "response": {
    "finalized": true,
    "uniq": "string",
    "license": "string",
    "new_clientpacks": 0,
    "new_managers": 0
  }
}

Authentication information missing or invalid

{
  "error": {
    "name": "UnauthorizedError",
    "log": "1563472268929826518356034508450851266833526",
    "message": "Invalid or expired token"
  }
}

Responses

Status Meaning Description Schema
200 OK New license parameters Inline
401 Unauthorized Authentication information missing or invalid Inline

Response Schema

Status Code 200

UpgradeLicenseResponse

Name Type Required Constraints Description
  response object false - -
   finalized boolean false - -
   uniq string false - new sha1 hash of license
   license string false - State of license, accepted, in-progress, failed
   new_clientpacks integer false - -
   new_managers integer false - -

Get MS configuration

Code samples

# You can also use wget
curl -X GET -u api:myapipassword https://vns3-host:8000/api/ms \
  -H 'Accept: application/json'

from cohesivenet import VNS3Client

api_response = vns3_client.config.get_ms_config(
    ip=ip)

print(api_response.json())

GET /ms

Get MS configuration

Parameters

Name In Type Required Description
ip query string false name of resource

Example responses

200 Response

{
  "response": {
    "id": 1,
    "name": "string",
    "url": "string",
    "enabled": true,
    "webhook_id": 1,
    "created_at": "2021-03-25T22:59:08Z",
    "updated_at": "2021-03-25T22:59:08Z",
    "events": [
      "string"
    ],
    "custom_properties": [
      {
        "name": "string",
        "value": "string"
      }
    ]
  }
}

Authentication information missing or invalid

{
  "error": {
    "name": "UnauthorizedError",
    "log": "1563472268929826518356034508450851266833526",
    "message": "Invalid or expired token"
  }
}

Responses

Status Meaning Description Schema
200 OK Get VNS3:ms alert success Inline
401 Unauthorized Authentication information missing or invalid Inline

Response Schema

Status Code 200

AlertDetailResponse

Name Type Required Constraints Description
  response object false - -
   id integer false - -
   name string false - -
   url string¦null false - -
   enabled boolean false - -
   webhook_id integer false - -
   created_at string(date-time) false - -
   updated_at string(date-time) false - -
   events [string] false - -
   custom_properties [object] false - -
    name string false - -
    value string false - -

Set MS for controller

Code samples

# You can also use wget
curl -X POST -u api:myapipassword https://vns3-host:8000/api/ms \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json'

from cohesivenet import VNS3Client

api_response = vns3_client.config.post_set_ms_config(
    ip=ip)

print(api_response.json())

POST /ms

Set VNS3 Management System endpoint

Body parameter

{
  "ip": "string"
}

Parameters

Name In Type Required Description
ip body string true VNS3 Management system endpoint IP address

Example responses

200 Response

{
  "response": {
    "ip": "string",
    "alert_enabled": true
  }
}

Authentication information missing or invalid

{
  "error": {
    "name": "UnauthorizedError",
    "log": "1563472268929826518356034508450851266833526",
    "message": "Invalid or expired token"
  }
}

Responses

Status Meaning Description Schema
200 OK OK Inline
400 Bad Request Bad request Inline
401 Unauthorized Authentication information missing or invalid Inline

Response Schema

Status Code 200

MSConfig

Name Type Required Constraints Description
  response object false - -
   ip string false - IP address of VNS3 Management Systems
   alert_enabled boolean false - Enable alerting to MS

Status Code 400

Error

Name Type Required Constraints Description
  error object false - -
   name string false - -
   log string false - -
   message string false - -

Update MS config for controller

Code samples

# You can also use wget
curl -X PUT -u api:myapipassword https://vns3-host:8000/api/ms \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json'

from cohesivenet import VNS3Client

api_response = vns3_client.config.update_ms_config(
    ip=ip,
    alert_enabled=alert_enabled)

print(api_response.json())

PUT /ms

Update VNS3 Management System integration

Body parameter

{
  "ip": "string",
  "alert_enabled": true
}

Parameters

Name In Type Required Description
ip body string false VNS3 Management system endpoint IP address
alert_enabled body boolean true Disable/Enable sending alerts to VNS3:ms

Example responses

200 Response

{
  "response": {
    "ip": "string",
    "alert_enabled": true
  }
}

Authentication information missing or invalid

{
  "error": {
    "name": "UnauthorizedError",
    "log": "1563472268929826518356034508450851266833526",
    "message": "Invalid or expired token"
  }
}

Responses

Status Meaning Description Schema
200 OK OK Inline
400 Bad Request Bad request Inline
401 Unauthorized Authentication information missing or invalid Inline

Response Schema

Status Code 200

MSConfig

Name Type Required Constraints Description
  response object false - -
   ip string false - IP address of VNS3 Management Systems
   alert_enabled boolean false - Enable alerting to MS

Status Code 400

Error

Name Type Required Constraints Description
  error object false - -
   name string false - -
   log string false - -
   message string false - -

Send test VNS3:ms alert

Code samples

# You can also use wget
curl -X POST -u api:myapipassword https://vns3-host:8000/api/ms/alert/test \
  -H 'Accept: application/json'

from cohesivenet import VNS3Client

api_response = vns3_client.config.post_send_test_ms_alert()

print(api_response.json())

POST /ms/alert/test

Send test alert to VNS3:ms

Example responses

200 Response

{
  "response": true
}

Authentication information missing or invalid

{
  "error": {
    "name": "UnauthorizedError",
    "log": "1563472268929826518356034508450851266833526",
    "message": "Invalid or expired token"
  }
}

Responses

Status Meaning Description Schema
200 OK OK Inline
400 Bad Request Bad request Inline
401 Unauthorized Authentication information missing or invalid Inline

Response Schema

Status Code 200

SimpleBooleanResponse

Name Type Required Constraints Description
  response boolean false - -

Status Code 400

Error

Name Type Required Constraints Description
  error object false - -
   name string false - -
   log string false - -
   message string false - -

IPsec

Control and manage your IPSec tunnels

Get IPsec status

Code samples

# You can also use wget
curl -X GET -u api:myapipassword https://vns3-host:8000/api/status/ipsec \
  -H 'Accept: application/json'

from cohesivenet import VNS3Client

api_response = vns3_client.ipsec.get_ipsec_status()

print(api_response.json())

GET /status/ipsec

Describe ipsec tunnels status

Example responses

200 Response

{
  "response": {
    "property1": {
      "id": 1,
      "local_subnet": "string",
      "remote_subnet": "string",
      "endpointid": 1,
      "endpoint_id": 1,
      "endpoint_name": "string",
      "enabled": true,
      "active": true,
      "description": "string",
      "bounce": true,
      "connected": true,
      "ping_interface": "eth0",
      "ping_interval": 0,
      "ping_ipaddress": "string",
      "tunnel_params": {
        "phase2": "string",
        "outbound_spi": "string",
        "inbound_spi": "string",
        "bytes_in": "string",
        "bytes_out": "string",
        "esp_time_remaining": "string",
        "esp_port": "string",
        "phase2_algo": "string",
        "phase2_hash": "string",
        "nat_t": "string",
        "dpd": "string",
        "pfs_dh_group": 0,
        "phase1": "string",
        "isakmp_port": "string",
        "isakmp_time_remaining": "string",
        "last_dpd": "string",
        "phase1_cipher": "string",
        "phase1_prf": "string",
        "phase1_dh_group": 0,
        "ike_version": "string"
      }
    },
    "property2": {
      "id": 1,
      "local_subnet": "string",
      "remote_subnet": "string",
      "endpointid": 1,
      "endpoint_id": 1,
      "endpoint_name": "string",
      "enabled": true,
      "active": true,
      "description": "string",
      "bounce": true,
      "connected": true,
      "ping_interface": "eth0",
      "ping_interval": 0,
      "ping_ipaddress": "string",
      "tunnel_params": {
        "phase2": "string",
        "outbound_spi": "string",
        "inbound_spi": "string",
        "bytes_in": "string",
        "bytes_out": "string",
        "esp_time_remaining": "string",
        "esp_port": "string",
        "phase2_algo": "string",
        "phase2_hash": "string",
        "nat_t": "string",
        "dpd": "string",
        "pfs_dh_group": 0,
        "phase1": "string",
        "isakmp_port": "string",
        "isakmp_time_remaining": "string",
        "last_dpd": "string",
        "phase1_cipher": "string",
        "phase1_prf": "string",
        "phase1_dh_group": 0,
        "ike_version": "string"
      }
    }
  }
}

Authentication information missing or invalid

{
  "error": {
    "name": "UnauthorizedError",
    "log": "1563472268929826518356034508450851266833526",
    "message": "Invalid or expired token"
  }
}

403 Response

{
  "unlicensedExample": {
    "value": {
      "error": {
        "name": "PrerequisiteError",
        "log": "1563472268929826518356034508450851266833526",
        "message": "Must be licensed first."
      }
    }
  }
}

Responses

Status Meaning Description Schema
200 OK OK Inline
401 Unauthorized Authentication information missing or invalid Inline
403 Forbidden Request Forbidden - operation not allowed Inline

Response Schema

Status Code 200

IpsecTunnelListResponseKeyValue

Name Type Required Constraints Description
  response object false - Ipsec tunnel details keyed by ID
   IpsecTunnel object false - -
    id integer false - -
    local_subnet string false - -
    remote_subnet string false - -
    endpointid integer false - -
    endpoint_id integer false - -
    endpoint_name string false - -
    enabled boolean false - -
    active boolean false - -
    description string¦null false - -
    bounce boolean false - True if tunnel was just bounced
    connected boolean false - -
    ping_interface string false - -
    ping_interval integer¦null false - Interval for ping in seconds
    ping_ipaddress string false - -
    tunnel_params object false - -
     phase2 string false - -
     outbound_spi string false - -
     inbound_spi string false - -
     bytes_in string false - -
     bytes_out string false - -
     esp_time_remaining string false - -
     esp_port string false - -
     phase2_algo string false - -
     phase2_hash string false - -
     nat_t string false - -
     dpd string false - -
     pfs_dh_group integer¦null false - -
     phase1 string false - -
     isakmp_port string false - -
     isakmp_time_remaining string false - -
     last_dpd string false - -
     phase1_cipher string¦null false - -
     phase1_prf string¦null false - -
     phase1_dh_group integer¦null false - -
     ike_version string false - -

Enumerated Values

Property Value
ping_interface eth0
ping_interface tun0

Code samples

# You can also use wget
curl -X GET -u api:myapipassword https://vns3-host:8000/api/status/link_history \
  -H 'Accept: application/json'

from cohesivenet import VNS3Client

api_response = vns3_client.ipsec.get_ipsec_link_history(
    remote=remote,
    local=local,
    tunnelid=tunnelid)

print(api_response.json())

GET /status/link_history

Provides information about the connection history of the subnet or tunnel

Name In Type Required Description
remote query string false Address string in CIDR format to display link history to a remote endpoint.
local query string false Address string in CIDR format which will display status of the local route
tunnelid query integer false Will display link history of just the tunnel specified, which may be only one tunnel to a remote endpoint.

Example responses

200 Response

{
  "response": {
    "remote": "string",
    "local": "string",
    "tunnelid": 1,
    "history": [
      {
        "event": "string",
        "timestamp": "string",
        "timestamp_i": 0
      }
    ]
  }
}

400 Response

{
  "error": {
    "name": "APIArgumentError",
    "log": "1564152672558671466135091328226684573894656",
    "message": "bad or invalid remote"
  }
}

Authentication information missing or invalid

{
  "error": {
    "name": "UnauthorizedError",
    "log": "1563472268929826518356034508450851266833526",
    "message": "Invalid or expired token"
  }
}

403 Response

{
  "unlicensedExample": {
    "value": {
      "error": {
        "name": "PrerequisiteError",
        "log": "1563472268929826518356034508450851266833526",
        "message": "Must be licensed first."
      }
    }
  }
}
Status Meaning Description Schema
200 OK OK Inline
400 Bad Request Bad request Inline
401 Unauthorized Authentication information missing or invalid Inline
403 Forbidden Request Forbidden - operation not allowed Inline

Status Code 200

LinkHistoryDetail

Name Type Required Constraints Description
  response object false - -
   remote string false - -
   local string false - -
   tunnelid integer false - -
   history [object] false - -
    LinkEvent object false - -
     event string false - Tunnel event, up or down
     timestamp string false - -
     timestamp_i integer false - -

Status Code 400

Error

Name Type Required Constraints Description
  error object false - -
   name string false - -
   log string false - -
   message string false - -

Get connected subnets

Code samples

# You can also use wget
curl -X GET -u api:myapipassword https://vns3-host:8000/api/status/connected_subnets \
  -H 'Accept: application/json'

from cohesivenet import VNS3Client

api_response = vns3_client.ipsec.get_connected_subnets(
    extended_output=extended_output)

print(api_response.json())

GET /status/connected_subnets

Provides information about any connected subnets.

Parameters

Name In Type Required Description
extended_output query boolean false Receive verbose information about resources

Example responses

200 Response

{
  "response": [
    [
      "string"
    ]
  ]
}

Authentication information missing or invalid

{
  "error": {
    "name": "UnauthorizedError",
    "log": "1563472268929826518356034508450851266833526",
    "message": "Invalid or expired token"
  }
}

Responses

Status Meaning Description Schema
200 OK OK Inline
401 Unauthorized Authentication information missing or invalid Inline

Response Schema

Status Code 200

ConnectedSubnetsDetailResponse

Name Type Required Constraints Description
  response any false - -

oneOf

Name Type Required Constraints Description
   any [array] false - Array of arrays with each element of length 2 representing [network, subnet mask]

xor

Name Type Required Constraints Description
   any [object] false - -
    ConnectedSubnet object false - -
     subnet string false - -
     network string false - -
     cidr_mask string false - -
     managerid integer false - -
     netmask string false - -
     origin string false - ipsec, local_no_encryption, remote_manager, or ebgp

Get IPsec details

Code samples

# You can also use wget
curl -X GET -u api:myapipassword https://vns3-host:8000/api/ipsec \
  -H 'Accept: application/json'

from cohesivenet import VNS3Client

api_response = vns3_client.ipsec.get_ipsec_details()

print(api_response.json())

GET /ipsec

Get details for all IPsec endpoints/subnets

Example responses

200 Response

{
  "response": {
    "this_endpoint": {
      "ipaddress": "3.222.68.251",
      "overlay_subnet": "100.127.255.192/26",
      "private_ipaddress": "192.168.1.230",
      "ipsec_local_ipaddress": "192.168.1.230",
      "asn": 65001
    },
    "remote_endpoints": {}
  }
}

Authentication information missing or invalid

{
  "error": {
    "name": "UnauthorizedError",
    "log": "1563472268929826518356034508450851266833526",
    "message": "Invalid or expired token"
  }
}

Responses

Status Meaning Description Schema
200 OK OK Inline
401 Unauthorized Authentication information missing or invalid Inline

Response Schema

Status Code 200

IpsecSystemDetail

Name Type Required Constraints Description
  response object false - -
   this_endpoint object false - -
    nat_traversal boolean false - -
    ipaddress string false - -
    overlay_subnet string false - -
    private_ipaddress string false - -
    ipsec_local_ipaddress string false - -
    asn integer false - -
   remote_endpoints object false - -
    IpsecRemoteEndpoint object false - -
     id integer false - -
     name string false - -
     ipaddress string false - -
     nat_t_enabled boolean false - -
     ike_version integer false - -
     pfs boolean false - Perfect forward secrecy enabled
     private_ipaddress string false - -
     extra_config [string] false - -
     tunnels object false - -
      IpsecTunnel object false - -
       id integer false - -
       local_subnet string false - -
       remote_subnet string false - -
       endpointid integer false - -
       endpoint_id integer false - -
       endpoint_name string false - -
       enabled boolean false - -
       active boolean false - -
       description string¦null false - -
       bounce boolean false - True if tunnel was just bounced
       connected boolean false - -
       ping_interface string false - -
       ping_interval integer¦null false - Interval for ping in seconds
       ping_ipaddress string false - -
       tunnel_params object false - -
        phase2 string false - -
        outbound_spi string false - -
        inbound_spi string false - -
        bytes_in string false - -
        bytes_out string false - -
        esp_time_remaining string false - -
        esp_port string false - -
        phase2_algo string false - -
        phase2_hash string false - -
        nat_t string false - -
        dpd string false - -
        pfs_dh_group integer¦null false - -
        phase1 string false - -
        isakmp_port string false - -
        isakmp_time_remaining string false - -
        last_dpd string false - -
        phase1_cipher string¦null false - -
        phase1_prf string¦null false - -
        phase1_dh_group integer¦null false - -
        ike_version string false - -
     bgp_peers object false - -
      BGPPeer object false - -
       asn integer false - -
       ipaddress string false - -
       access_list string false - List of "in permit CIDR" and/or "out permit CIDR" statements in a string delimited by "\n"
       id integer false - -
       bgp_password string false - -
       add_network_distance boolean false - -
       add_network_distance_direction string false - in or out
       add_network_distance_hops integer false - -
       connection_detail string false - -
     type string false - Indicating Ipsec or GRE over ipsec
     vpn_type string false - -
     gre_interface_address string false - -
     route_based_int_address string false - -
     route_based_local string false - -
     route_based_remote string false - -
     psk string false - -

Enumerated Values

Property Value
ping_interface eth0
ping_interface tun0

Restart ipsec subystem

Code samples

# You can also use wget
curl -X POST -u api:myapipassword https://vns3-host:8000/api/ipsec \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json'

from cohesivenet import VNS3Client

api_response = vns3_client.ipsec.post_restart_ipsec_action(
    restart=restart)

print(api_response.json())

POST /ipsec

Restart ipsec subystem

Body parameter

{
  "restart": true
}

Parameters

Name In Type Required Description
restart body boolean true Restarts target system on server if true

Example responses

200 Response

{
  "response": {
    "restart": true
  }
}

400 Response

{
  "error": {
    "name": "APIArgumentError",
    "log": "156398145066351285906955697179258297423716",
    "message": "restart is invalid"
  }
}

Authentication information missing or invalid

{
  "error": {
    "name": "UnauthorizedError",
    "log": "1563472268929826518356034508450851266833526",
    "message": "Invalid or expired token"
  }
}

Responses

Status Meaning Description Schema
200 OK Accepted Inline
400 Bad Request Bad request Inline
401 Unauthorized Authentication information missing or invalid Inline

Response Schema

Status Code 200

RestartStatus

Name Type Required Constraints Description
  response object false - -
   restart boolean false - -

Status Code 400

Error

Name Type Required Constraints Description
  error object false - -
   name string false - -
   log string false - -
   message string false - -

Update IPsec config

Code samples

# You can also use wget
curl -X PUT -u api:myapipassword https://vns3-host:8000/api/ipsec \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json'

from cohesivenet import VNS3Client

api_response = vns3_client.ipsec.put_update_ipsec_config(
    ipsec_local_ipaddress=ipsec_local_ipaddress)

print(api_response.json())

PUT /ipsec

Edit Ipsec Configuration on device. Note, This is device wide and must be set before any remote endpoint definitions are created. If it needs to be changed, all remote endpoint information and tunnel information must be deleted first.

Body parameter

{
  "ipsec_local_ipaddress": "string"
}

Parameters

Name In Type Required Description
ipsec_local_ipaddress body string true This is effectively a "cloud NAT" address, since you don't know what your LAN address will be between invocations in a cloud, this address can be used by remote endpoints as your "behind a NAT" address, sometimes referred to Peer or IKE ID, if needed (e.g. Watchguard or Juniper). It can ALSO be thought of even more simply as an IPsec "loopback" interface that you can use to terminate traffic.

Example responses

200 Response

{
  "response": {
    "this_endpoint": {
      "nat_traversal": true,
      "ipaddress": "string",
      "overlay_subnet": "string",
      "private_ipaddress": "string",
      "ipsec_local_ipaddress": "string",
      "asn": 0
    },
    "remote_endpoints": {
      "property1": {
        "id": 1,
        "name": "string",
        "ipaddress": "string",
        "nat_t_enabled": true,
        "ike_version": 0,
        "pfs": true,
        "private_ipaddress": "string",
        "extra_config": [
          "string"
        ],
        "tunnels": {
          "property1": {
            "id": 1,
            "local_subnet": "string",
            "remote_subnet": "string",
            "endpointid": 1,
            "endpoint_id": 1,
            "endpoint_name": "string",
            "enabled": true,
            "active": true,
            "description": "string",
            "bounce": true,
            "connected": true,
            "ping_interface": "eth0",
            "ping_interval": 0,
            "ping_ipaddress": "string",
            "tunnel_params": {
              "phase2": "string",
              "outbound_spi": "string",
              "inbound_spi": "string",
              "bytes_in": "string",
              "bytes_out": "string",
              "esp_time_remaining": "string",
              "esp_port": "string",
              "phase2_algo": "string",
              "phase2_hash": "string",
              "nat_t": "string",
              "dpd": "string",
              "pfs_dh_group": 0,
              "phase1": "string",
              "isakmp_port": "string",
              "isakmp_time_remaining": "string",
              "last_dpd": "string",
              "phase1_cipher": "string",
              "phase1_prf": "string",
              "phase1_dh_group": 0,
              "ike_version": "string"
            }
          },
          "property2": {
            "id": 1,
            "local_subnet": "string",
            "remote_subnet": "string",
            "endpointid": 1,
            "endpoint_id": 1,
            "endpoint_name": "string",
            "enabled": true,
            "active": true,
            "description": "string",
            "bounce": true,
            "connected": true,
            "ping_interface": "eth0",
            "ping_interval": 0,
            "ping_ipaddress": "string",
            "tunnel_params": {
              "phase2": "string",
              "outbound_spi": "string",
              "inbound_spi": "string",
              "bytes_in": "string",
              "bytes_out": "string",
              "esp_time_remaining": "string",
              "esp_port": "string",
              "phase2_algo": "string",
              "phase2_hash": "string",
              "nat_t": "string",
              "dpd": "string",
              "pfs_dh_group": 0,
              "phase1": "string",
              "isakmp_port": "string",
              "isakmp_time_remaining": "string",
              "last_dpd": "string",
              "phase1_cipher": "string",
              "phase1_prf": "string",
              "phase1_dh_group": 0,
              "ike_version": "string"
            }
          }
        },
        "bgp_peers": {
          "property1": {
            "asn": 0,
            "ipaddress": "string",
            "access_list": "string",
            "id": 1,
            "bgp_password": "string",
            "add_network_distance": true,
            "add_network_distance_direction": "string",
            "add_network_distance_hops": 0,
            "connection_detail": "string"
          },
          "property2": {
            "asn": 0,
            "ipaddress": "string",
            "access_list": "string",
            "id": 1,
            "bgp_password": "string",
            "add_network_distance": true,
            "add_network_distance_direction": "string",
            "add_network_distance_hops": 0,
            "connection_detail": "string"
          }
        },
        "type": "string",
        "vpn_type": "string",
        "gre_interface_address": "string",
        "route_based_int_address": "string",
        "route_based_local": "string",
        "route_based_remote": "string",
        "psk": "string"
      },
      "property2": {
        "id": 1,
        "name": "string",
        "ipaddress": "string",
        "nat_t_enabled": true,
        "ike_version": 0,
        "pfs": true,
        "private_ipaddress": "string",
        "extra_config": [
          "string"
        ],
        "tunnels": {
          "property1": {
            "id": 1,
            "local_subnet": "string",
            "remote_subnet": "string",
            "endpointid": 1,
            "endpoint_id": 1,
            "endpoint_name": "string",
            "enabled": true,
            "active": true,
            "description": "string",
            "bounce": true,
            "connected": true,
            "ping_interface": "eth0",
            "ping_interval": 0,
            "ping_ipaddress": "string",
            "tunnel_params": {
              "phase2": "string",
              "outbound_spi": "string",
              "inbound_spi": "string",
              "bytes_in": "string",
              "bytes_out": "string",
              "esp_time_remaining": "string",
              "esp_port": "string",
              "phase2_algo": "string",
              "phase2_hash": "string",
              "nat_t": "string",
              "dpd": "string",
              "pfs_dh_group": 0,
              "phase1": "string",
              "isakmp_port": "string",
              "isakmp_time_remaining": "string",
              "last_dpd": "string",
              "phase1_cipher": "string",
              "phase1_prf": "string",
              "phase1_dh_group": 0,
              "ike_version": "string"
            }
          },
          "property2": {
            "id": 1,
            "local_subnet": "string",
            "remote_subnet": "string",
            "endpointid": 1,
            "endpoint_id": 1,
            "endpoint_name": "string",
            "enabled": true,
            "active": true,
            "description": "string",
            "bounce": true,
            "connected": true,
            "ping_interface": "eth0",
            "ping_interval": 0,
            "ping_ipaddress": "string",
            "tunnel_params": {
              "phase2": "string",
              "outbound_spi": "string",
              "inbound_spi": "string",
              "bytes_in": "string",
              "bytes_out": "string",
              "esp_time_remaining": "string",
              "esp_port": "string",
              "phase2_algo": "string",
              "phase2_hash": "string",
              "nat_t": "string",
              "dpd": "string",
              "pfs_dh_group": 0,
              "phase1": "string",
              "isakmp_port": "string",
              "isakmp_time_remaining": "string",
              "last_dpd": "string",
              "phase1_cipher": "string",
              "phase1_prf": "string",
              "phase1_dh_group": 0,
              "ike_version": "string"
            }
          }
        },
        "bgp_peers": {
          "property1": {
            "asn": 0,
            "ipaddress": "string",
            "access_list": "string",
            "id": 1,
            "bgp_password": "string",
            "add_network_distance": true,
            "add_network_distance_direction": "string",
            "add_network_distance_hops": 0,
            "connection_detail": "string"
          },
          "property2": {
            "asn": 0,
            "ipaddress": "string",
            "access_list": "string",
            "id": 1,
            "bgp_password": "string",
            "add_network_distance": true,
            "add_network_distance_direction": "string",
            "add_network_distance_hops": 0,
            "connection_detail": "string"
          }
        },
        "type": "string",
        "vpn_type": "string",
        "gre_interface_address": "string",
        "route_based_int_address": "string",
        "route_based_local": "string",
        "route_based_remote": "string",
        "psk": "string"
      }
    }
  }
}

400 Response

{
  "error": {
    "name": "APIArgumentError",
    "log": "156398145066351285906955697179258297423716",
    "message": "ipsec_local_address is invalid"
  }
}

Authentication information missing or invalid

{
  "error": {
    "name": "UnauthorizedError",
    "log": "1563472268929826518356034508450851266833526",
    "message": "Invalid or expired token"
  }
}

Responses

Status Meaning Description Schema
200 OK Accepted Inline
400 Bad Request Bad request Inline
401 Unauthorized Authentication information missing or invalid Inline

Response Schema

Status Code 200

IpsecSystemDetail

Name Type Required Constraints Description
  response object false - -
   this_endpoint object false - -
    nat_traversal boolean false - -
    ipaddress string false - -
    overlay_subnet string false - -
    private_ipaddress string false - -
    ipsec_local_ipaddress string false - -
    asn integer false - -
   remote_endpoints object false - -
    IpsecRemoteEndpoint object false - -
     id integer false - -
     name string false - -
     ipaddress string false - -
     nat_t_enabled boolean false - -
     ike_version integer false - -
     pfs boolean false - Perfect forward secrecy enabled
     private_ipaddress string false - -
     extra_config [string] false - -
     tunnels object false - -
      IpsecTunnel object false - -
       id integer false - -
       local_subnet string false - -
       remote_subnet string false - -
       endpointid integer false - -
       endpoint_id integer false - -
       endpoint_name string false - -
       enabled boolean false - -
       active boolean false - -
       description string¦null false - -
       bounce boolean false - True if tunnel was just bounced
       connected boolean false - -
       ping_interface string false - -
       ping_interval integer¦null false - Interval for ping in seconds
       ping_ipaddress string false - -
       tunnel_params object false - -
        phase2 string false - -
        outbound_spi string false - -
        inbound_spi string false - -
        bytes_in string false - -
        bytes_out string false - -
        esp_time_remaining string false - -
        esp_port string false - -
        phase2_algo string false - -
        phase2_hash string false - -
        nat_t string false - -
        dpd string false - -
        pfs_dh_group integer¦null false - -
        phase1 string false - -
        isakmp_port string false - -
        isakmp_time_remaining string false - -
        last_dpd string false - -
        phase1_cipher string¦null false - -
        phase1_prf string¦null false - -
        phase1_dh_group integer¦null false - -
        ike_version string false - -
     bgp_peers object false - -
      BGPPeer object false - -
       asn integer false - -
       ipaddress string false - -
       access_list string false - List of "in permit CIDR" and/or "out permit CIDR" statements in a string delimited by "\n"
       id integer false - -
       bgp_password string false - -
       add_network_distance boolean false - -
       add_network_distance_direction string false - in or out
       add_network_distance_hops integer false - -
       connection_detail string false - -
     type string false - Indicating Ipsec or GRE over ipsec
     vpn_type string false - -
     gre_interface_address string false - -
     route_based_int_address string false - -
     route_based_local string false - -
     route_based_remote string false - -
     psk string false - -

Enumerated Values

Property Value
ping_interface eth0
ping_interface tun0

Status Code 400

Error

Name Type Required Constraints Description
  error object false - -
   name string false - -
   log string false - -
   message string false - -

Create IPsec endpoint

Code samples

# You can also use wget
curl -X POST -u api:myapipassword https://vns3-host:8000/api/ipsec/endpoints \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json'

from cohesivenet import VNS3Client

api_response = vns3_client.ipsec.post_create_ipsec_endpoint(
    name=name,
    ipaddress=ipaddress,
    secret=secret,
    pfs=pfs,
    ike_version=ike_version,
    nat_t_enabled=nat_t_enabled,
    extra_config=extra_config,
    private_ipaddress=private_ipaddress,
    gre=gre,
    gre_interface_address=gre_interface_address,
    vpn_type=vpn_type,
    route_based_int_address=route_based_int_address,
    route_based_local=route_based_local,
    route_based_remote=route_based_remote)

print(api_response.json())

POST /ipsec/endpoints

Create IPsec connection to the defined remote gateway

Body parameter

{
  "name": "string",
  "ipaddress": "string",
  "secret": "string",
  "pfs": true,
  "ike_version": 1,
  "nat_t_enabled": true,
  "extra_config": "string",
  "private_ipaddress": "string",
  "gre": true,
  "gre_interface_address": "string",
  "vpn_type": "policy",
  "route_based_int_address": "string",
  "route_based_local": "string",
  "route_based_remote": "string"
}

Parameters

Name In Type Required Description
name body string true Name for the connection.
ipaddress body string true IP of the remote gateway
secret body string true Pre-shared key
pfs body boolean false Perfect Forward Secrecy if true, disables if false.
ike_version body integer false Version for IKE algorithm
nat_t_enabled body boolean false True if you want encapsulated IPsec protocol to this gateway
extra_config body string false Additional optionals for connection such as 'phase1=aes256_gcm-sha2_256-dh14 phase2=aes256_gcm'
private_ipaddress body string false Internal NAT address of the remote gateway
gre body boolean false True if GRE is being used for the specific endpoint
gre_interface_address body string false Interface for GRE in /30 format
vpn_type body string false policy, gre, vti
route_based_int_address body string false -
route_based_local body string false -
route_based_remote body string false -

Enumerated Values

Parameter Value
ike_version 1
ike_version 2

Example responses

200 Response

{
  "response": {
    "id": 1,
    "name": "EndpointB",
    "ipaddress": "13.53.72.182",
    "pfs": true,
    "ike_version": 2,
    "nat_t_enabled": true,
    "private_ipaddress": "192.0.2.254",
    "extra_config": [],
    "tunnels": {
      "3": {
        "id": 3,
        "local_subnet": "172.31.0.0/28",
        "remote_subnet": "192.168.10.0/22",
        "endpoint_id": 1,
        "enabled": true,
        "description": "tunnel description",
        "ping_ipaddress": "",
        "ping_interface": "tun0",
        "ping_interval": null
      }
    },
    "bgp_peers": {},
    "type": "ipsec",
    "vpn_type": "policy",
    "psk": "testtest"
  }
}

400 Response

{
  "error": {
    "name": "APIArgumentError",
    "log": "156398145066351285906955697179258297423716",
    "message": "ipaddress is invalid"
  }
}

Authentication information missing or invalid

{
  "error": {
    "name": "UnauthorizedError",
    "log": "1563472268929826518356034508450851266833526",
    "message": "Invalid or expired token"
  }
}

Responses

Status Meaning Description Schema
200 OK Created Inline
400 Bad Request Bad request Inline
401 Unauthorized Authentication information missing or invalid Inline

Response Schema

Status Code 200

IpsecRemoteEndpointDetail

Name Type Required Constraints Description
  response object false - -
   id integer false - -
   name string false - -
   ipaddress string false - -
   nat_t_enabled boolean false - -
   ike_version integer false - -
   pfs boolean false - Perfect forward secrecy enabled
   private_ipaddress string false - -
   extra_config [string] false - -
   tunnels object false - -
    IpsecTunnel object false - -
     id integer false - -
     local_subnet string false - -
     remote_subnet string false - -
     endpointid integer false - -
     endpoint_id integer false - -
     endpoint_name string false - -
     enabled boolean false - -
     active boolean false - -
     description string¦null false - -
     bounce boolean false - True if tunnel was just bounced
     connected boolean false - -
     ping_interface string false - -
     ping_interval integer¦null false - Interval for ping in seconds
     ping_ipaddress string false - -
     tunnel_params object false - -
      phase2 string false - -
      outbound_spi string false - -
      inbound_spi string false - -
      bytes_in string false - -
      bytes_out string false - -
      esp_time_remaining string false - -
      esp_port string false - -
      phase2_algo string false - -
      phase2_hash string false - -
      nat_t string false - -
      dpd string false - -
      pfs_dh_group integer¦null false - -
      phase1 string false - -
      isakmp_port string false - -
      isakmp_time_remaining string false - -
      last_dpd string false - -
      phase1_cipher string¦null false - -
      phase1_prf string¦null false - -
      phase1_dh_group integer¦null false - -
      ike_version string false - -
   bgp_peers object false - -
    BGPPeer object false - -
     asn integer false - -
     ipaddress string false - -
     access_list string false - List of "in permit CIDR" and/or "out permit CIDR" statements in a string delimited by "\n"
     id integer false - -
     bgp_password string false - -
     add_network_distance boolean false - -
     add_network_distance_direction string false - in or out
     add_network_distance_hops integer false - -
     connection_detail string false - -
   type string false - Indicating Ipsec or GRE over ipsec
   vpn_type string false - -
   gre_interface_address string false - -
   route_based_int_address string false - -
   route_based_local string false - -
   route_based_remote string false - -
   psk string false - -

Enumerated Values

Property Value
ping_interface eth0
ping_interface tun0

Status Code 400

Error

Name Type Required Constraints Description
  error object false - -
   name string false - -
   log string false - -
   message string false - -

Get IPsec endpoint

Code samples

# You can also use wget
curl -X GET -u api:myapipassword https://vns3-host:8000/api/ipsec/endpoints/{endpoint_id} \
  -H 'Accept: application/json'

from cohesivenet import VNS3Client

api_response = vns3_client.ipsec.get_ipsec_endpoint(endpoint_id)

print(api_response.json())

GET /ipsec/endpoints/{endpoint_id}

Get IPsec endpoint information

Parameters

Name In Type Required Description
endpoint_id path integer true ID for IPsec endpoint

Example responses

200 Response

{
  "response": {
    "id": 1,
    "name": "EndpointB",
    "ipaddress": "13.53.72.182",
    "pfs": true,
    "ike_version": 2,
    "nat_t_enabled": true,
    "private_ipaddress": "192.0.2.254",
    "extra_config": [],
    "tunnels": {
      "3": {
        "id": 3,
        "local_subnet": "172.31.0.0/28",
        "remote_subnet": "192.168.10.0/22",
        "endpoint_id": 1,
        "enabled": true,
        "description": "tunnel description",
        "ping_ipaddress": "",
        "ping_interface": "tun0",
        "ping_interval": null
      }
    },
    "bgp_peers": {},
    "type": "ipsec",
    "vpn_type": "policy",
    "psk": "testtest"
  }
}

Authentication information missing or invalid

{
  "error": {
    "name": "UnauthorizedError",
    "log": "1563472268929826518356034508450851266833526",
    "message": "Invalid or expired token"
  }
}

Responses

Status Meaning Description Schema
200 OK OK Inline
401 Unauthorized Authentication information missing or invalid Inline

Response Schema

Status Code 200

IpsecRemoteEndpointDetail

Name Type Required Constraints Description
  response object false - -
   id integer false - -
   name string false - -
   ipaddress string false - -
   nat_t_enabled boolean false - -
   ike_version integer false - -
   pfs boolean false - Perfect forward secrecy enabled
   private_ipaddress string false - -
   extra_config [string] false - -
   tunnels object false - -
    IpsecTunnel object false - -
     id integer false - -
     local_subnet string false - -
     remote_subnet string false - -
     endpointid integer false - -
     endpoint_id integer false - -
     endpoint_name string false - -
     enabled boolean false - -
     active boolean false - -
     description string¦null false - -
     bounce boolean false - True if tunnel was just bounced
     connected boolean false - -
     ping_interface string false - -
     ping_interval integer¦null false - Interval for ping in seconds
     ping_ipaddress string false - -
     tunnel_params object false - -
      phase2 string false - -
      outbound_spi string false - -
      inbound_spi string false - -
      bytes_in string false - -
      bytes_out string false - -
      esp_time_remaining string false - -
      esp_port string false - -
      phase2_algo string false - -
      phase2_hash string false - -
      nat_t string false - -
      dpd string false - -
      pfs_dh_group integer¦null false - -
      phase1 string false - -
      isakmp_port string false - -
      isakmp_time_remaining string false - -
      last_dpd string false - -
      phase1_cipher string¦null false - -
      phase1_prf string¦null false - -
      phase1_dh_group integer¦null false - -
      ike_version string false - -
   bgp_peers object false - -
    BGPPeer object false - -
     asn integer false - -
     ipaddress string false - -
     access_list string false - List of "in permit CIDR" and/or "out permit CIDR" statements in a string delimited by "\n"
     id integer false - -
     bgp_password string false - -
     add_network_distance boolean false - -
     add_network_distance_direction string false - in or out
     add_network_distance_hops integer false - -
     connection_detail string false - -
   type string false - Indicating Ipsec or GRE over ipsec
   vpn_type string false - -
   gre_interface_address string false - -
   route_based_int_address string false - -
   route_based_local string false - -
   route_based_remote string false - -
   psk string false - -

Enumerated Values

Property Value
ping_interface eth0
ping_interface tun0

Update IPsec endpoint

Code samples

# You can also use wget
curl -X PUT -u api:myapipassword https://vns3-host:8000/api/ipsec/endpoints/{endpoint_id} \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json'

from cohesivenet import VNS3Client

api_response = vns3_client.ipsec.put_update_ipsec_endpoint(endpoint_id,
    name=name,
    ipaddress=ipaddress,
    secret=secret,
    pfs=pfs,
    ike_version=ike_version,
    nat_t_enabled=nat_t_enabled,
    extra_config=extra_config,
    private_ipaddress=private_ipaddress,
    gre=gre,
    gre_interface_address=gre_interface_address,
    vpn_type=vpn_type,
    route_based_int_address=route_based_int_address,
    route_based_local=route_based_local,
    route_based_remote=route_based_remote)

print(api_response.json())

PUT /ipsec/endpoints/{endpoint_id}

Edit IPsec endpoint connection configuration parameters

Body parameter

{
  "name": "string",
  "ipaddress": "string",
  "secret": "string",
  "pfs": true,
  "ike_version": 1,
  "nat_t_enabled": true,
  "extra_config": "string",
  "private_ipaddress": "string",
  "gre": true,
  "gre_interface_address": "string",
  "vpn_type": "string",
  "route_based_int_address": "string",
  "route_based_local": "string",
  "route_based_remote": "string"
}

Parameters

Name In Type Required Description
endpoint_id path integer true ID for IPsec endpoint
name body string false Name for the connection.
ipaddress body string false IP of the remote gateway
secret body string false Pre-shared key
pfs body boolean false Perfect Forward Secrecy if true, disables if false.
ike_version body integer false Version for IKE algorithm
nat_t_enabled body boolean false True if you want encapsulated IPsec protocol to this gateway
extra_config body string false Additional optionals for connection such as 'phase1=aes256_gcm-sha2_256-dh14 phase2=aes256_gcm'
private_ipaddress body string false Internal NAT address of the remote gateway
gre body boolean false True if GRE is being used for the specific endpoint
gre_interface_address body string false Interface address for GRE
vpn_type body string false policy, gre, vti
route_based_int_address body string false -
route_based_local body string false -
route_based_remote body string false -

Enumerated Values

Parameter Value
ike_version 1
ike_version 2

Example responses

200 Response

{
  "response": {
    "id": 1,
    "name": "EndpointB",
    "ipaddress": "13.53.72.182",
    "pfs": true,
    "ike_version": 2,
    "nat_t_enabled": true,
    "private_ipaddress": "192.0.2.254",
    "extra_config": [],
    "tunnels": {
      "3": {
        "id": 3,
        "local_subnet": "172.31.0.0/28",
        "remote_subnet": "192.168.10.0/22",
        "endpoint_id": 1,
        "enabled": true,
        "description": "tunnel description",
        "ping_ipaddress": "",
        "ping_interface": "tun0",
        "ping_interval": null
      }
    },
    "bgp_peers": {},
    "type": "ipsec",
    "vpn_type": "policy",
    "psk": "testtest"
  }
}

400 Response

{
  "error": {
    "name": "APIArgumentError",
    "log": "156398145066351285906955697179258297423716",
    "message": "nat_t_enabled is invalid"
  }
}

Authentication information missing or invalid

{
  "error": {
    "name": "UnauthorizedError",
    "log": "1563472268929826518356034508450851266833526",
    "message": "Invalid or expired token"
  }
}

Responses

Status Meaning Description Schema
200 OK Accepted Inline
400 Bad Request Bad request Inline
401 Unauthorized Authentication information missing or invalid Inline

Response Schema

Status Code 200

IpsecRemoteEndpointDetail

Name Type Required Constraints Description
  response object false - -
   id integer false - -
   name string false - -
   ipaddress string false - -
   nat_t_enabled boolean false - -
   ike_version integer false - -
   pfs boolean false - Perfect forward secrecy enabled
   private_ipaddress string false - -
   extra_config [string] false - -
   tunnels object false - -
    IpsecTunnel object false - -
     id integer false - -
     local_subnet string false - -
     remote_subnet string false - -
     endpointid integer false - -
     endpoint_id integer false - -
     endpoint_name string false - -
     enabled boolean false - -
     active boolean false - -
     description string¦null false - -
     bounce boolean false - True if tunnel was just bounced
     connected boolean false - -
     ping_interface string false - -
     ping_interval integer¦null false - Interval for ping in seconds
     ping_ipaddress string false - -
     tunnel_params object false - -
      phase2 string false - -
      outbound_spi string false - -
      inbound_spi string false - -
      bytes_in string false - -
      bytes_out string false - -
      esp_time_remaining string false - -
      esp_port string false - -
      phase2_algo string false - -
      phase2_hash string false - -
      nat_t string false - -
      dpd string false - -
      pfs_dh_group integer¦null false - -
      phase1 string false - -
      isakmp_port string false - -
      isakmp_time_remaining string false - -
      last_dpd string false - -
      phase1_cipher string¦null false - -
      phase1_prf string¦null false - -
      phase1_dh_group integer¦null false - -
      ike_version string false - -
   bgp_peers object false - -
    BGPPeer object false - -
     asn integer false - -
     ipaddress string false - -
     access_list string false - List of "in permit CIDR" and/or "out permit CIDR" statements in a string delimited by "\n"
     id integer false - -
     bgp_password string false - -
     add_network_distance boolean false - -
     add_network_distance_direction string false - in or out
     add_network_distance_hops integer false - -
     connection_detail string false - -
   type string false - Indicating Ipsec or GRE over ipsec
   vpn_type string false - -
   gre_interface_address string false - -
   route_based_int_address string false - -
   route_based_local string false - -
   route_based_remote string false - -
   psk string false - -

Enumerated Values

Property Value
ping_interface eth0
ping_interface tun0

Status Code 400

Error

Name Type Required Constraints Description
  error object false - -
   name string false - -
   log string false - -
   message string false - -

Delete IPsec endpoint

Code samples

# You can also use wget
curl -X DELETE -u api:myapipassword https://vns3-host:8000/api/ipsec/endpoints/{endpoint_id} \
  -H 'Accept: application/json'

from cohesivenet import VNS3Client

api_response = vns3_client.ipsec.delete_ipsec_endpoint(endpoint_id)

print(api_response.json())

DELETE /ipsec/endpoints/{endpoint_id}

Delete IPsec endpoint

Parameters

Name In Type Required Description
endpoint_id path integer true ID for IPsec endpoint

Example responses

200 Response

{
  "response": {
    "this_endpoint": {
      "nat_traversal": true,
      "ipaddress": "string",
      "overlay_subnet": "string",
      "private_ipaddress": "string",
      "ipsec_local_ipaddress": "string",
      "asn": 0
    },
    "remote_endpoints": {
      "property1": {
        "id": 1,
        "name": "string",
        "ipaddress": "string",
        "nat_t_enabled": true,
        "ike_version": 0,
        "pfs": true,
        "private_ipaddress": "string",
        "extra_config": [
          "string"
        ],
        "tunnels": {
          "property1": {
            "id": 1,
            "local_subnet": "string",
            "remote_subnet": "string",
            "endpointid": 1,
            "endpoint_id": 1,
            "endpoint_name": "string",
            "enabled": true,
            "active": true,
            "description": "string",
            "bounce": true,
            "connected": true,
            "ping_interface": "eth0",
            "ping_interval": 0,
            "ping_ipaddress": "string",
            "tunnel_params": {
              "phase2": "string",
              "outbound_spi": "string",
              "inbound_spi": "string",
              "bytes_in": "string",
              "bytes_out": "string",
              "esp_time_remaining": "string",
              "esp_port": "string",
              "phase2_algo": "string",
              "phase2_hash": "string",
              "nat_t": "string",
              "dpd": "string",
              "pfs_dh_group": 0,
              "phase1": "string",
              "isakmp_port": "string",
              "isakmp_time_remaining": "string",
              "last_dpd": "string",
              "phase1_cipher": "string",
              "phase1_prf": "string",
              "phase1_dh_group": 0,
              "ike_version": "string"
            }
          },
          "property2": {
            "id": 1,
            "local_subnet": "string",
            "remote_subnet": "string",
            "endpointid": 1,
            "endpoint_id": 1,
            "endpoint_name": "string",
            "enabled": true,
            "active": true,
            "description": "string",
            "bounce": true,
            "connected": true,
            "ping_interface": "eth0",
            "ping_interval": 0,
            "ping_ipaddress": "string",
            "tunnel_params": {
              "phase2": "string",
              "outbound_spi": "string",
              "inbound_spi": "string",
              "bytes_in": "string",
              "bytes_out": "string",
              "esp_time_remaining": "string",
              "esp_port": "string",
              "phase2_algo": "string",
              "phase2_hash": "string",
              "nat_t": "string",
              "dpd": "string",
              "pfs_dh_group": 0,
              "phase1": "string",
              "isakmp_port": "string",
              "isakmp_time_remaining": "string",
              "last_dpd": "string",
              "phase1_cipher": "string",
              "phase1_prf": "string",
              "phase1_dh_group": 0,
              "ike_version": "string"
            }
          }
        },
        "bgp_peers": {
          "property1": {
            "asn": 0,
            "ipaddress": "string",
            "access_list": "string",
            "id": 1,
            "bgp_password": "string",
            "add_network_distance": true,
            "add_network_distance_direction": "string",
            "add_network_distance_hops": 0,
            "connection_detail": "string"
          },
          "property2": {
            "asn": 0,
            "ipaddress": "string",
            "access_list": "string",
            "id": 1,
            "bgp_password": "string",
            "add_network_distance": true,
            "add_network_distance_direction": "string",
            "add_network_distance_hops": 0,
            "connection_detail": "string"
          }
        },
        "type": "string",
        "vpn_type": "string",
        "gre_interface_address": "string",
        "route_based_int_address": "string",
        "route_based_local": "string",
        "route_based_remote": "string",
        "psk": "string"
      },
      "property2": {
        "id": 1,
        "name": "string",
        "ipaddress": "string",
        "nat_t_enabled": true,
        "ike_version": 0,
        "pfs": true,
        "private_ipaddress": "string",
        "extra_config": [
          "string"
        ],
        "tunnels": {
          "property1": {
            "id": 1,
            "local_subnet": "string",
            "remote_subnet": "string",
            "endpointid": 1,
            "endpoint_id": 1,
            "endpoint_name": "string",
            "enabled": true,
            "active": true,
            "description": "string",
            "bounce": true,
            "connected": true,
            "ping_interface": "eth0",
            "ping_interval": 0,
            "ping_ipaddress": "string",
            "tunnel_params": {
              "phase2": "string",
              "outbound_spi": "string",
              "inbound_spi": "string",
              "bytes_in": "string",
              "bytes_out": "string",
              "esp_time_remaining": "string",
              "esp_port": "string",
              "phase2_algo": "string",
              "phase2_hash": "string",
              "nat_t": "string",
              "dpd": "string",
              "pfs_dh_group": 0,
              "phase1": "string",
              "isakmp_port": "string",
              "isakmp_time_remaining": "string",
              "last_dpd": "string",
              "phase1_cipher": "string",
              "phase1_prf": "string",
              "phase1_dh_group": 0,
              "ike_version": "string"
            }
          },
          "property2": {
            "id": 1,
            "local_subnet": "string",
            "remote_subnet": "string",
            "endpointid": 1,
            "endpoint_id": 1,
            "endpoint_name": "string",
            "enabled": true,
            "active": true,
            "description": "string",
            "bounce": true,
            "connected": true,
            "ping_interface": "eth0",
            "ping_interval": 0,
            "ping_ipaddress": "string",
            "tunnel_params": {
              "phase2": "string",
              "outbound_spi": "string",
              "inbound_spi": "string",
              "bytes_in": "string",
              "bytes_out": "string",
              "esp_time_remaining": "string",
              "esp_port": "string",
              "phase2_algo": "string",
              "phase2_hash": "string",
              "nat_t": "string",
              "dpd": "string",
              "pfs_dh_group": 0,
              "phase1": "string",
              "isakmp_port": "string",
              "isakmp_time_remaining": "string",
              "last_dpd": "string",
              "phase1_cipher": "string",
              "phase1_prf": "string",
              "phase1_dh_group": 0,
              "ike_version": "string"
            }
          }
        },
        "bgp_peers": {
          "property1": {
            "asn": 0,
            "ipaddress": "string",
            "access_list": "string",
            "id": 1,
            "bgp_password": "string",
            "add_network_distance": true,
            "add_network_distance_direction": "string",
            "add_network_distance_hops": 0,
            "connection_detail": "string"
          },
          "property2": {
            "asn": 0,
            "ipaddress": "string",
            "access_list": "string",
            "id": 1,
            "bgp_password": "string",
            "add_network_distance": true,
            "add_network_distance_direction": "string",
            "add_network_distance_hops": 0,
            "connection_detail": "string"
          }
        },
        "type": "string",
        "vpn_type": "string",
        "gre_interface_address": "string",
        "route_based_int_address": "string",
        "route_based_local": "string",
        "route_based_remote": "string",
        "psk": "string"
      }
    }
  }
}

400 Response

{
  "error": {
    "name": "APIArgumentError",
    "log": "156398145066351285906955697179258297423716",
    "message": "endpoint_id does not exist"
  }
}

Authentication information missing or invalid

{
  "error": {
    "name": "UnauthorizedError",
    "log": "1563472268929826518356034508450851266833526",
    "message": "Invalid or expired token"
  }
}

Responses

Status Meaning Description Schema
200 OK Accepted Inline
400 Bad Request Bad request Inline
401 Unauthorized Authentication information missing or invalid Inline

Response Schema

Status Code 200

IpsecSystemDetail

Name Type Required Constraints Description
  response object false - -
   this_endpoint object false - -
    nat_traversal boolean false - -
    ipaddress string false - -
    overlay_subnet string false - -
    private_ipaddress string false - -
    ipsec_local_ipaddress string false - -
    asn integer false - -
   remote_endpoints object false - -
    IpsecRemoteEndpoint object false - -
     id integer false - -
     name string false - -
     ipaddress string false - -
     nat_t_enabled boolean false - -
     ike_version integer false - -
     pfs boolean false - Perfect forward secrecy enabled
     private_ipaddress string false - -
     extra_config [string] false - -
     tunnels object false - -
      IpsecTunnel object false - -
       id integer false - -
       local_subnet string false - -
       remote_subnet string false - -
       endpointid integer false - -
       endpoint_id integer false - -
       endpoint_name string false - -
       enabled boolean false - -
       active boolean false - -
       description string¦null false - -
       bounce boolean false - True if tunnel was just bounced
       connected boolean false - -
       ping_interface string false - -
       ping_interval integer¦null false - Interval for ping in seconds
       ping_ipaddress string false - -
       tunnel_params object false - -
        phase2 string false - -
        outbound_spi string false - -
        inbound_spi string false - -
        bytes_in string false - -
        bytes_out string false - -
        esp_time_remaining string false - -
        esp_port string false - -
        phase2_algo string false - -
        phase2_hash string false - -
        nat_t string false - -
        dpd string false - -
        pfs_dh_group integer¦null false - -
        phase1 string false - -
        isakmp_port string false - -
        isakmp_time_remaining string false - -
        last_dpd string false - -
        phase1_cipher string¦null false - -
        phase1_prf string¦null false - -
        phase1_dh_group integer¦null false - -
        ike_version string false - -
     bgp_peers object false - -
      BGPPeer object false - -
       asn integer false - -
       ipaddress string false - -
       access_list string false - List of "in permit CIDR" and/or "out permit CIDR" statements in a string delimited by "\n"
       id integer false - -
       bgp_password string false - -
       add_network_distance boolean false - -
       add_network_distance_direction string false - in or out
       add_network_distance_hops integer false - -
       connection_detail string false - -
     type string false - Indicating Ipsec or GRE over ipsec
     vpn_type string false - -
     gre_interface_address string false - -
     route_based_int_address string false - -
     route_based_local string false - -
     route_based_remote string false - -
     psk string false - -

Enumerated Values

Property Value
ping_interface eth0
ping_interface tun0

Status Code 400

Error

Name Type Required Constraints Description
  error object false - -
   name string false - -
   log string false - -
   message string false - -

Create IPsec endpoint tunnel

Code samples

# You can also use wget
curl -X POST -u api:myapipassword https://vns3-host:8000/api/ipsec/endpoints/{endpoint_id}/tunnels \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json'

from cohesivenet import VNS3Client

api_response = vns3_client.ipsec.post_create_ipsec_endpoint_tunnel(endpoint_id,
    remote_subnet=remote_subnet,
    local_subnet=local_subnet,
    ping_ipaddress=ping_ipaddress,
    ping_interval=ping_interval,
    ping_interface=ping_interface,
    enabled=enabled,
    description=description)

print(api_response.json())

POST /ipsec/endpoints/{endpoint_id}/tunnels

Create IPsec endpoint tunnel

Body parameter

{
  "remote_subnet": "string",
  "local_subnet": "string",
  "ping_ipaddress": "string",
  "ping_interval": 0,
  "ping_interface": "string",
  "enabled": true,
  "description": "string"
}

Parameters

Name In Type Required Description
endpoint_id path integer true ID for IPsec endpoint
remote_subnet body string true Remote subnet for tunnel in CIDR notation
local_subnet body string false Local subnet for tunnel in CIDR notation
ping_ipaddress body string false Exo Ping feature - remote IP destination of ping
ping_interval body integer false Exo Ping feature - periodicy of the ping in seconds
ping_interface body string false Exo Ping feature - what network interface IP of the VNS3 controller to use as the source of ping
enabled body boolean false Disables tunnel if set to false
description body string false -

Example responses

200 Response

{
  "response": {
    "id": 1,
    "name": "EndpointB",
    "ipaddress": "13.53.72.182",
    "pfs": true,
    "ike_version": 2,
    "nat_t_enabled": true,
    "private_ipaddress": "192.0.2.254",
    "extra_config": [],
    "tunnels": {
      "3": {
        "id": 3,
        "local_subnet": "172.31.0.0/28",
        "remote_subnet": "192.168.10.0/22",
        "endpoint_id": 1,
        "enabled": true,
        "description": "tunnel description",
        "ping_ipaddress": "",
        "ping_interface": "tun0",
        "ping_interval": null
      }
    },
    "bgp_peers": {},
    "type": "ipsec",
    "vpn_type": "policy",
    "psk": "testtest"
  }
}

400 Response

{
  "error": {
    "name": "APIArgumentError",
    "log": "156398145066351285906955697179258297423716",
    "message": "endpoint_id does not exist"
  }
}

Authentication information missing or invalid

{
  "error": {
    "name": "UnauthorizedError",
    "log": "1563472268929826518356034508450851266833526",
    "message": "Invalid or expired token"
  }
}

Responses

Status Meaning Description Schema
200 OK Created Inline
400 Bad Request Bad request Inline
401 Unauthorized Authentication information missing or invalid Inline
403 Forbidden Permission denied. Max number of tunnels reach Inline

Response Schema

Status Code 200

IpsecRemoteEndpointDetail

Name Type Required Constraints Description
  response object false - -
   id integer false - -
   name string false - -
   ipaddress string false - -
   nat_t_enabled boolean false - -
   ike_version integer false - -
   pfs boolean false - Perfect forward secrecy enabled
   private_ipaddress string false - -
   extra_config [string] false - -
   tunnels object false - -
    IpsecTunnel object false - -
     id integer false - -
     local_subnet string false - -
     remote_subnet string false - -
     endpointid integer false - -
     endpoint_id integer false - -
     endpoint_name string false - -
     enabled boolean false - -
     active boolean false - -
     description string¦null false - -
     bounce boolean false - True if tunnel was just bounced
     connected boolean false - -
     ping_interface string false - -
     ping_interval integer¦null false - Interval for ping in seconds
     ping_ipaddress string false - -
     tunnel_params object false - -
      phase2 string false - -
      outbound_spi string false - -
      inbound_spi string false - -
      bytes_in string false - -
      bytes_out string false - -
      esp_time_remaining string false - -
      esp_port string false - -
      phase2_algo string false - -
      phase2_hash string false - -
      nat_t string false - -
      dpd string false - -
      pfs_dh_group integer¦null false - -
      phase1 string false - -
      isakmp_port string false - -
      isakmp_time_remaining string false - -
      last_dpd string false - -
      phase1_cipher string¦null false - -
      phase1_prf string¦null false - -
      phase1_dh_group integer¦null false - -
      ike_version string false - -
   bgp_peers object false - -
    BGPPeer object false - -
     asn integer false - -
     ipaddress string false - -
     access_list string false - List of "in permit CIDR" and/or "out permit CIDR" statements in a string delimited by "\n"
     id integer false - -
     bgp_password string false - -
     add_network_distance boolean false - -
     add_network_distance_direction string false - in or out
     add_network_distance_hops integer false - -
     connection_detail string false - -
   type string false - Indicating Ipsec or GRE over ipsec
   vpn_type string false - -
   gre_interface_address string false - -
   route_based_int_address string false - -
   route_based_local string false - -
   route_based_remote string false - -
   psk string false - -

Enumerated Values

Property Value
ping_interface eth0
ping_interface tun0

Status Code 400

Error

Name Type Required Constraints Description
  error object false - -
   name string false - -
   log string false - -
   message string false - -

Status Code 403

Error

Name Type Required Constraints Description
  error object false - -
   name string false - -
   log string false - -
   message string false - -

Update IPsec endpoint tunnel

Code samples

# You can also use wget
curl -X PUT -u api:myapipassword https://vns3-host:8000/api/ipsec/endpoints/{endpoint_id}/tunnels/{tunnel_id} \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json'

from cohesivenet import VNS3Client

api_response = vns3_client.ipsec.put_update_ipsec_endpoint_tunnel(endpoint_id,tunnel_id,
    bounce=bounce,
    description=description,
    remote_subnet=remote_subnet,
    local_subnet=local_subnet,
    ping_ipaddress=ping_ipaddress,
    ping_interval=ping_interval,
    ping_interface=ping_interface,
    enabled=enabled)

print(api_response.json())

PUT /ipsec/endpoints/{endpoint_id}/tunnels/{tunnel_id}

Edit IPsec endpoint tunnel configuration

Body parameter

{
  "bounce": false,
  "description": "string",
  "remote_subnet": "string",
  "local_subnet": "string",
  "ping_ipaddress": "string",
  "ping_interval": 0,
  "ping_interface": "string",
  "enabled": true
}

Parameters

Name In Type Required Description
endpoint_id path integer true ID for IPsec endpoint
tunnel_id path integer true ID for tunnel
bounce body boolean false Resets the IPsec connection for this specific tunnel
description body string false -
remote_subnet body string false Remote subnet for tunnel in CIDR notation
local_subnet body string false Local subnet for tunnel in CIDR notation
ping_ipaddress body string false Exo Ping feature - remote IP destination of ping
ping_interval body integer false Exo Ping feature - periodicy of the ping in seconds
ping_interface body string false Exo Ping feature - what network interface IP of the VNS3 controller to use as the source of ping
enabled body boolean false Disables tunnel if set to false

Example responses

200 Response

{
  "response": {
    "id": 1,
    "local_subnet": "string",
    "remote_subnet": "string",
    "endpointid": 1,
    "endpoint_id": 1,
    "endpoint_name": "string",
    "enabled": true,
    "active": true,
    "description": "string",
    "bounce": true,
    "connected": true,
    "ping_interface": "eth0",
    "ping_interval": 0,
    "ping_ipaddress": "string",
    "tunnel_params": {
      "phase2": "string",
      "outbound_spi": "string",
      "inbound_spi": "string",
      "bytes_in": "string",
      "bytes_out": "string",
      "esp_time_remaining": "string",
      "esp_port": "string",
      "phase2_algo": "string",
      "phase2_hash": "string",
      "nat_t": "string",
      "dpd": "string",
      "pfs_dh_group": 0,
      "phase1": "string",
      "isakmp_port": "string",
      "isakmp_time_remaining": "string",
      "last_dpd": "string",
      "phase1_cipher": "string",
      "phase1_prf": "string",
      "phase1_dh_group": 0,
      "ike_version": "string"
    }
  }
}

400 Response

{
  "error": {
    "name": "APIArgumentError",
    "log": "156398145066351285906955697179258297423716",
    "message": "local_subnet is invalid CIDR"
  }
}

Authentication information missing or invalid

{
  "error": {
    "name": "UnauthorizedError",
    "log": "1563472268929826518356034508450851266833526",
    "message": "Invalid or expired token"
  }
}

Responses

Status Meaning Description Schema
200 OK Accepted Inline
400 Bad Request Bad request Inline
401 Unauthorized Authentication information missing or invalid Inline

Response Schema

Status Code 200

IpsecTunnelDetail

Name Type Required Constraints Description
  response object false - -
   id integer false - -
   local_subnet string false - -
   remote_subnet string false - -
   endpointid integer false - -
   endpoint_id integer false - -
   endpoint_name string false - -
   enabled boolean false - -
   active boolean false - -
   description string¦null false - -
   bounce boolean false - True if tunnel was just bounced
   connected boolean false - -
   ping_interface string false - -
   ping_interval integer¦null false - Interval for ping in seconds
   ping_ipaddress string false - -
   tunnel_params object false - -
    phase2 string false - -
    outbound_spi string false - -
    inbound_spi string false - -
    bytes_in string false - -
    bytes_out string false - -
    esp_time_remaining string false - -
    esp_port string false - -
    phase2_algo string false - -
    phase2_hash string false - -
    nat_t string false - -
    dpd string false - -
    pfs_dh_group integer¦null false - -
    phase1 string false - -
    isakmp_port string false - -
    isakmp_time_remaining string false - -
    last_dpd string false - -
    phase1_cipher string¦null false - -
    phase1_prf string¦null false - -
    phase1_dh_group integer¦null false - -
    ike_version string false - -

Enumerated Values

Property Value
ping_interface eth0
ping_interface tun0

Status Code 400

Error

Name Type Required Constraints Description
  error object false - -
   name string false - -
   log string false - -
   message string false - -

Delete IPsec tunnel

Code samples

# You can also use wget
curl -X DELETE -u api:myapipassword https://vns3-host:8000/api/ipsec/endpoints/{endpoint_id}/tunnels/{tunnel_id} \
  -H 'Accept: application/json'

from cohesivenet import VNS3Client

api_response = vns3_client.ipsec.delete_ipsec_endpoint_tunnel(endpoint_id,tunnel_id)

print(api_response.json())

DELETE /ipsec/endpoints/{endpoint_id}/tunnels/{tunnel_id}

Delete IPsec tunnel

Parameters

Name In Type Required Description
endpoint_id path integer true ID for IPsec endpoint
tunnel_id path integer true ID for tunnel

Example responses

200 Response

{
  "response": {
    "id": 1,
    "name": "EndpointB",
    "ipaddress": "13.53.72.182",
    "pfs": true,
    "ike_version": 2,
    "nat_t_enabled": true,
    "private_ipaddress": "192.0.2.254",
    "extra_config": [],
    "tunnels": {
      "3": {
        "id": 3,
        "local_subnet": "172.31.0.0/28",
        "remote_subnet": "192.168.10.0/22",
        "endpoint_id": 1,
        "enabled": true,
        "description": "tunnel description",
        "ping_ipaddress": "",
        "ping_interface": "tun0",
        "ping_interval": null
      }
    },
    "bgp_peers": {},
    "type": "ipsec",
    "vpn_type": "policy",
    "psk": "testtest"
  }
}

400 Response

{
  "error": {
    "name": "APIArgumentError",
    "log": "156398145066351285906955697179258297423716",
    "message": "tunnel id does not exist"
  }
}

Authentication information missing or invalid

{
  "error": {
    "name": "UnauthorizedError",
    "log": "1563472268929826518356034508450851266833526",
    "message": "Invalid or expired token"
  }
}

Responses

Status Meaning Description Schema
200 OK Accepted Inline
400 Bad Request Bad request Inline
401 Unauthorized Authentication information missing or invalid Inline

Response Schema

Status Code 200

IpsecRemoteEndpointDetail

Name Type Required Constraints Description
  response object false - -
   id integer false - -
   name string false - -
   ipaddress string false - -
   nat_t_enabled boolean false - -
   ike_version integer false - -
   pfs boolean false - Perfect forward secrecy enabled
   private_ipaddress string false - -
   extra_config [string] false - -
   tunnels object false - -
    IpsecTunnel object false - -
     id integer false - -
     local_subnet string false - -
     remote_subnet string false - -
     endpointid integer false - -
     endpoint_id integer false - -
     endpoint_name string false - -
     enabled boolean false - -
     active boolean false - -
     description string¦null false - -
     bounce boolean false - True if tunnel was just bounced
     connected boolean false - -
     ping_interface string false - -
     ping_interval integer¦null false - Interval for ping in seconds
     ping_ipaddress string false - -
     tunnel_params object false - -
      phase2 string false - -
      outbound_spi string false - -
      inbound_spi string false - -
      bytes_in string false - -
      bytes_out string false - -
      esp_time_remaining string false - -
      esp_port string false - -
      phase2_algo string false - -
      phase2_hash string false - -
      nat_t string false - -
      dpd string false - -
      pfs_dh_group integer¦null false - -
      phase1 string false - -
      isakmp_port string false - -
      isakmp_time_remaining string false - -
      last_dpd string false - -
      phase1_cipher string¦null false - -
      phase1_prf string¦null false - -
      phase1_dh_group integer¦null false - -
      ike_version string false - -
   bgp_peers object false - -
    BGPPeer object false - -
     asn integer false - -
     ipaddress string false - -
     access_list string false - List of "in permit CIDR" and/or "out permit CIDR" statements in a string delimited by "\n"
     id integer false - -
     bgp_password string false - -
     add_network_distance boolean false - -
     add_network_distance_direction string false - in or out
     add_network_distance_hops integer false - -
     connection_detail string false - -
   type string false - Indicating Ipsec or GRE over ipsec
   vpn_type string false - -
   gre_interface_address string false - -
   route_based_int_address string false - -
   route_based_local string false - -
   route_based_remote string false - -
   psk string false - -

Enumerated Values

Property Value
ping_interface eth0
ping_interface tun0

Status Code 400

Error

Name Type Required Constraints Description
  error object false - -
   name string false - -
   log string false - -
   message string false - -

Firewall

Functions for managing Firewall rules, subgroups (chains) and IPSets

Get firewall rules

Code samples

# You can also use wget
curl -X GET -u api:myapipassword https://vns3-host:8000/api/firewall/rules \
  -H 'Accept: application/json'

from cohesivenet import VNS3Client

api_response = vns3_client.firewall.get_firewall_rules()

print(api_response.json())

GET /firewall/rules

Get a list of current firewall rules

Example responses

200 Response

{
  "response": [
    [
      "string"
    ]
  ]
}

Authentication information missing or invalid

{
  "error": {
    "name": "UnauthorizedError",
    "log": "1563472268929826518356034508450851266833526",
    "message": "Invalid or expired token"
  }
}

403 Response

{
  "response": {
    "message": "Must be licensed first",
    "log": "123901290309083024802120939123901023091239",
    "name": "PrerequisiteError"
  }
}

Responses

Status Meaning Description Schema
200 OK OK Inline
401 Unauthorized Authentication information missing or invalid Inline
403 Forbidden Request Forbidden - operation not allowed Inline

Response Schema

Status Code 200

FirewallRuleListResponse

Name Type Required Constraints Description
  response [array] false - -
   FirewallRuleTuple [oneOf] false - IPtables firewall rule represented as array [rule, position]

oneOf

Name Type Required Constraints Description
    any string false - -

xor

Name Type Required Constraints Description
    any integer false - -

Status Code 403

Error

Name Type Required Constraints Description
  error object false - -
   name string false - -
   log string false - -
   message string false - -

Create firewall rule

Code samples

# You can also use wget
curl -X POST -u api:myapipassword https://vns3-host:8000/api/firewall/rules \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json'

from cohesivenet import VNS3Client

api_response = vns3_client.firewall.post_create_firewall_rule(
    rule=rule,
    position=position)

print(api_response.json())

POST /firewall/rules

Adds a firewall rule to the VNS3 Controller's firewall

Body parameter

{
  "rule": "string",
  "position": -1
}

Parameters

Name In Type Required Description
rule body string true New firewall rule string that needs to be compatible with a Linux "iptables" statement
position body integer false Position which the rule will be inserted in the list of Firewall rules. Default is -1, which will post as the next rule in the list

Example responses

200 Response

{
  "response": {
    "status": "submitted",
    "rule": "MACRO_CUST -o eth0 -s 10.199.2.0/24 -j MASQUERADE",
    "token": "15798987631596_5280108744805298913050300048466684878015928855"
  }
}

400 Response

{
  "error": {
    "name": "APIArgumentError",
    "log": "1564155261466915664338789304780698957922014",
    "message": "Parse Error - iptables v1.4.21: host/network `10.199.2.0.' not found"
  }
}

Authentication information missing or invalid

{
  "error": {
    "name": "UnauthorizedError",
    "log": "1563472268929826518356034508450851266833526",
    "message": "Invalid or expired token"
  }
}

403 Response

{
  "response": {
    "message": "Must be licensed first",
    "log": "123901290309083024802120939123901023091239",
    "name": "PrerequisiteError"
  }
}

Responses

Status Meaning Description Schema
200 OK Accepted Inline
400 Bad Request Bad request Inline
401 Unauthorized Authentication information missing or invalid Inline
403 Forbidden Request Forbidden - operation not allowed Inline

Response Schema

Status Code 200

FirewallRuleOperationResponse

Name Type Required Constraints Description
  response object false - -
   status string false - -
   rule string false - -
   position integer false - -
   token string false - Task token

Status Code 400

Error

Name Type Required Constraints Description
  error object false - -
   name string false - -
   log string false - -
   message string false - -

Status Code 403

Error

Name Type Required Constraints Description
  error object false - -
   name string false - -
   log string false - -
   message string false - -

Delete firewall rule

Code samples

# You can also use wget
curl -X DELETE -u api:myapipassword https://vns3-host:8000/api/firewall/rules \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json'

from cohesivenet import VNS3Client

api_response = vns3_client.firewall.delete_firewall_rule_by_rule(
    rule=rule)

print(api_response.json())

DELETE /firewall/rules

Delete firewall rule by passing the actual rule to delete

Body parameter

{
  "rule": "string"
}

Parameters

Name In Type Required Description
rule body string true Rule to be deleted

Example responses

200 Response

{
  "response": {
    "status": "submitted",
    "position": 0,
    "rule": "MACRO_CUST -o eth0 -s 10.199.2.0/24 -j MASQUERADE",
    "token": "15641553402765_1730986546845926230044120934882999801643412463756"
  }
}

400 Response

{
  "error": {
    "name": "APIArgumentError",
    "log": "1564155261466915664338789304780698957922014",
    "message": "either position or rule argument must be provided"
  }
}

Authentication information missing or invalid

{
  "error": {
    "name": "UnauthorizedError",
    "log": "1563472268929826518356034508450851266833526",
    "message": "Invalid or expired token"
  }
}

403 Response

{
  "response": {
    "message": "Must be licensed first",
    "log": "123901290309083024802120939123901023091239",
    "name": "PrerequisiteError"
  }
}

Responses

Status Meaning Description Schema
200 OK Accepted Inline
400 Bad Request Bad request Inline
401 Unauthorized Authentication information missing or invalid Inline
403 Forbidden Request Forbidden - operation not allowed Inline

Response Schema

Status Code 200

FirewallRuleOperationResponse

Name Type Required Constraints Description
  response object false - -
   status string false - -
   rule string false - -
   position integer false - -
   token string false - Task token

Status Code 400

Error

Name Type Required Constraints Description
  error object false - -
   name string false - -
   log string false - -
   message string false - -

Status Code 403

Error

Name Type Required Constraints Description
  error object false - -
   name string false - -
   log string false - -
   message string false - -

Delete firewall rule by position

Code samples

# You can also use wget
curl -X DELETE -u api:myapipassword https://vns3-host:8000/api/firewall/rules/{position} \
  -H 'Accept: application/json'

from cohesivenet import VNS3Client

api_response = vns3_client.firewall.delete_firewall_rule_by_position(position)

print(api_response.json())

DELETE /firewall/rules/{position}

Delete firewall rule by position in the firewall. The firewall is 0 indexed. So deleting position 0 will remove the first rule in the firewall and the second rule will become the first.

Parameters

Name In Type Required Description
position path integer true index position for firewall rule, 0 is first

Example responses

200 Response

{
  "response": {
    "status": "submitted",
    "rule": "MACRO_CUST -o eth1 -s 10.0.2.0/24 -j MASQUERADE\\n",
    "position": 0,
    "token": "15641555503109_367028783492026941846541919926446643820946500940416"
  }
}

400 Response

{
  "error": {
    "name": "APIArgumentError",
    "log": "156415545591919091797511226100046886299005",
    "message": "position exceeds the number of rules"
  }
}

Authentication information missing or invalid

{
  "error": {
    "name": "UnauthorizedError",
    "log": "1563472268929826518356034508450851266833526",
    "message": "Invalid or expired token"
  }
}

403 Response

{
  "response": {
    "message": "Must be licensed first",
    "log": "123901290309083024802120939123901023091239",
    "name": "PrerequisiteError"
  }
}

Responses

Status Meaning Description Schema
200 OK Accepted Inline
400 Bad Request Bad request Inline
401 Unauthorized Authentication information missing or invalid Inline
403 Forbidden Request Forbidden - operation not allowed Inline

Response Schema

Status Code 200

FirewallRuleOperationResponse

Name Type Required Constraints Description
  response object false - -
   status string false - -
   rule string false - -
   position integer false - -
   token string false - Task token

Status Code 400

Error

Name Type Required Constraints Description
  error object false - -
   name string false - -
   log string false - -
   message string false - -

Status Code 403

Error

Name Type Required Constraints Description
  error object false - -
   name string false - -
   log string false - -
   message string false - -

Get firewall subgroups

Code samples

# You can also use wget
curl -X GET -u api:myapipassword https://vns3-host:8000/api/firewall/rules/subgroup \
  -H 'Accept: application/json'

from cohesivenet import VNS3Client

api_response = vns3_client.firewall.get_firewall_rule_subgroups(
    name=name,
    verbose=verbose)

print(api_response.json())

GET /firewall/rules/subgroup

Get a list of current firewall rules at subgroup (chained rules)

Parameters

Name In Type Required Description
name query string false name of resource
verbose query boolean false True for verbose output

Example responses

200 Response

{
  "response": [
    "string"
  ]
}

Authentication information missing or invalid

{
  "error": {
    "name": "UnauthorizedError",
    "log": "1563472268929826518356034508450851266833526",
    "message": "Invalid or expired token"
  }
}

403 Response

{
  "response": {
    "message": "Must be licensed first",
    "log": "123901290309083024802120939123901023091239",
    "name": "PrerequisiteError"
  }
}

Responses

Status Meaning Description Schema
200 OK OK Inline
401 Unauthorized Authentication information missing or invalid Inline
403 Forbidden Request Forbidden - operation not allowed Inline

Response Schema

Status Code 200

FirewallSubgroupListResponse

Name Type Required Constraints Description
  response any false - -

oneOf

Name Type Required Constraints Description
   any [string] false - -
    FirewallSubgroupRule string false - Begins with name and is followed by Firewall rule. This is single rule in the chain.

xor

Name Type Required Constraints Description
   any [array] false - -
    FirewallSubgroupRule string false - Begins with name and is followed by Firewall rule. This is single rule in the chain.

Status Code 403

Error

Name Type Required Constraints Description
  error object false - -
   name string false - -
   log string false - -
   message string false - -

Create firewall subgroup

Code samples

# You can also use wget
curl -X POST -u api:myapipassword https://vns3-host:8000/api/firewall/rules/subgroup \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json'

from cohesivenet import VNS3Client

api_response = vns3_client.firewall.post_create_firewall_subgroup(
    name=name,
    position=position,
    flush=flush)

print(api_response.json())

POST /firewall/rules/subgroup

Create a new firewall subgroup. Subgroups are named lists of rules that can be "jumped to" from another rule. These are effectively IPtables custom chains. For example, INPUT_CUST -s 10.0.2.0/24 -j MYGROUP

Body parameter

{
    "rules": "string",
    "name": "string",
    "position": 1,
    "flush": true
}

Parameters

Name In Type Required Description
rules body string false Chained firewall rules seperated by \n. Rule should be preceded by group name
name body string false 'name of the subgroup. Must be valid chain that begins with one of the following: PRE_C_, PST_C_, FWD_C_, INP_C_, OUT_C_.'
position body integer false Position which the chain will be inserted in the list of Firewall rules. Default is 0, which is first in the ruleset
flush body boolean false -

One of the following param combinations are required:

Example responses

200 Response

{
  "response": {
    "status": "ok",
    "rules": "Rule 1\\n Rule 2\\n Rule 3"
  }
}

400 Response

{
  "error": {
    "name": "APIArgumentError",
    "log": "1564155261466915664338789304780698957922014",
    "message": "invalid subgroup name - some bad name"
  }
}

Authentication information missing or invalid

{
  "error": {
    "name": "UnauthorizedError",
    "log": "1563472268929826518356034508450851266833526",
    "message": "Invalid or expired token"
  }
}

403 Response

{
  "response": {
    "message": "Must be licensed first",
    "log": "123901290309083024802120939123901023091239",
    "name": "PrerequisiteError"
  }
}

Responses

Status Meaning Description Schema
200 OK Accepted Inline
400 Bad Request Bad request Inline
401 Unauthorized Authentication information missing or invalid Inline
403 Forbidden Request Forbidden - operation not allowed Inline

Response Schema

Status Code 400

Error

Name Type Required Constraints Description
  error object false - -
   name string false - -
   log string false - -
   message string false - -

Status Code 403

Error

Name Type Required Constraints Description
  error object false - -
   name string false - -
   log string false - -
   message string false - -

Reload firewall subgroups

Code samples

# You can also use wget
curl -X PUT -u api:myapipassword https://vns3-host:8000/api/firewall/rules/subgroup \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json'

from cohesivenet import VNS3Client

api_response = vns3_client.firewall.put_reinitialize_firewall_subgroups(
    reinitialize=reinitialize)

print(api_response.json())

PUT /firewall/rules/subgroup

Reload firewall subgroups

Body parameter

{
  "reinitialize": true
}

Parameters

Name In Type Required Description
reinitialize body boolean false -

Example responses

Authentication information missing or invalid

{
  "error": {
    "name": "UnauthorizedError",
    "log": "1563472268929826518356034508450851266833526",
    "message": "Invalid or expired token"
  }
}

403 Response

{
  "response": {
    "message": "Must be licensed first",
    "log": "123901290309083024802120939123901023091239",
    "name": "PrerequisiteError"
  }
}

Responses

Status Meaning Description Schema
200 OK OK -
401 Unauthorized Authentication information missing or invalid Inline
403 Forbidden Request Forbidden - operation not allowed Inline

Response Schema

Status Code 403

Error

Name Type Required Constraints Description
  error object false - -
   name string false - -
   log string false - -
   message string false - -

Delete firewall subgroup

Code samples

# You can also use wget
curl -X DELETE -u api:myapipassword https://vns3-host:8000/api/firewall/rules/subgroup \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json'

from cohesivenet import VNS3Client

api_response = vns3_client.firewall.delete_firewall_subgroup(
    rules=rules,
    name=name)

print(api_response.json())

DELETE /firewall/rules/subgroup

Delete Firewall subgroup by name or rules

Body parameter

{
  "rules": "string",
  "name": "string"
}

Parameters

Name In Type Required Description
rules body string false Chained firewall rules seperated by "\n"
name body string false Name of the subgroup chain. Must be valid chain name.

Example responses

200 Response

{
  "response": {
    "status": "string"
  }
}

Authentication information missing or invalid

{
  "error": {
    "name": "UnauthorizedError",
    "log": "1563472268929826518356034508450851266833526",
    "message": "Invalid or expired token"
  }
}

403 Response

{
  "response": {
    "message": "Must be licensed first",
    "log": "123901290309083024802120939123901023091239",
    "name": "PrerequisiteError"
  }
}

404 Response

{
  "error": {
    "name": "APINotFoundError",
    "log": "15640808375976073208002188741879242245537",
    "message": "Chain named some BAD_NAME not found."
  }
}

410 Response

{
  "error": {
    "name": "APINotFoundError",
    "log": "15640808375976073208002188741879242245537",
    "message": "Chain references remain for CHAIN_NAME, although rules were deleted."
  }
}

Responses

Status Meaning Description Schema
200 OK OK Inline
401 Unauthorized Authentication information missing or invalid Inline
403 Forbidden Request Forbidden - operation not allowed Inline
404 Not Found Not found Inline
410 Gone Resource gone Inline

Response Schema

Status Code 200

SimpleStatusResponse

Name Type Required Constraints Description
  response object false - -
   status string false - -

Status Code 403

Error

Name Type Required Constraints Description
  error object false - -
   name string false - -
   log string false - -
   message string false - -

Status Code 404

Error

Name Type Required Constraints Description
  error object false - -
   name string false - -
   log string false - -
   message string false - -

Status Code 410

Error

Name Type Required Constraints Description
  error object false - -
   name string false - -
   log string false - -
   message string false - -

Get firewall FWSets

Code samples

# You can also use wget
curl -X GET -u api:myapipassword https://vns3-host:8000/api/firewall/fwsets \
  -H 'Accept: application/json'

from cohesivenet import VNS3Client

api_response = vns3_client.firewall.get_firewall_fw_sets(
    name=name,
    verbose=verbose)

print(api_response.json())

GET /firewall/fwsets

Get a list of current firewall rule sets. These are IPsets that allow for faster matching of rules against IPs. See http://ipset.netfilter.org for more details.

Parameters

Name In Type Required Description
name query string false name of resource
verbose query boolean false True for verbose output

Example responses

200 Response

{
  "response": [
    "string"
  ]
}

Authentication information missing or invalid

{
  "error": {
    "name": "UnauthorizedError",
    "log": "1563472268929826518356034508450851266833526",
    "message": "Invalid or expired token"
  }
}

403 Response

{
  "response": {
    "message": "Must be licensed first",
    "log": "123901290309083024802120939123901023091239",
    "name": "PrerequisiteError"
  }
}

Responses

Status Meaning Description Schema
200 OK OK Inline
401 Unauthorized Authentication information missing or invalid Inline
403 Forbidden Request Forbidden - operation not allowed Inline

Response Schema

Status Code 200

FirewallFWSetListResponse

Name Type Required Constraints Description
  response [string] false - -
   FirewallFWSetString string false - Begins with name and is followed by Firewall rules. This is an indexed rule that allows for speedy matching on IPs

Status Code 403

Error

Name Type Required Constraints Description
  error object false - -
   name string false - -
   log string false - -
   message string false - -

Create firewall FWSet

Code samples

# You can also use wget
curl -X POST -u api:myapipassword https://vns3-host:8000/api/firewall/fwsets \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json'

from cohesivenet import VNS3Client

api_response = vns3_client.firewall.post_create_firewall_fw_set(
    rules=rules,
    name=name,
    flush=flush)

print(api_response.json())

POST /firewall/fwsets

Create a new firewall FWSet for fast rule matching

Body parameter

{
  "rules": "string",
  "name": "string",
  "flush": true
}

Parameters

Name In Type Required Description
rules body string false Chained firewall rules seperated by "\n"
name body string false 'name of the FWSet. Must be valid chain that begins with one of the following: NETS_, PORTS_, LIST_.'
flush body boolean false -

Example responses

200 Response

{
  "response": {
    "status": "ok",
    "rules": "Rule 1\\n Rule 2\\n Rule 3"
  }
}

400 Response

{
  "error": {
    "name": "APIArgumentError",
    "log": "1564155261466915664338789304780698957922014",
    "message": "invalid FWSet name - some bad name"
  }
}

Authentication information missing or invalid

{
  "error": {
    "name": "UnauthorizedError",
    "log": "1563472268929826518356034508450851266833526",
    "message": "Invalid or expired token"
  }
}

403 Response

{
  "response": {
    "message": "Must be licensed first",
    "log": "123901290309083024802120939123901023091239",
    "name": "PrerequisiteError"
  }
}

Responses

Status Meaning Description Schema
200 OK Accepted Inline
400 Bad Request Bad request Inline
401 Unauthorized Authentication information missing or invalid Inline
403 Forbidden Request Forbidden - operation not allowed Inline

Response Schema

Status Code 400

Error

Name Type Required Constraints Description
  error object false - -
   name string false - -
   log string false - -
   message string false - -

Status Code 403

Error

Name Type Required Constraints Description
  error object false - -
   name string false - -
   log string false - -
   message string false - -

Reload all firewall FWsets

Code samples

# You can also use wget
curl -X PUT -u api:myapipassword https://vns3-host:8000/api/firewall/fwsets \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json'

from cohesivenet import VNS3Client

api_response = vns3_client.firewall.put_reinitialize_fw_sets(
    reinitialize=reinitialize)

print(api_response.json())

PUT /firewall/fwsets

Reload all firewall FWsets

Body parameter

{
  "reinitialize": true
}

Parameters

Name In Type Required Description
reinitialize body boolean false -

Example responses

Authentication information missing or invalid

{
  "error": {
    "name": "UnauthorizedError",
    "log": "1563472268929826518356034508450851266833526",
    "message": "Invalid or expired token"
  }
}

403 Response

{
  "response": {
    "message": "Must be licensed first",
    "log": "123901290309083024802120939123901023091239",
    "name": "PrerequisiteError"
  }
}

Responses

Status Meaning Description Schema
200 OK OK -
401 Unauthorized Authentication information missing or invalid Inline
403 Forbidden Request Forbidden - operation not allowed Inline

Response Schema

Status Code 403

Error

Name Type Required Constraints Description
  error object false - -
   name string false - -
   log string false - -
   message string false - -

Delete firewall FWSet

Code samples

# You can also use wget
curl -X DELETE -u api:myapipassword https://vns3-host:8000/api/firewall/fwsets \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json'

from cohesivenet import VNS3Client

api_response = vns3_client.firewall.delete_firewall_fw_set(
    rules=rules,
    name=name)

print(api_response.json())

DELETE /firewall/fwsets

Delete Firewall FWSet by name or rules

Body parameter

{
  "rules": "string",
  "name": "string"
}

Parameters

Name In Type Required Description
rules body string false Chained firewall rules seperated by "\n"
name body string false Name of the FWSet. Must be valid chain that begins with one of the following: NETS_, PORTS_, LIST_.

Example responses

200 Response

{
  "response": {
    "status": "finished_ok"
  }
}

400 Response

{
  "error": {
    "name": "APIArgumentError",
    "log": "1564155261466915664338789304780698957922014",
    "message": "More than one FWSet name found in rules"
  }
}

Authentication information missing or invalid

{
  "error": {
    "name": "UnauthorizedError",
    "log": "1563472268929826518356034508450851266833526",
    "message": "Invalid or expired token"
  }
}

403 Response

{
  "response": {
    "message": "Must be licensed first",
    "log": "123901290309083024802120939123901023091239",
    "name": "PrerequisiteError"
  }
}

Responses

Status Meaning Description Schema
200 OK OK Inline
400 Bad Request Bad request Inline
401 Unauthorized Authentication information missing or invalid Inline
403 Forbidden Request Forbidden - operation not allowed Inline

Response Schema

Status Code 200

SimpleStatusResponse

Name Type Required Constraints Description
  response object false - -
   status string false - -

Status Code 400

Error

Name Type Required Constraints Description
  error object false - -
   name string false - -
   log string false - -
   message string false - -

Status Code 403

Error

Name Type Required Constraints Description
  error object false - -
   name string false - -
   log string false - -
   message string false - -

Routing

Control the network route table

Get routes

Code samples

# You can also use wget
curl -X GET -u api:myapipassword https://vns3-host:8000/api/routes \
  -H 'Accept: application/json'

from cohesivenet import VNS3Client

api_response = vns3_client.routing.get_routes()

print(api_response.json())

GET /routes

Describes routes that this manager has access to via its network interfaces (virtual or otherwise). If advertized, other VNS3 Controllers will receive the route instantly. Network clients will receive it when they get their next route push, which is normally on a re-connect or in neartime if they use the VNS3 Routing agent on their cloud servers. Remote endpoints (other data centers) would not receive the route unless specified as part of their IPsec Configuration AND the Configuration of such a tunnel on the VNS3 controller.

Example responses

200 Response

{
  "response": {
    "1": {
      "netmask": "240.0.0.0",
      "id": 1,
      "cidr": "224.0.0.0/4",
      "interface": "tun0",
      "description": "Multicast (auto-added)",
      "advertise": false,
      "metric": 0
    },
    "2": {
      "netmask": "255.255.255.0",
      "id": 2,
      "cidr": "192.168.1.0/24",
      "gateway": "192.168.1.1",
      "interface": "eth0",
      "description": "US West Peer",
      "advertise": false,
      "metric": 0
    }
  }
}

Authentication information missing or invalid

{
  "error": {
    "name": "UnauthorizedError",
    "log": "1563472268929826518356034508450851266833526",
    "message": "Invalid or expired token"
  }
}

403 Response

{
  "unlicensedExample": {
    "value": {
      "error": {
        "name": "PrerequisiteError",
        "log": "1563472268929826518356034508450851266833526",
        "message": "Must be licensed first."
      }
    }
  }
}

Responses

Status Meaning Description Schema
200 OK OK Inline
401 Unauthorized Authentication information missing or invalid Inline
403 Forbidden Request Forbidden - operation not allowed Inline

Response Schema

Status Code 200

RoutesListResponse

Name Type Required Constraints Description
  response object false - -
   Route object false - -
    netmask string false - -
    id integer false - -
    cidr string false - -
    interface string false - -
    description string false - -
    advertise boolean false - -
    metric integer false - -
    gateway string false - -
    tunnel object false - -
     id integer false - -
     local_subnet string false - -
     remote_subnet string false - -
     endpointid integer false - -
     endpoint_id integer false - -
     endpoint_name string false - -
     enabled boolean false - -
     active boolean false - -
     description string¦null false - -
     bounce boolean false - True if tunnel was just bounced
     connected boolean false - -
     ping_interface string false - -
     ping_interval integer¦null false - Interval for ping in seconds
     ping_ipaddress string false - -
     tunnel_params object false - -
      phase2 string false - -
      outbound_spi string false - -
      inbound_spi string false - -
      bytes_in string false - -
      bytes_out string false - -
      esp_time_remaining string false - -
      esp_port string false - -
      phase2_algo string false - -
      phase2_hash string false - -
      nat_t string false - -
      dpd string false - -
      pfs_dh_group integer¦null false - -
      phase1 string false - -
      isakmp_port string false - -
      isakmp_time_remaining string false - -
      last_dpd string false - -
      phase1_cipher string¦null false - -
      phase1_prf string¦null false - -
      phase1_dh_group integer¦null false - -
      ike_version string false - -

Enumerated Values

Property Value
ping_interface eth0
ping_interface tun0

Create route

Code samples

# You can also use wget
curl -X POST -u api:myapipassword https://vns3-host:8000/api/routes \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json'

from cohesivenet import VNS3Client

api_response = vns3_client.routing.post_create_route(
    cidr=cidr,
    description=description,
    interface=interface,
    gateway=gateway,
    tunnel=tunnel,
    advertise=advertise,
    metric=metric)

print(api_response.json())

POST /routes

Pushes routes that this manager has access to via its network interfaces (virtual or otherwise)

Body parameter

{
  "cidr": "string",
  "description": "string",
  "interface": "string",
  "gateway": "string",
  "tunnel": 1,
  "advertise": true,
  "metric": 0
}

Parameters

Name In Type Required Description
cidr body string true CIDR of a route that the VNS3 Controller has access to that it wants to publish throughout the Routing tables of the overlay network
description body string false -
interface body string false Sets the interface where this route will be advertised.
gateway body string false If interface is set, a specific gateway address reachable from that interface
tunnel body integer false numerical reference for the GRE endpoint id (must provide either tunnel OR interface)
advertise body boolean false advertise route to overlay network
metric body integer false weight for route

Example responses

200 Response

{
  "response": {
    "1": {
      "netmask": "240.0.0.0",
      "id": 1,
      "cidr": "224.0.0.0/4",
      "interface": "tun0",
      "description": "Multicast (auto-added)",
      "advertise": false,
      "metric": 0
    },
    "2": {
      "netmask": "255.255.255.0",
      "id": 2,
      "cidr": "192.168.1.0/24",
      "interface": "eth0",
      "gateway": "192.168.1.1",
      "description": "Peer 1 subnet Gateway",
      "advertise": false,
      "metric": 0
    }
  }
}

400 Response

{
  "error": {
    "name": "APIArgumentError",
    "log": "156348346294205629750334447737345166168929",
    "message": "Validation failed: Ipsec tunnel bad tunnel ID"
  }
}

Authentication information missing or invalid

{
  "error": {
    "name": "UnauthorizedError",
    "log": "1563472268929826518356034508450851266833526",
    "message": "Invalid or expired token"
  }
}

403 Response

{
  "unlicensedExample": {
    "value": {
      "error": {
        "name": "PrerequisiteError",
        "log": "1563472268929826518356034508450851266833526",
        "message": "Must be licensed first."
      }
    }
  }
}

Responses

Status Meaning Description Schema
200 OK Created Inline
400 Bad Request Bad request Inline
401 Unauthorized Authentication information missing or invalid Inline
403 Forbidden Request Forbidden - operation not allowed Inline

Response Schema

Status Code 200

RoutesListResponse

Name Type Required Constraints Description
  response object false - -
   Route object false - -
    netmask string false - -
    id integer false - -
    cidr string false - -
    interface string false - -
    description string false - -
    advertise boolean false - -
    metric integer false - -
    gateway string false - -
    tunnel object false - -
     id integer false - -
     local_subnet string false - -
     remote_subnet string false - -
     endpointid integer false - -
     endpoint_id integer false - -
     endpoint_name string false - -
     enabled boolean false - -
     active boolean false - -
     description string¦null false - -
     bounce boolean false - True if tunnel was just bounced
     connected boolean false - -
     ping_interface string false - -
     ping_interval integer¦null false - Interval for ping in seconds
     ping_ipaddress string false - -
     tunnel_params object false - -
      phase2 string false - -
      outbound_spi string false - -
      inbound_spi string false - -
      bytes_in string false - -
      bytes_out string false - -
      esp_time_remaining string false - -
      esp_port string false - -
      phase2_algo string false - -
      phase2_hash string false - -
      nat_t string false - -
      dpd string false - -
      pfs_dh_group integer¦null false - -
      phase1 string false - -
      isakmp_port string false - -
      isakmp_time_remaining string false - -
      last_dpd string false - -
      phase1_cipher string¦null false - -
      phase1_prf string¦null false - -
      phase1_dh_group integer¦null false - -
      ike_version string false - -

Enumerated Values

Property Value
ping_interface eth0
ping_interface tun0

Status Code 400

Error

Name Type Required Constraints Description
  error object false - -
   name string false - -
   log string false - -
   message string false - -

Delete route

Code samples

# You can also use wget
curl -X DELETE -u api:myapipassword https://vns3-host:8000/api/routes/{route_id} \
  -H 'Accept: application/json'

from cohesivenet import VNS3Client

api_response = vns3_client.routing.delete_route(route_id)

print(api_response.json())

DELETE /routes/{route_id}

Delete route

Parameters

Name In Type Required Description
route_id path integer true ID for Route

Example responses

200 Response

{
  "response": {
    "property1": {
      "netmask": "string",
      "id": 1,
      "cidr": "string",
      "interface": "string",
      "description": "string",
      "advertise": true,
      "metric": 0,
      "gateway": "string",
      "tunnel": {
        "id": 1,
        "local_subnet": "string",
        "remote_subnet": "string",
        "endpointid": 1,
        "endpoint_id": 1,
        "endpoint_name": "string",
        "enabled": true,
        "active": true,
        "description": "string",
        "bounce": true,
        "connected": true,
        "ping_interface": "eth0",
        "ping_interval": 0,
        "ping_ipaddress": "string",
        "tunnel_params": {
          "phase2": "string",
          "outbound_spi": "string",
          "inbound_spi": "string",
          "bytes_in": "string",
          "bytes_out": "string",
          "esp_time_remaining": "string",
          "esp_port": "string",
          "phase2_algo": "string",
          "phase2_hash": "string",
          "nat_t": "string",
          "dpd": "string",
          "pfs_dh_group": 0,
          "phase1": "string",
          "isakmp_port": "string",
          "isakmp_time_remaining": "string",
          "last_dpd": "string",
          "phase1_cipher": "string",
          "phase1_prf": "string",
          "phase1_dh_group": 0,
          "ike_version": "string"
        }
      }
    },
    "property2": {
      "netmask": "string",
      "id": 1,
      "cidr": "string",
      "interface": "string",
      "description": "string",
      "advertise": true,
      "metric": 0,
      "gateway": "string",
      "tunnel": {
        "id": 1,
        "local_subnet": "string",
        "remote_subnet": "string",
        "endpointid": 1,
        "endpoint_id": 1,
        "endpoint_name": "string",
        "enabled": true,
        "active": true,
        "description": "string",
        "bounce": true,
        "connected": true,
        "ping_interface": "eth0",
        "ping_interval": 0,
        "ping_ipaddress": "string",
        "tunnel_params": {
          "phase2": "string",
          "outbound_spi": "string",
          "inbound_spi": "string",
          "bytes_in": "string",
          "bytes_out": "string",
          "esp_time_remaining": "string",
          "esp_port": "string",
          "phase2_algo": "string",
          "phase2_hash": "string",
          "nat_t": "string",
          "dpd": "string",
          "pfs_dh_group": 0,
          "phase1": "string",
          "isakmp_port": "string",
          "isakmp_time_remaining": "string",
          "last_dpd": "string",
          "phase1_cipher": "string",
          "phase1_prf": "string",
          "phase1_dh_group": 0,
          "ike_version": "string"
        }
      }
    }
  }
}

400 Response

{
  "error": {
    "name": "APIArgumentError",
    "log": "156348346294205629750334447737345166168929",
    "message": "bad route id or route not found"
  }
}

Authentication information missing or invalid

{
  "error": {
    "name": "UnauthorizedError",
    "log": "1563472268929826518356034508450851266833526",
    "message": "Invalid or expired token"
  }
}

Responses

Status Meaning Description Schema
200 OK Accepted Inline
400 Bad Request Bad request Inline
401 Unauthorized Authentication information missing or invalid Inline

Response Schema

Status Code 200

RoutesListResponse

Name Type Required Constraints Description
  response object false - -
   Route object false - -
    netmask string false - -
    id integer false - -
    cidr string false - -
    interface string false - -
    description string false - -
    advertise boolean false - -
    metric integer false - -
    gateway string false - -
    tunnel object false - -
     id integer false - -
     local_subnet string false - -
     remote_subnet string false - -
     endpointid integer false - -
     endpoint_id integer false - -
     endpoint_name string false - -
     enabled boolean false - -
     active boolean false - -
     description string¦null false - -
     bounce boolean false - True if tunnel was just bounced
     connected boolean false - -
     ping_interface string false - -
     ping_interval integer¦null false - Interval for ping in seconds
     ping_ipaddress string false - -
     tunnel_params object false - -
      phase2 string false - -
      outbound_spi string false - -
      inbound_spi string false - -
      bytes_in string false - -
      bytes_out string false - -
      esp_time_remaining string false - -
      esp_port string false - -
      phase2_algo string false - -
      phase2_hash string false - -
      nat_t string false - -
      dpd string false - -
      pfs_dh_group integer¦null false - -
      phase1 string false - -
      isakmp_port string false - -
      isakmp_time_remaining string false - -
      last_dpd string false - -
      phase1_cipher string¦null false - -
      phase1_prf string¦null false - -
      phase1_dh_group integer¦null false - -
      ike_version string false - -

Enumerated Values

Property Value
ping_interface eth0
ping_interface tun0

Status Code 400

Error

Name Type Required Constraints Description
  error object false - -
   name string false - -
   log string false - -
   message string false - -

Overlay Network

Configure and control encrypted overlay network

Get clients status

Code samples

# You can also use wget
curl -X GET -u api:myapipassword https://vns3-host:8000/api/status/clients \
  -H 'Accept: application/json'

from cohesivenet import VNS3Client

api_response = vns3_client.overlay_network.get_clients_status()

print(api_response.json())

GET /status/clients

Describe overlay clients

Example responses

200 Response

{
  "response": {
    "property1": {
      "managerid": 1,
      "overlay_ipaddress": "string",
      "ipaddress": "string",
      "tags": {
        "property1": "string",
        "property2": "string"
      }
    },
    "property2": {
      "managerid": 1,
      "overlay_ipaddress": "string",
      "ipaddress": "string",
      "tags": {
        "property1": "string",
        "property2": "string"
      }
    }
  }
}

Authentication information missing or invalid

{
  "error": {
    "name": "UnauthorizedError",
    "log": "1563472268929826518356034508450851266833526",
    "message": "Invalid or expired token"
  }
}

403 Response

{
  "unlicensedExample": {
    "value": {
      "error": {
        "name": "PrerequisiteError",
        "log": "1563472268929826518356034508450851266833526",
        "message": "Must be licensed first."
      }
    }
  }
}

Responses

Status Meaning Description Schema
200 OK OK Inline
401 Unauthorized Authentication information missing or invalid Inline
403 Forbidden Request Forbidden - operation not allowed Inline

Response Schema

Status Code 200

OverlayClientsListResponse

Name Type Required Constraints Description
  response object false - Client details with IPs as keys
   OverlayClient object false - -
    managerid integer false - -
    overlay_ipaddress string false - -
    ipaddress string false - -
    tags object false - Key, value object of tags
     additionalProperties string false - -

Get clientpacks

Code samples

# You can also use wget
curl -X GET -u api:myapipassword https://vns3-host:8000/api/clientpacks \
  -H 'Accept: application/json'

from cohesivenet import VNS3Client

api_response = vns3_client.overlay_network.get_clientpacks(
    sorted=sorted)

print(api_response.json())

GET /clientpacks

Returns detailed information about all of the clientpacks in the topology. If manager's are properly peered, this information can come from any of the controllers.

Parameters

Name In Type Required Description
sorted query boolean false Sort resources

Example responses

200 Response

{
  "response": {
    "property1": {
      "name": "string",
      "overlay_ipaddress": "string",
      "linux_onefile": "string",
      "enabled": true,
      "conf_sha1": "string",
      "windows_onefile": "string",
      "ovpn_sha1": "string",
      "tarball_file": "string",
      "tarball_sha1": "string",
      "sequential_id": 0,
      "checked_out": true,
      "zip_sha1": "string",
      "zip_file": "string",
      "last_connect": "string",
      "last_disconnect": "string",
      "status": "string",
      "connected": true,
      "tags": {
        "property1": "string",
        "property2": "string"
      }
    },
    "property2": {
      "name": "string",
      "overlay_ipaddress": "string",
      "linux_onefile": "string",
      "enabled": true,
      "conf_sha1": "string",
      "windows_onefile": "string",
      "ovpn_sha1": "string",
      "tarball_file": "string",
      "tarball_sha1": "string",
      "sequential_id": 0,
      "checked_out": true,
      "zip_sha1": "string",
      "zip_file": "string",
      "last_connect": "string",
      "last_disconnect": "string",
      "status": "string",
      "connected": true,
      "tags": {
        "property1": "string",
        "property2": "string"
      }
    }
  }
}

Authentication information missing or invalid

{
  "error": {
    "name": "UnauthorizedError",
    "log": "1563472268929826518356034508450851266833526",
    "message": "Invalid or expired token"
  }
}

403 Response

{
  "response": {
    "message": "Keyset is missing",
    "log": "123901290309083024802120939123901023091239",
    "name": "PrerequisiteError"
  }
}

Responses

Status Meaning Description Schema
200 OK OK Inline
401 Unauthorized Authentication information missing or invalid Inline
403 Forbidden Request Forbidden - operation not allowed Inline

Response Schema

Status Code 200

ClientpackListResponse

Name Type Required Constraints Description
  response object false - -
   ClientPack object false - -
    name string false - -
    overlay_ipaddress string false - -
    linux_onefile string false - -
    enabled boolean false - -
    conf_sha1 string false - -
    windows_onefile string false - -
    ovpn_sha1 string false - -
    tarball_file string false - -
    tarball_sha1 string false - -
    sequential_id integer false - -
    checked_out boolean false - -
    zip_sha1 string false - -
    zip_file string false - -
    last_connect string false - -
    last_disconnect string false - -
    status string false - -
    connected boolean false - -
    tags object false - Key, value object of tags
     additionalProperties string false - -

Status Code 403

Error

Name Type Required Constraints Description
  error object false - -
   name string false - -
   log string false - -
   message string false - -

Update all clientpacks

Code samples

# You can also use wget
curl -X PUT -u api:myapipassword https://vns3-host:8000/api/clientpacks \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json'

from cohesivenet import VNS3Client

api_response = vns3_client.overlay_network.put_update_all_clientpacks(
    enabled=enabled,
    checked_out=checked_out)

print(api_response.json())

PUT /clientpacks

For bulk set of the enabled (true/false) state for all clientpacks and the checked_out (true/false) state for all clientpacks. This enables a variety of work flows by calling these functions after key generation, but before general provisioning of addresses to devivces

Body parameter

{
  "enabled": true,
  "checked_out": true
}

Parameters

Name In Type Required Description
enabled body boolean false Enable or disable clientpacks.
checked_out body boolean false Update whether clientpacks are checked out and thus unavailable

Example responses

200 Response

{
  "response": {
    "enabled": true,
    "checked_out": true
  }
}

400 Response

{
  "error": {
    "name": "APIArgumentError",
    "log": "156383509848878372758564869593812797782733",
    "message": "Argument must have a true or false value"
  }
}

Authentication information missing or invalid

{
  "error": {
    "name": "UnauthorizedError",
    "log": "1563472268929826518356034508450851266833526",
    "message": "Invalid or expired token"
  }
}

403 Response

{
  "response": {
    "message": "Must be licensed first.",
    "log": "123901290309083024802120939123901023091239",
    "name": "PrerequisiteError"
  }
}

Responses

Status Meaning Description Schema
200 OK OK Inline
400 Bad Request Bad request Inline
401 Unauthorized Authentication information missing or invalid Inline
403 Forbidden Request Forbidden - operation not allowed Inline

Response Schema

Status Code 200

UpdateClientpacksStatusResponse

Name Type Required Constraints Description
  response object false - -
   enabled boolean false - -
   checked_out boolean false - -

Status Code 400

Error

Name Type Required Constraints Description
  error object false - -
   name string false - -
   log string false - -
   message string false - -

Status Code 403

Error

Name Type Required Constraints Description
  error object false - -
   name string false - -
   log string false - -
   message string false - -

Create new clientpack

Code samples

# You can also use wget
curl -X POST -u api:myapipassword https://vns3-host:8000/api/clientpacks/add_clientpacks \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json'

from cohesivenet import VNS3Client

api_response = vns3_client.overlay_network.post_add_clientpacks(
    requested_ips=requested_ips)

print(api_response.json())

POST /clientpacks/add_clientpacks

Incrementally add new clientpacks for use

Body parameter

{
  "requested_ips": "string"
}

Parameters

Name In Type Required Description
requested_ips body string true CSV of IP addresses to be used for new clientpacks

Example responses

200 Response

{
  "response": "string"
}

Authentication information missing or invalid

{
  "error": {
    "name": "UnauthorizedError",
    "log": "1563472268929826518356034508450851266833526",
    "message": "Invalid or expired token"
  }
}

403 Response

{
  "response": {
    "message": "Not enough room in license for 5 more clientpacks.",
    "log": "123901290309083024802120939123901023091239",
    "name": "OperationNotAllowedError"
  }
}

Responses

Status Meaning Description Schema
200 OK OK Inline
401 Unauthorized Authentication information missing or invalid Inline
403 Forbidden Request Forbidden - operation not allowed Inline

Response Schema

Status Code 200

SimpleStringResponse

Name Type Required Constraints Description
  response string false - -

Status Code 403

Error

Name Type Required Constraints Description
  error object false - -
   name string false - -
   log string false - -
   message string false - -

Get clientpack details

Code samples

# You can also use wget
curl -X GET -u api:myapipassword https://vns3-host:8000/api/clientpacks/{clientpack_name} \
  -H 'Accept: application/json'

from cohesivenet import VNS3Client

api_response = vns3_client.overlay_network.get_clientpack(clientpack_name)

print(api_response.json())

GET /clientpacks/{clientpack_name}

Returns detailed information about all of the clientpacks in the topology. If manager's are properly peered, this information can come from any of the controllers.

Parameters

Name In Type Required Description
clientpack_name path string true name of clientpack

Example responses

200 Response

{
  "response": {
    "clientpack": {
      "name": "string",
      "overlay_ipaddress": "string",
      "linux_onefile": "string",
      "enabled": true,
      "conf_sha1": "string",
      "windows_onefile": "string",
      "ovpn_sha1": "string",
      "tarball_file": "string",
      "tarball_sha1": "string",
      "sequential_id": 0,
      "checked_out": true,
      "zip_sha1": "string",
      "zip_file": "string",
      "last_connect": "string",
      "last_disconnect": "string",
      "status": "string",
      "connected": true,
      "tags": {
        "property1": "string",
        "property2": "string"
      }
    }
  }
}

Authentication information missing or invalid

{
  "error": {
    "name": "UnauthorizedError",
    "log": "1563472268929826518356034508450851266833526",
    "message": "Invalid or expired token"
  }
}

403 Response

{
  "response": {
    "message": "Keyset is missing",
    "log": "123901290309083024802120939123901023091239",
    "name": "PrerequisiteError"
  }
}

Responses

Status Meaning Description Schema
200 OK OK Inline
401 Unauthorized Authentication information missing or invalid Inline
403 Forbidden Request Forbidden - operation not allowed Inline

Response Schema

Status Code 200

ClientpackDetailResponse

Name Type Required Constraints Description
  response object false - -
   clientpack object false - -
    name string false - -
    overlay_ipaddress string false - -
    linux_onefile string false - -
    enabled boolean false - -
    conf_sha1 string false - -
    windows_onefile string false - -
    ovpn_sha1 string false - -
    tarball_file string false - -
    tarball_sha1 string false - -
    sequential_id integer false - -
    checked_out boolean false - -
    zip_sha1 string false - -
    zip_file string false - -
    last_connect string false - -
    last_disconnect string false - -
    status string false - -
    connected boolean false - -
    tags object false - Key, value object of tags
     additionalProperties string false - -

Status Code 403

Error

Name Type Required Constraints Description
  error object false - -
   name string false - -
   log string false - -
   message string false - -

Download clientpack

Code samples

# You can also use wget
curl -X GET -u api:myapipassword https://vns3-host:8000/api/clientpack?name=string \
  -H 'Accept: application/octet-stream'

from cohesivenet import VNS3Client

api_response = vns3_client.overlay_network.get_download_clientpack(
    name=name,
    format=format,
    fileFormat=fileFormat)

print(api_response.file_download)   # path to downloaded file

GET /clientpack

Returns clientpack file. Clientpacks are files with the necessary information and credentials for an overlay client to be connected to the VNS3 topology

Parameters

Name In Type Required Description
name query string true name of clientpack. Typical IP address with underscores. e.g. 100_127_255_200.
format query string false One of tarball, zip, conf, ovpn (default is tarball)
fileFormat query string false One of tarball, zip, conf, ovpn (default is tarball)

Example responses

200 Response

"string"

Authentication information missing or invalid

{
  "error": {
    "name": "UnauthorizedError",
    "log": "1563472268929826518356034508450851266833526",
    "message": "Invalid or expired token"
  }
}

403 Response

{
  "response": {
    "message": "Must be licensed first",
    "log": "123901290309083024802120939123901023091239",
    "name": "PrerequisiteError"
  }
}

Responses

Status Meaning Description Schema
200 OK Clientpack file string
401 Unauthorized Authentication information missing or invalid Inline
403 Forbidden Request Forbidden - operation not allowed Inline

Response Schema

Status Code 403

Error

Name Type Required Constraints Description
  error object false - -
   name string false - -
   log string false - -
   message string false - -

Update clientpack

Code samples

# You can also use wget
curl -X PUT -u api:myapipassword https://vns3-host:8000/api/clientpack \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json'

from cohesivenet import VNS3Client

api_response = vns3_client.overlay_network.put_update_clientpack(
    name=name,
    enabled=enabled)

print(api_response.json())

PUT /clientpack

Change properties of clientpacks; enabling or disabling, checking in or out, or regenerating

Body parameter

{
    "name": "string",
    "enabled": true,
    "checked_out": true,
    "regenerate": true
}

Parameters

Name In Type Required Description
name body string false Name of the clientpack (IP snake case)
enabled body boolean false Enable or disable clientpack.
checked_out body boolean false Update whether clientpack is checked out and thus unavailable
regenerate body boolean false Regenerate clientpack file. Returns a task token in the response.

One of the following param combinations are required:

Example responses

200 Response

{
  "response": {
    "token": "string"
  }
}

400 Response

{
  "error": {
    "name": "APIArgumentError",
    "log": "156383509848878372758564869593812797782733",
    "message": "name argument must be set"
  }
}

Authentication information missing or invalid

{
  "error": {
    "name": "UnauthorizedError",
    "log": "1563472268929826518356034508450851266833526",
    "message": "Invalid or expired token"
  }
}

403 Response

{
  "response": {
    "message": "Must be licensed first",
    "log": "123901290309083024802120939123901023091239",
    "name": "PrerequisiteError"
  }
}

Responses

Status Meaning Description Schema
200 OK OK Inline
400 Bad Request Bad request Inline
401 Unauthorized Authentication information missing or invalid Inline
403 Forbidden Request Forbidden - operation not allowed Inline

Response Schema

Status Code 200

UpdateClientpack

Name Type Required Constraints Description
UpdateClientpack any false - -

oneOf

Name Type Required Constraints Description
  any object false - -
   response object false - -
    token string false - -

xor

Name Type Required Constraints Description
  any object false - -
   response object false - -
    name string false - -
    overlay_ipaddress string false - -
    linux_onefile string false - -
    enabled boolean false - -
    conf_sha1 string false - -
    windows_onefile string false - -
    ovpn_sha1 string false - -
    tarball_file string false - -
    tarball_sha1 string false - -
    sequential_id integer false - -
    checked_out boolean false - -
    zip_sha1 string false - -
    zip_file string false - -
    last_connect string false - -
    last_disconnect string false - -
    status string false - -
    connected boolean false - -
    tags object false - Key, value object of tags
     additionalProperties string false - -

Status Code 400

Error

Name Type Required Constraints Description
  error object false - -
   name string false - -
   log string false - -
   message string false - -

Status Code 403

Error

Name Type Required Constraints Description
  error object false - -
   name string false - -
   log string false - -
   message string false - -

Checkout next clientpack

Code samples

# You can also use wget
curl -X POST -u api:myapipassword https://vns3-host:8000/api/clientpacks/next_available \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json'

from cohesivenet import VNS3Client

api_response = vns3_client.overlay_network.post_checkout_next_clientpack(
    low_ip=low_ip,
    high_ip=high_ip,
    include_disabled=include_disabled)

print(api_response.json())

POST /clientpacks/next_available

Get next sequential client pack. Provides sufficient information to call GET /clientpack. Note, Using this resource against multiple controllers in the same topology could cause distribution of the same clientpack to multiple overlay devices which is not allowed.

Body parameter

{
  "low_ip": "string",
  "high_ip": "string",
  "include_disabled": false
}

Parameters

Name In Type Required Description
low_ip body string false Set the lower bound for the resulting IP
high_ip body string false Set the upper bound for the resulting IP
include_disabled body boolean false Allows clientpack allocation from the disabled pool, for workflows where all clientpacks are disabled at the start.

Example responses

200 Response

{
  "response": {
    "token": "string"
  }
}

Authentication information missing or invalid

{
  "error": {
    "name": "UnauthorizedError",
    "log": "1563472268929826518356034508450851266833526",
    "message": "Invalid or expired token"
  }
}

403 Response

{
  "response": {
    "message": "Keyset is missing",
    "log": "123901290309083024802120939123901023091239",
    "name": "PrerequisiteError"
  }
}

Responses

Status Meaning Description Schema
200 OK OK Inline
401 Unauthorized Authentication information missing or invalid Inline
403 Forbidden Request Forbidden - operation not allowed Inline

Response Schema

Status Code 200

UpdateClientpack

Name Type Required Constraints Description
UpdateClientpack any false - -

oneOf

Name Type Required Constraints Description
  any object false - -
   response object false - -
    token string false - -

xor

Name Type Required Constraints Description
  any object false - -
   response object false - -
    name string false - -
    overlay_ipaddress string false - -
    linux_onefile string false - -
    enabled boolean false - -
    conf_sha1 string false - -
    windows_onefile string false - -
    ovpn_sha1 string false - -
    tarball_file string false - -
    tarball_sha1 string false - -
    sequential_id integer false - -
    checked_out boolean false - -
    zip_sha1 string false - -
    zip_file string false - -
    last_connect string false - -
    last_disconnect string false - -
    status string false - -
    connected boolean false - -
    tags object false - Key, value object of tags
     additionalProperties string false - -

Status Code 403

Error

Name Type Required Constraints Description
  error object false - -
   name string false - -
   log string false - -
   message string false - -

Reset client

Code samples

# You can also use wget
curl -X POST -u api:myapipassword https://vns3-host:8000/api/client/reset \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json'

from cohesivenet import VNS3Client

api_response = vns3_client.overlay_network.post_reset_client(
    name=name,
    disconnect=disconnect)

print(api_response.json())

POST /client/reset

For resetting the connection of a client to a VNS3 Controller

Body parameter

{
  "name": "string",
  "disconnect": true
}

Parameters

Name In Type Required Description
name body string true Name of the clientpack as returned by the "desc_clientpacks" call
disconnect body boolean false -

Example responses

200 Response

{
  "response": {
    "disconnecting": "string",
    "overlay_ipaddress": "string"
  }
}

Authentication information missing or invalid

{
  "error": {
    "name": "UnauthorizedError",
    "log": "1563472268929826518356034508450851266833526",
    "message": "Invalid or expired token"
  }
}

403 Response

{
  "response": {
    "message": "Must be licensed first",
    "log": "123901290309083024802120939123901023091239",
    "name": "PrerequisiteError"
  }
}

Responses

Status Meaning Description Schema
200 OK OK Inline
401 Unauthorized Authentication information missing or invalid Inline
403 Forbidden Request Forbidden - operation not allowed Inline

Response Schema

Status Code 200

ClientpackStatusResponse

Name Type Required Constraints Description
  response object false - -
   disconnecting string false - -
   overlay_ipaddress string false - -

Status Code 403

Error

Name Type Required Constraints Description
  error object false - -
   name string false - -
   log string false - -
   message string false - -

Reset all clients

Code samples

# You can also use wget
curl -X POST -u api:myapipassword https://vns3-host:8000/api/clients/reset_all \
  -H 'Accept: application/json'

from cohesivenet import VNS3Client

api_response = vns3_client.overlay_network.post_reset_all_clients()

print(api_response.json())

POST /clients/reset_all

For resetting all of the connections of clients connected to the VNS3 Controller

Example responses

200 Response

{
  "response": {
    "resetting": [
      "string"
    ]
  }
}

Authentication information missing or invalid

{
  "error": {
    "name": "UnauthorizedError",
    "log": "1563472268929826518356034508450851266833526",
    "message": "Invalid or expired token"
  }
}

403 Response

{
  "response": {
    "message": "Must be licensed first",
    "log": "123901290309083024802120939123901023091239",
    "name": "PrerequisiteError"
  }
}

Responses

Status Meaning Description Schema
200 OK OK Inline
401 Unauthorized Authentication information missing or invalid Inline
403 Forbidden Request Forbidden - operation not allowed Inline

Response Schema

Status Code 200

BulkClientResetStatusResponse

Name Type Required Constraints Description
  response object false - -
   resetting [string] false - Cient IPs being reset

Status Code 403

Error

Name Type Required Constraints Description
  error object false - -
   name string false - -
   log string false - -
   message string false - -

Disconnect clientpack

Code samples

# You can also use wget
curl -X PUT -u api:myapipassword https://vns3-host:8000/api/clientpack/{clientpack_name} \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json'

from cohesivenet import VNS3Client

api_response = vns3_client.overlay_network.put_disconnect_clientpack(clientpack_name,
    disconnect=disconnect)

print(api_response.json())

PUT /clientpack/{clientpack_name}

Force disconnect client for named clientpack

Body parameter

{
  "disconnect": true
}

Parameters

Name In Type Required Description
clientpack_name path string true name of clientpack
disconnect body boolean true -

Example responses

200 Response

{
  "response": {
    "disconnecting": "string",
    "overlay_ipaddress": "string"
  }
}

400 Response

{
  "error": {
    "name": "APIArgumentError",
    "log": "156383509848878372758564869593812797782733",
    "message": "Overlay IP address 172.0.10.4 is not connected"
  }
}

Authentication information missing or invalid

{
  "error": {
    "name": "UnauthorizedError",
    "log": "1563472268929826518356034508450851266833526",
    "message": "Invalid or expired token"
  }
}

403 Response

{
  "response": {
    "message": "Keyset is missing",
    "log": "123901290309083024802120939123901023091239",
    "name": "PrerequisiteError"
  }
}

Responses

Status Meaning Description Schema
200 OK OK Inline
400 Bad Request Bad request Inline
401 Unauthorized Authentication information missing or invalid Inline
403 Forbidden Request Forbidden - operation not allowed Inline

Response Schema

Status Code 200

ClientpackStatusResponse

Name Type Required Constraints Description
  response object false - -
   disconnecting string false - -
   overlay_ipaddress string false - -

Status Code 400

Error

Name Type Required Constraints Description
  error object false - -
   name string false - -
   log string false - -
   message string false - -

Status Code 403

Error

Name Type Required Constraints Description
  error object false - -
   name string false - -
   log string false - -
   message string false - -

Create clientpack tag

Code samples

# You can also use wget
curl -X POST -u api:myapipassword https://vns3-host:8000/api/clientpack/{clientpack_name} \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json'

from cohesivenet import VNS3Client

api_response = vns3_client.overlay_network.post_create_clientpack_tag(clientpack_name,
    key=key,
    value=value)

print(api_response.json())

POST /clientpack/{clientpack_name}

For tagging individual clientpacks.

Body parameter

{
  "key": "string",
  "value": "string"
}

Parameters

Name In Type Required Description
clientpack_name path string true name of clientpack
key body string true Alphanumeric characters allowed in snake_case or kebab-case
value body string true -

Example responses

200 Response

{
  "response": {
    "name": "string",
    "tags": {
      "property1": "string",
      "property2": "string"
    }
  }
}

400 Response

{
  "error": {
    "name": "APIArgumentError",
    "log": "156383509848878372758564869593812797782733",
    "message": "bad tag key: badcharac!er!!"
  }
}

Authentication information missing or invalid

{
  "error": {
    "name": "UnauthorizedError",
    "log": "1563472268929826518356034508450851266833526",
    "message": "Invalid or expired token"
  }
}

403 Response

{
  "response": {
    "message": "Keyset is missing",
    "log": "123901290309083024802120939123901023091239",
    "name": "PrerequisiteError"
  }
}

Responses

Status Meaning Description Schema
200 OK OK Inline
400 Bad Request Bad request Inline
401 Unauthorized Authentication information missing or invalid Inline
403 Forbidden Request Forbidden - operation not allowed Inline

Response Schema

Status Code 200

ClientpackTagsResponse

Name Type Required Constraints Description
  response object false - -
   name string false - Clientpack name
   tags object false - -
    additionalProperties string false - -

Status Code 400

Error

Name Type Required Constraints Description
  error object false - -
   name string false - -
   log string false - -
   message string false - -

Status Code 403

Error

Name Type Required Constraints Description
  error object false - -
   name string false - -
   log string false - -
   message string false - -

Delete clientpack tag

Code samples

# You can also use wget
curl -X DELETE -u api:myapipassword https://vns3-host:8000/api/clientpack/{clientpack_name} \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json'

from cohesivenet import VNS3Client

api_response = vns3_client.overlay_network.delete_clientpack_tag(clientpack_name,
    key=key)

print(api_response.json())

DELETE /clientpack/{clientpack_name}

For deleting individual clientpack tags

Body parameter

{
  "key": "string"
}

Parameters

Name In Type Required Description
clientpack_name path string true name of clientpack
key body string true -

Example responses

200 Response

{
  "response": {
    "name": "string",
    "tags": {
      "property1": "string",
      "property2": "string"
    }
  }
}

400 Response

{
  "error": {
    "name": "APIArgumentError",
    "log": "156383509848878372758564869593812797782733",
    "message": "Clientpack named '10_0_100_4' does not exist"
  }
}

Authentication information missing or invalid

{
  "error": {
    "name": "UnauthorizedError",
    "log": "1563472268929826518356034508450851266833526",
    "message": "Invalid or expired token"
  }
}

403 Response

{
  "response": {
    "message": "Keyset is missing",
    "log": "123901290309083024802120939123901023091239",
    "name": "PrerequisiteError"
  }
}

Responses

Status Meaning Description Schema
200 OK OK Inline
400 Bad Request Bad request Inline
401 Unauthorized Authentication information missing or invalid Inline
403 Forbidden Request Forbidden - operation not allowed Inline

Response Schema

Status Code 200

ClientpackTagsResponse

Name Type Required Constraints Description
  response object false - -
   name string false - Clientpack name
   tags object false - -
    additionalProperties string false - -

Status Code 400

Error

Name Type Required Constraints Description
  error object false - -
   name string false - -
   log string false - -
   message string false - -

Status Code 403

Error

Name Type Required Constraints Description
  error object false - -
   name string false - -
   log string false - -
   message string false - -

Peering

Manage VNS3 controller peering for mesh topologies

Get peering status

Code samples

# You can also use wget
curl -X GET -u api:myapipassword https://vns3-host:8000/api/peering \
  -H 'Accept: application/json'

from cohesivenet import VNS3Client

api_response = vns3_client.peering.get_peering_status()

print(api_response.json())

GET /peering

Provides the status of whether a Controller is peered to other Controllers

Example responses

200 Response

{
  "response": {
    "id": 1,
    "peered": true,
    "managers": {
      "property1": {
        "id": 1,
        "not_set": true,
        "self": true,
        "mtu": "string",
        "reachable": true,
        "address": "string",
        "overlay_ipaddress": "string"
      },
      "property2": {
        "id": 1,
        "not_set": true,
        "self": true,
        "mtu": "string",
        "reachable": true,
        "address": "string",
        "overlay_ipaddress": "string"
      }
    },
    "controllers": {
      "property1": {
        "id": 1,
        "not_set": true,
        "self": true,
        "mtu": "string",
        "reachable": true,
        "address": "string",
        "overlay_ipaddress": "string"
      },
      "property2": {
        "id": 1,
        "not_set": true,
        "self": true,
        "mtu": "string",
        "reachable": true,
        "address": "string",
        "overlay_ipaddress": "string"
      }
    }
  }
}

Authentication information missing or invalid

{
  "error": {
    "name": "UnauthorizedError",
    "log": "1563472268929826518356034508450851266833526",
    "message": "Invalid or expired token"
  }
}

403 Response

{
  "unlicensedExample": {
    "value": {
      "error": {
        "name": "PrerequisiteError",
        "log": "1563472268929826518356034508450851266833526",
        "message": "Must be licensed first."
      }
    }
  }
}

Responses

Status Meaning Description Schema
200 OK OK Inline
401 Unauthorized Authentication information missing or invalid Inline
403 Forbidden Request Forbidden - operation not allowed Inline

Response Schema

Status Code 200

PeersDetailResponse

Name Type Required Constraints Description
  response object false - -
   id integer false - -
   peered boolean false - -
   managers object false - -
    VNS3ControllerPeer object false - -
     id integer false - -
     not_set boolean false - -
     self boolean false - -
     mtu string false - -
     reachable boolean false - -
     address string false - -
     overlay_ipaddress string false - -
   controllers object false - -
    VNS3ControllerPeer object false - -
     id integer false - -
     not_set boolean false - -
     self boolean false - -
     mtu string false - -
     reachable boolean false - -
     address string false - -
     overlay_ipaddress string false - -

Set peering ID

Code samples

# You can also use wget
curl -X PUT -u api:myapipassword https://vns3-host:8000/api/peering/self \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json'

from cohesivenet import VNS3Client

api_response = vns3_client.peering.put_self_peering_id(
    id=id,
    force=force)

print(api_response.json())

PUT /peering/self

Sets the Controller ID of a controller so that it can be peered within a topology

Body parameter

{
  "id": 0,
  "force": true
}

Parameters

Name In Type Required Description
id body integer true Cannot be the same as the id of another manager in the topology, and cannot be greater than the number of controllers in the topology
force body boolean false -

Example responses

200 Response

{
  "peered": true,
  "id": 1,
  "managers": {
    "1": {
      "overlay_ipaddress": "100.127.255.253",
      "self": true
    },
    "2": {
      "overlay_ipaddress": "100.127.255.252",
      "not_set": true,
      "id": 2
    }
  }
}

400 Response

{
  "error": {
    "name": "APIArgumentError",
    "log": "1563565922480638538304998251646824695267891",
    "message": "id is invalid"
  }
}

Authentication information missing or invalid

{
  "error": {
    "name": "UnauthorizedError",
    "log": "1563472268929826518356034508450851266833526",
    "message": "Invalid or expired token"
  }
}

403 Response

{
  "unlicensedExample": {
    "value": {
      "error": {
        "name": "PrerequisiteError",
        "log": "1563472268929826518356034508450851266833526",
        "message": "Must be licensed first."
      }
    }
  }
}

Responses

Status Meaning Description Schema
200 OK OK Inline
400 Bad Request Bad request Inline
401 Unauthorized Authentication information missing or invalid Inline
403 Forbidden Request Forbidden - operation not allowed Inline

Response Schema

Status Code 200

PeersDetailResponse

Name Type Required Constraints Description
  response object false - -
   id integer false - -
   peered boolean false - -
   managers object false - -
    VNS3ControllerPeer object false - -
     id integer false - -
     not_set boolean false - -
     self boolean false - -
     mtu string false - -
     reachable boolean false - -
     address string false - -
     overlay_ipaddress string false - -
   controllers object false - -
    VNS3ControllerPeer object false - -
     id integer false - -
     not_set boolean false - -
     self boolean false - -
     mtu string false - -
     reachable boolean false - -
     address string false - -
     overlay_ipaddress string false - -

Status Code 400

Error

Name Type Required Constraints Description
  error object false - -
   name string false - -
   log string false - -
   message string false - -

Create peer

Code samples

# You can also use wget
curl -X POST -u api:myapipassword https://vns3-host:8000/api/peering/peers \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json'

from cohesivenet import VNS3Client

api_response = vns3_client.peering.post_create_peer(
    id=id,
    name=name,
    overlay_mtu=overlay_mtu,
    force=force)

print(api_response.json())

POST /peering/peers

Creates a peering relationship from a controller to another controller. The peering call is unidirectional. Reciprocal calls must be made to peer two controllers together and complete the peering process.

Body parameter

{
  "id": 0,
  "name": "string",
  "overlay_mtu": "string",
  "force": true
}

Parameters

Name In Type Required Description
id body integer true Manager ID as an integer of the the manager you are peering with, NOT the id of the one you are calling from
name body string true IP address or host name of the one you are peering with.
overlay_mtu body string false link MTU between 500 and 4800. Defaults to 1500
force body boolean false Setting false will NOT finalize the peering operation. A peer "reconfigure" call would then be required. Default is true

Example responses

200 Response

{
  "response": {
    "id": 1,
    "peered": true,
    "managers": {
      "property1": {
        "id": 1,
        "not_set": true,
        "self": true,
        "mtu": "string",
        "reachable": true,
        "address": "string",
        "overlay_ipaddress": "string"
      },
      "property2": {
        "id": 1,
        "not_set": true,
        "self": true,
        "mtu": "string",
        "reachable": true,
        "address": "string",
        "overlay_ipaddress": "string"
      }
    },
    "controllers": {
      "property1": {
        "id": 1,
        "not_set": true,
        "self": true,
        "mtu": "string",
        "reachable": true,
        "address": "string",
        "overlay_ipaddress": "string"
      },
      "property2": {
        "id": 1,
        "not_set": true,
        "self": true,
        "mtu": "string",
        "reachable": true,
        "address": "string",
        "overlay_ipaddress": "string"
      }
    }
  }
}

400 Response

{
  "error": {
    "name": "APIArgumentError",
    "log": "156348346294205629750334447737345166168929",
    "message": "5 is an invalid controller id"
  }
}

Authentication information missing or invalid

{
  "error": {
    "name": "UnauthorizedError",
    "log": "1563472268929826518356034508450851266833526",
    "message": "Invalid or expired token"
  }
}

403 Response

{
  "unlicensedExample": {
    "value": {
      "error": {
        "name": "PrerequisiteError",
        "log": "1563472268929826518356034508450851266833526",
        "message": "Must be licensed first."
      }
    }
  }
}

Responses

Status Meaning Description Schema
200 OK Created Inline
400 Bad Request Bad request Inline
401 Unauthorized Authentication information missing or invalid Inline
403 Forbidden Request Forbidden - operation not allowed Inline

Response Schema

Status Code 200

PeersDetailResponse

Name Type Required Constraints Description
  response object false - -
   id integer false - -
   peered boolean false - -
   managers object false - -
    VNS3ControllerPeer object false - -
     id integer false - -
     not_set boolean false - -
     self boolean false - -
     mtu string false - -
     reachable boolean false - -
     address string false - -
     overlay_ipaddress string false - -
   controllers object false - -
    VNS3ControllerPeer object false - -
     id integer false - -
     not_set boolean false - -
     self boolean false - -
     mtu string false - -
     reachable boolean false - -
     address string false - -
     overlay_ipaddress string false - -

Status Code 400

Error

Name Type Required Constraints Description
  error object false - -
   name string false - -
   log string false - -
   message string false - -

Delete peer

Code samples

# You can also use wget
curl -X DELETE -u api:myapipassword https://vns3-host:8000/api/peering/peers/{peer_id} \
  -H 'Accept: application/json'

from cohesivenet import VNS3Client

api_response = vns3_client.peering.delete_peer(peer_id)

print(api_response.json())

DELETE /peering/peers/{peer_id}

Breaks a peering relationship from a controller to another controller. The peering call is unidirectional. Reciprocal calls must be made to fully break the peer relationship.

Parameters

Name In Type Required Description
peer_id path integer true Peer ID for controller peer

Example responses

200 Response

{
  "response": {
    "id": 1,
    "peered": true,
    "managers": {
      "property1": {
        "id": 1,
        "not_set": true,
        "self": true,
        "mtu": "string",
        "reachable": true,
        "address": "string",
        "overlay_ipaddress": "string"
      },
      "property2": {
        "id": 1,
        "not_set": true,
        "self": true,
        "mtu": "string",
        "reachable": true,
        "address": "string",
        "overlay_ipaddress": "string"
      }
    },
    "controllers": {
      "property1": {
        "id": 1,
        "not_set": true,
        "self": true,
        "mtu": "string",
        "reachable": true,
        "address": "string",
        "overlay_ipaddress": "string"
      },
      "property2": {
        "id": 1,
        "not_set": true,
        "self": true,
        "mtu": "string",
        "reachable": true,
        "address": "string",
        "overlay_ipaddress": "string"
      }
    }
  }
}

400 Response

{
  "error": {
    "name": "APIArgumentError",
    "log": "156348346294205629750334447737345166168929",
    "message": "20 is invalid as controller id."
  }
}

Authentication information missing or invalid

{
  "error": {
    "name": "UnauthorizedError",
    "log": "1563472268929826518356034508450851266833526",
    "message": "Invalid or expired token"
  }
}

403 Response

{
  "unlicensedExample": {
    "value": {
      "error": {
        "name": "PrerequisiteError",
        "log": "1563472268929826518356034508450851266833526",
        "message": "Must be licensed first."
      }
    }
  }
}

Responses

Status Meaning Description Schema
200 OK OK Inline
400 Bad Request Bad request Inline
401 Unauthorized Authentication information missing or invalid Inline
403 Forbidden Request Forbidden - operation not allowed Inline

Response Schema

Status Code 200

PeersDetailResponse

Name Type Required Constraints Description
  response object false - -
   id integer false - -
   peered boolean false - -
   managers object false - -
    VNS3ControllerPeer object false - -
     id integer false - -
     not_set boolean false - -
     self boolean false - -
     mtu string false - -
     reachable boolean false - -
     address string false - -
     overlay_ipaddress string false - -
   controllers object false - -
    VNS3ControllerPeer object false - -
     id integer false - -
     not_set boolean false - -
     self boolean false - -
     mtu string false - -
     reachable boolean false - -
     address string false - -
     overlay_ipaddress string false - -

Status Code 400

Error

Name Type Required Constraints Description
  error object false - -
   name string false - -
   log string false - -
   message string false - -

Update peer

Code samples

# You can also use wget
curl -X PUT -u api:myapipassword https://vns3-host:8000/api/peering/peers/{peer_id} \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json'

from cohesivenet import VNS3Client

api_response = vns3_client.peering.put_update_peer(peer_id,
    name=name,
    overlay_mtu=overlay_mtu,
    force=force)

print(api_response.json())

PUT /peering/peers/{peer_id}

Edits a peering relationship from a controller to another controller. The peering call is unidirectional. Reciprocal calls must be made to peer two controllers together and complete the peering process.

Body parameter

{
  "name": "string",
  "overlay_mtu": "string",
  "force": true
}

Parameters

Name In Type Required Description
peer_id path integer true Peer ID for controller peer
name body string false IP address or host name of the one you are peering with.
overlay_mtu body string false link MTU between 500 and 4800
force body boolean false Setting false will NOT finalize the peering operation. A peer "reconfigure" call would then be required. Default is true

Example responses

200 Response

{
  "response": {
    "id": 1,
    "peered": true,
    "managers": {
      "property1": {
        "id": 1,
        "not_set": true,
        "self": true,
        "mtu": "string",
        "reachable": true,
        "address": "string",
        "overlay_ipaddress": "string"
      },
      "property2": {
        "id": 1,
        "not_set": true,
        "self": true,
        "mtu": "string",
        "reachable": true,
        "address": "string",
        "overlay_ipaddress": "string"
      }
    },
    "controllers": {
      "property1": {
        "id": 1,
        "not_set": true,
        "self": true,
        "mtu": "string",
        "reachable": true,
        "address": "string",
        "overlay_ipaddress": "string"
      },
      "property2": {
        "id": 1,
        "not_set": true,
        "self": true,
        "mtu": "string",
        "reachable": true,
        "address": "string",
        "overlay_ipaddress": "string"
      }
    }
  }
}

400 Response

{
  "error": {
    "name": "APIArgumentError",
    "log": "156348346294205629750334447737345166168929",
    "message": "mtu must be an integer between 500 and 48,000"
  }
}

Authentication information missing or invalid

{
  "error": {
    "name": "UnauthorizedError",
    "log": "1563472268929826518356034508450851266833526",
    "message": "Invalid or expired token"
  }
}

403 Response

{
  "unlicensedExample": {
    "value": {
      "error": {
        "name": "PrerequisiteError",
        "log": "1563472268929826518356034508450851266833526",
        "message": "Must be licensed first."
      }
    }
  }
}

Responses

Status Meaning Description Schema
200 OK OK Inline
400 Bad Request Bad request Inline
401 Unauthorized Authentication information missing or invalid Inline
403 Forbidden Request Forbidden - operation not allowed Inline

Response Schema

Status Code 200

PeersDetailResponse

Name Type Required Constraints Description
  response object false - -
   id integer false - -
   peered boolean false - -
   managers object false - -
    VNS3ControllerPeer object false - -
     id integer false - -
     not_set boolean false - -
     self boolean false - -
     mtu string false - -
     reachable boolean false - -
     address string false - -
     overlay_ipaddress string false - -
   controllers object false - -
    VNS3ControllerPeer object false - -
     id integer false - -
     not_set boolean false - -
     self boolean false - -
     mtu string false - -
     reachable boolean false - -
     address string false - -
     overlay_ipaddress string false - -

Status Code 400

Error

Name Type Required Constraints Description
  error object false - -
   name string false - -
   log string false - -
   message string false - -

Interfaces

Collection for viewing and editing virtual and system interfaces

Get all interfaces

Code samples

# You can also use wget
curl -X GET -u api:myapipassword https://vns3-host:8000/api/interfaces \
  -H 'Accept: application/json'

from cohesivenet import VNS3Client

api_response = vns3_client.interfaces.get_interfaces()

print(api_response.json())

GET /interfaces

(BETA) Describe all physical and virtual interfaces, both system and edge GRE interfaces

Example responses

200 Response

{
  "response": [
    {
      "id": 4,
      "name": "eth0",
      "interface_type": "system",
      "description": "Auto-created interface",
      "ip_internal": "192.168.1.211",
      "mtu": 9001,
      "enabled": true,
      "status": "Up",
      "mask_bits": 24,
      "gateway": null,
      "system_default": true,
      "ip_external": "3.222.68.251",
      "tags": []
    },
    {
      "id": 5,
      "name": "lo",
      "interface_type": "system",
      "description": "Auto-created interface",
      "ip_internal": "127.0.0.1",
      "mtu": 65536,
      "enabled": true,
      "status": "Up",
      "mask_bits": 8,
      "gateway": null,
      "system_default": true,
      "ip_external": null,
      "tags": []
    },
    {
      "id": 7,
      "name": "eth0:0",
      "interface_type": "system",
      "description": "This interface used as IPsec loopback via Local Private IP",
      "ip_internal": "192.168.1.230",
      "mtu": 9001,
      "enabled": true,
      "status": "Up",
      "mask_bits": 31,
      "gateway": null,
      "system_default": true,
      "ip_external": null,
      "tags": []
    },
    {
      "id": 6,
      "name": "plugin0",
      "interface_type": "system_virtual",