1. Packages
  2. Routeros Provider
  3. API Docs
  4. IpIpsecModeConfig
routeros 1.81.2 published on Tuesday, Apr 15, 2025 by terraform-routeros

routeros.IpIpsecModeConfig

Explore with Pulumi AI

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as routeros from "@pulumi/routeros";

const test = new routeros.IpIpsecModeConfig("test", {
    address: "1.2.3.4",
    splitDns: ["1.1.1.1"],
    splitIncludes: ["0.0.0.0/0"],
});
Copy
import pulumi
import pulumi_routeros as routeros

test = routeros.IpIpsecModeConfig("test",
    address="1.2.3.4",
    split_dns=["1.1.1.1"],
    split_includes=["0.0.0.0/0"])
Copy
package main

import (
	"github.com/pulumi/pulumi-terraform-provider/sdks/go/routeros/routeros"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := routeros.NewIpIpsecModeConfig(ctx, "test", &routeros.IpIpsecModeConfigArgs{
			Address: pulumi.String("1.2.3.4"),
			SplitDns: pulumi.StringArray{
				pulumi.String("1.1.1.1"),
			},
			SplitIncludes: pulumi.StringArray{
				pulumi.String("0.0.0.0/0"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}
Copy
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Routeros = Pulumi.Routeros;

return await Deployment.RunAsync(() => 
{
    var test = new Routeros.IpIpsecModeConfig("test", new()
    {
        Address = "1.2.3.4",
        SplitDns = new[]
        {
            "1.1.1.1",
        },
        SplitIncludes = new[]
        {
            "0.0.0.0/0",
        },
    });

});
Copy
package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.routeros.IpIpsecModeConfig;
import com.pulumi.routeros.IpIpsecModeConfigArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var test = new IpIpsecModeConfig("test", IpIpsecModeConfigArgs.builder()
            .address("1.2.3.4")
            .splitDns("1.1.1.1")
            .splitIncludes("0.0.0.0/0")
            .build());

    }
}
Copy
resources:
  test:
    type: routeros:IpIpsecModeConfig
    properties:
      address: 1.2.3.4
      splitDns:
        - 1.1.1.1
      splitIncludes:
        - 0.0.0.0/0
Copy

Create IpIpsecModeConfig Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new IpIpsecModeConfig(name: string, args?: IpIpsecModeConfigArgs, opts?: CustomResourceOptions);
@overload
def IpIpsecModeConfig(resource_name: str,
                      args: Optional[IpIpsecModeConfigArgs] = None,
                      opts: Optional[ResourceOptions] = None)

@overload
def IpIpsecModeConfig(resource_name: str,
                      opts: Optional[ResourceOptions] = None,
                      ___id_: Optional[float] = None,
                      ___path_: Optional[str] = None,
                      address: Optional[str] = None,
                      address_pool: Optional[str] = None,
                      address_prefix_length: Optional[float] = None,
                      connection_mark: Optional[str] = None,
                      ip_ipsec_mode_config_id: Optional[str] = None,
                      name: Optional[str] = None,
                      responder: Optional[bool] = None,
                      split_dns: Optional[Sequence[str]] = None,
                      split_includes: Optional[Sequence[str]] = None,
                      src_address_list: Optional[str] = None,
                      static_dns: Optional[str] = None,
                      system_dns: Optional[bool] = None,
                      use_responder_dns: Optional[str] = None)
func NewIpIpsecModeConfig(ctx *Context, name string, args *IpIpsecModeConfigArgs, opts ...ResourceOption) (*IpIpsecModeConfig, error)
public IpIpsecModeConfig(string name, IpIpsecModeConfigArgs? args = null, CustomResourceOptions? opts = null)
public IpIpsecModeConfig(String name, IpIpsecModeConfigArgs args)
public IpIpsecModeConfig(String name, IpIpsecModeConfigArgs args, CustomResourceOptions options)
type: routeros:IpIpsecModeConfig
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name This property is required. string
The unique name of the resource.
args IpIpsecModeConfigArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name This property is required. str
The unique name of the resource.
args IpIpsecModeConfigArgs
The arguments to resource properties.
opts ResourceOptions
Bag of options to control resource's behavior.
ctx Context
Context object for the current deployment.
name This property is required. string
The unique name of the resource.
args IpIpsecModeConfigArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name This property is required. string
The unique name of the resource.
args IpIpsecModeConfigArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
name This property is required. String
The unique name of the resource.
args This property is required. IpIpsecModeConfigArgs
The arguments to resource properties.
options CustomResourceOptions
Bag of options to control resource's behavior.

IpIpsecModeConfig Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The IpIpsecModeConfig resource accepts the following input properties:

Address string
Single IP address for the initiator instead of specifying a whole address pool.
AddressPool string
Name of the address pool from which the responder will try to assign address if mode-config is enabled.
AddressPrefixLength double
Prefix length (netmask) of the assigned address from the pool.
ConnectionMark string
Firewall connection mark.
IpIpsecModeConfigId string
The ID of this resource.
Name string
Responder bool
Specifies whether the configuration will work as an initiator (client) or responder (server). The initiator will request for mode-config parameters from the responder.
SplitDns List<string>
List of DNS names that will be resolved using a system-dns=yes or static-dns= setting.
SplitIncludes List<string>
List of subnets in CIDR format, which to tunnel. Subnets will be sent to the peer using the CISCO UNITY extension, a remote peer will create specific dynamic policies.
SrcAddressList string
Specifying an address list will generate dynamic source NAT rules. This parameter is only available with responder=no. A roadWarrior client with NAT.
StaticDns string
Manually specified DNS server's IP address to be sent to the client.
SystemDns bool
When this option is enabled DNS addresses will be taken from /ip dns.
UseResponderDns string
___id_ double
Resource ID type (.id / name). This is an internal service field, setting a value is not required.
___path_ string
Resource path for CRUD operations. This is an internal service field, setting a value is not required.
Address string
Single IP address for the initiator instead of specifying a whole address pool.
AddressPool string
Name of the address pool from which the responder will try to assign address if mode-config is enabled.
AddressPrefixLength float64
Prefix length (netmask) of the assigned address from the pool.
ConnectionMark string
Firewall connection mark.
IpIpsecModeConfigId string
The ID of this resource.
Name string
Responder bool
Specifies whether the configuration will work as an initiator (client) or responder (server). The initiator will request for mode-config parameters from the responder.
SplitDns []string
List of DNS names that will be resolved using a system-dns=yes or static-dns= setting.
SplitIncludes []string
List of subnets in CIDR format, which to tunnel. Subnets will be sent to the peer using the CISCO UNITY extension, a remote peer will create specific dynamic policies.
SrcAddressList string
Specifying an address list will generate dynamic source NAT rules. This parameter is only available with responder=no. A roadWarrior client with NAT.
StaticDns string
Manually specified DNS server's IP address to be sent to the client.
SystemDns bool
When this option is enabled DNS addresses will be taken from /ip dns.
UseResponderDns string
___id_ float64
Resource ID type (.id / name). This is an internal service field, setting a value is not required.
___path_ string
Resource path for CRUD operations. This is an internal service field, setting a value is not required.
___id_ Double
Resource ID type (.id / name). This is an internal service field, setting a value is not required.
___path_ String
Resource path for CRUD operations. This is an internal service field, setting a value is not required.
address String
Single IP address for the initiator instead of specifying a whole address pool.
addressPool String
Name of the address pool from which the responder will try to assign address if mode-config is enabled.
addressPrefixLength Double
Prefix length (netmask) of the assigned address from the pool.
connectionMark String
Firewall connection mark.
ipIpsecModeConfigId String
The ID of this resource.
name String
responder Boolean
Specifies whether the configuration will work as an initiator (client) or responder (server). The initiator will request for mode-config parameters from the responder.
splitDns List<String>
List of DNS names that will be resolved using a system-dns=yes or static-dns= setting.
splitIncludes List<String>
List of subnets in CIDR format, which to tunnel. Subnets will be sent to the peer using the CISCO UNITY extension, a remote peer will create specific dynamic policies.
srcAddressList String
Specifying an address list will generate dynamic source NAT rules. This parameter is only available with responder=no. A roadWarrior client with NAT.
staticDns String
Manually specified DNS server's IP address to be sent to the client.
systemDns Boolean
When this option is enabled DNS addresses will be taken from /ip dns.
useResponderDns String
___id_ number
Resource ID type (.id / name). This is an internal service field, setting a value is not required.
___path_ string
Resource path for CRUD operations. This is an internal service field, setting a value is not required.
address string
Single IP address for the initiator instead of specifying a whole address pool.
addressPool string
Name of the address pool from which the responder will try to assign address if mode-config is enabled.
addressPrefixLength number
Prefix length (netmask) of the assigned address from the pool.
connectionMark string
Firewall connection mark.
ipIpsecModeConfigId string
The ID of this resource.
name string
responder boolean
Specifies whether the configuration will work as an initiator (client) or responder (server). The initiator will request for mode-config parameters from the responder.
splitDns string[]
List of DNS names that will be resolved using a system-dns=yes or static-dns= setting.
splitIncludes string[]
List of subnets in CIDR format, which to tunnel. Subnets will be sent to the peer using the CISCO UNITY extension, a remote peer will create specific dynamic policies.
srcAddressList string
Specifying an address list will generate dynamic source NAT rules. This parameter is only available with responder=no. A roadWarrior client with NAT.
staticDns string
Manually specified DNS server's IP address to be sent to the client.
systemDns boolean
When this option is enabled DNS addresses will be taken from /ip dns.
useResponderDns string
___id_ float
Resource ID type (.id / name). This is an internal service field, setting a value is not required.
___path_ str
Resource path for CRUD operations. This is an internal service field, setting a value is not required.
address str
Single IP address for the initiator instead of specifying a whole address pool.
address_pool str
Name of the address pool from which the responder will try to assign address if mode-config is enabled.
address_prefix_length float
Prefix length (netmask) of the assigned address from the pool.
connection_mark str
Firewall connection mark.
ip_ipsec_mode_config_id str
The ID of this resource.
name str
responder bool
Specifies whether the configuration will work as an initiator (client) or responder (server). The initiator will request for mode-config parameters from the responder.
split_dns Sequence[str]
List of DNS names that will be resolved using a system-dns=yes or static-dns= setting.
split_includes Sequence[str]
List of subnets in CIDR format, which to tunnel. Subnets will be sent to the peer using the CISCO UNITY extension, a remote peer will create specific dynamic policies.
src_address_list str
Specifying an address list will generate dynamic source NAT rules. This parameter is only available with responder=no. A roadWarrior client with NAT.
static_dns str
Manually specified DNS server's IP address to be sent to the client.
system_dns bool
When this option is enabled DNS addresses will be taken from /ip dns.
use_responder_dns str
___id_ Number
Resource ID type (.id / name). This is an internal service field, setting a value is not required.
___path_ String
Resource path for CRUD operations. This is an internal service field, setting a value is not required.
address String
Single IP address for the initiator instead of specifying a whole address pool.
addressPool String
Name of the address pool from which the responder will try to assign address if mode-config is enabled.
addressPrefixLength Number
Prefix length (netmask) of the assigned address from the pool.
connectionMark String
Firewall connection mark.
ipIpsecModeConfigId String
The ID of this resource.
name String
responder Boolean
Specifies whether the configuration will work as an initiator (client) or responder (server). The initiator will request for mode-config parameters from the responder.
splitDns List<String>
List of DNS names that will be resolved using a system-dns=yes or static-dns= setting.
splitIncludes List<String>
List of subnets in CIDR format, which to tunnel. Subnets will be sent to the peer using the CISCO UNITY extension, a remote peer will create specific dynamic policies.
srcAddressList String
Specifying an address list will generate dynamic source NAT rules. This parameter is only available with responder=no. A roadWarrior client with NAT.
staticDns String
Manually specified DNS server's IP address to be sent to the client.
systemDns Boolean
When this option is enabled DNS addresses will be taken from /ip dns.
useResponderDns String

Outputs

All input properties are implicitly available as output properties. Additionally, the IpIpsecModeConfig resource produces the following output properties:

Id string
The provider-assigned unique ID for this managed resource.
Id string
The provider-assigned unique ID for this managed resource.
id String
The provider-assigned unique ID for this managed resource.
id string
The provider-assigned unique ID for this managed resource.
id str
The provider-assigned unique ID for this managed resource.
id String
The provider-assigned unique ID for this managed resource.

Look up Existing IpIpsecModeConfig Resource

Get an existing IpIpsecModeConfig resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: IpIpsecModeConfigState, opts?: CustomResourceOptions): IpIpsecModeConfig
@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        ___id_: Optional[float] = None,
        ___path_: Optional[str] = None,
        address: Optional[str] = None,
        address_pool: Optional[str] = None,
        address_prefix_length: Optional[float] = None,
        connection_mark: Optional[str] = None,
        ip_ipsec_mode_config_id: Optional[str] = None,
        name: Optional[str] = None,
        responder: Optional[bool] = None,
        split_dns: Optional[Sequence[str]] = None,
        split_includes: Optional[Sequence[str]] = None,
        src_address_list: Optional[str] = None,
        static_dns: Optional[str] = None,
        system_dns: Optional[bool] = None,
        use_responder_dns: Optional[str] = None) -> IpIpsecModeConfig
func GetIpIpsecModeConfig(ctx *Context, name string, id IDInput, state *IpIpsecModeConfigState, opts ...ResourceOption) (*IpIpsecModeConfig, error)
public static IpIpsecModeConfig Get(string name, Input<string> id, IpIpsecModeConfigState? state, CustomResourceOptions? opts = null)
public static IpIpsecModeConfig get(String name, Output<String> id, IpIpsecModeConfigState state, CustomResourceOptions options)
resources:  _:    type: routeros:IpIpsecModeConfig    get:      id: ${id}
name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
resource_name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
The following state arguments are supported:
Address string
Single IP address for the initiator instead of specifying a whole address pool.
AddressPool string
Name of the address pool from which the responder will try to assign address if mode-config is enabled.
AddressPrefixLength double
Prefix length (netmask) of the assigned address from the pool.
ConnectionMark string
Firewall connection mark.
IpIpsecModeConfigId string
The ID of this resource.
Name string
Responder bool
Specifies whether the configuration will work as an initiator (client) or responder (server). The initiator will request for mode-config parameters from the responder.
SplitDns List<string>
List of DNS names that will be resolved using a system-dns=yes or static-dns= setting.
SplitIncludes List<string>
List of subnets in CIDR format, which to tunnel. Subnets will be sent to the peer using the CISCO UNITY extension, a remote peer will create specific dynamic policies.
SrcAddressList string
Specifying an address list will generate dynamic source NAT rules. This parameter is only available with responder=no. A roadWarrior client with NAT.
StaticDns string
Manually specified DNS server's IP address to be sent to the client.
SystemDns bool
When this option is enabled DNS addresses will be taken from /ip dns.
UseResponderDns string
___id_ double
Resource ID type (.id / name). This is an internal service field, setting a value is not required.
___path_ string
Resource path for CRUD operations. This is an internal service field, setting a value is not required.
Address string
Single IP address for the initiator instead of specifying a whole address pool.
AddressPool string
Name of the address pool from which the responder will try to assign address if mode-config is enabled.
AddressPrefixLength float64
Prefix length (netmask) of the assigned address from the pool.
ConnectionMark string
Firewall connection mark.
IpIpsecModeConfigId string
The ID of this resource.
Name string
Responder bool
Specifies whether the configuration will work as an initiator (client) or responder (server). The initiator will request for mode-config parameters from the responder.
SplitDns []string
List of DNS names that will be resolved using a system-dns=yes or static-dns= setting.
SplitIncludes []string
List of subnets in CIDR format, which to tunnel. Subnets will be sent to the peer using the CISCO UNITY extension, a remote peer will create specific dynamic policies.
SrcAddressList string
Specifying an address list will generate dynamic source NAT rules. This parameter is only available with responder=no. A roadWarrior client with NAT.
StaticDns string
Manually specified DNS server's IP address to be sent to the client.
SystemDns bool
When this option is enabled DNS addresses will be taken from /ip dns.
UseResponderDns string
___id_ float64
Resource ID type (.id / name). This is an internal service field, setting a value is not required.
___path_ string
Resource path for CRUD operations. This is an internal service field, setting a value is not required.
___id_ Double
Resource ID type (.id / name). This is an internal service field, setting a value is not required.
___path_ String
Resource path for CRUD operations. This is an internal service field, setting a value is not required.
address String
Single IP address for the initiator instead of specifying a whole address pool.
addressPool String
Name of the address pool from which the responder will try to assign address if mode-config is enabled.
addressPrefixLength Double
Prefix length (netmask) of the assigned address from the pool.
connectionMark String
Firewall connection mark.
ipIpsecModeConfigId String
The ID of this resource.
name String
responder Boolean
Specifies whether the configuration will work as an initiator (client) or responder (server). The initiator will request for mode-config parameters from the responder.
splitDns List<String>
List of DNS names that will be resolved using a system-dns=yes or static-dns= setting.
splitIncludes List<String>
List of subnets in CIDR format, which to tunnel. Subnets will be sent to the peer using the CISCO UNITY extension, a remote peer will create specific dynamic policies.
srcAddressList String
Specifying an address list will generate dynamic source NAT rules. This parameter is only available with responder=no. A roadWarrior client with NAT.
staticDns String
Manually specified DNS server's IP address to be sent to the client.
systemDns Boolean
When this option is enabled DNS addresses will be taken from /ip dns.
useResponderDns String
___id_ number
Resource ID type (.id / name). This is an internal service field, setting a value is not required.
___path_ string
Resource path for CRUD operations. This is an internal service field, setting a value is not required.
address string
Single IP address for the initiator instead of specifying a whole address pool.
addressPool string
Name of the address pool from which the responder will try to assign address if mode-config is enabled.
addressPrefixLength number
Prefix length (netmask) of the assigned address from the pool.
connectionMark string
Firewall connection mark.
ipIpsecModeConfigId string
The ID of this resource.
name string
responder boolean
Specifies whether the configuration will work as an initiator (client) or responder (server). The initiator will request for mode-config parameters from the responder.
splitDns string[]
List of DNS names that will be resolved using a system-dns=yes or static-dns= setting.
splitIncludes string[]
List of subnets in CIDR format, which to tunnel. Subnets will be sent to the peer using the CISCO UNITY extension, a remote peer will create specific dynamic policies.
srcAddressList string
Specifying an address list will generate dynamic source NAT rules. This parameter is only available with responder=no. A roadWarrior client with NAT.
staticDns string
Manually specified DNS server's IP address to be sent to the client.
systemDns boolean
When this option is enabled DNS addresses will be taken from /ip dns.
useResponderDns string
___id_ float
Resource ID type (.id / name). This is an internal service field, setting a value is not required.
___path_ str
Resource path for CRUD operations. This is an internal service field, setting a value is not required.
address str
Single IP address for the initiator instead of specifying a whole address pool.
address_pool str
Name of the address pool from which the responder will try to assign address if mode-config is enabled.
address_prefix_length float
Prefix length (netmask) of the assigned address from the pool.
connection_mark str
Firewall connection mark.
ip_ipsec_mode_config_id str
The ID of this resource.
name str
responder bool
Specifies whether the configuration will work as an initiator (client) or responder (server). The initiator will request for mode-config parameters from the responder.
split_dns Sequence[str]
List of DNS names that will be resolved using a system-dns=yes or static-dns= setting.
split_includes Sequence[str]
List of subnets in CIDR format, which to tunnel. Subnets will be sent to the peer using the CISCO UNITY extension, a remote peer will create specific dynamic policies.
src_address_list str
Specifying an address list will generate dynamic source NAT rules. This parameter is only available with responder=no. A roadWarrior client with NAT.
static_dns str
Manually specified DNS server's IP address to be sent to the client.
system_dns bool
When this option is enabled DNS addresses will be taken from /ip dns.
use_responder_dns str
___id_ Number
Resource ID type (.id / name). This is an internal service field, setting a value is not required.
___path_ String
Resource path for CRUD operations. This is an internal service field, setting a value is not required.
address String
Single IP address for the initiator instead of specifying a whole address pool.
addressPool String
Name of the address pool from which the responder will try to assign address if mode-config is enabled.
addressPrefixLength Number
Prefix length (netmask) of the assigned address from the pool.
connectionMark String
Firewall connection mark.
ipIpsecModeConfigId String
The ID of this resource.
name String
responder Boolean
Specifies whether the configuration will work as an initiator (client) or responder (server). The initiator will request for mode-config parameters from the responder.
splitDns List<String>
List of DNS names that will be resolved using a system-dns=yes or static-dns= setting.
splitIncludes List<String>
List of subnets in CIDR format, which to tunnel. Subnets will be sent to the peer using the CISCO UNITY extension, a remote peer will create specific dynamic policies.
srcAddressList String
Specifying an address list will generate dynamic source NAT rules. This parameter is only available with responder=no. A roadWarrior client with NAT.
staticDns String
Manually specified DNS server's IP address to be sent to the client.
systemDns Boolean
When this option is enabled DNS addresses will be taken from /ip dns.
useResponderDns String

Import

#The ID can be found via API or the terminal

#The command for the terminal is -> :put [/ip/ipsec/mode/config get [print show-ids]]

$ pulumi import routeros:index/ipIpsecModeConfig:IpIpsecModeConfig test *3
Copy

#Or you can import a resource using one of its attributes

$ pulumi import routeros:index/ipIpsecModeConfig:IpIpsecModeConfig test "address=1.2.3.4"
Copy

To learn more about importing existing cloud resources, see Importing resources.

Package Details

Repository
routeros terraform-routeros/terraform-provider-routeros
License
Notes
This Pulumi package is based on the routeros Terraform Provider.