Docs Home
Juniper Mist v0.2.4 published on Saturday, Mar 1, 2025 by Pulumi
junipermist.org.Gatewaytemplate
Explore with Pulumi AI
This resource manages the Gateway Templates.
A Gateway template is used to define the static ip address and subnet mask of the hub device, along with the gateway. It also allows for the selection of options such as enabling source nat and overriding the public ip for the hub if needed. the endpoint selected in the gateway template ties the hub and spoke devices together and creates the auto-vpn tunnel.
Example Usage
Coming soon!
Coming soon!
Coming soon!
Coming soon!
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.junipermist.org.Gatewaytemplate;
import com.pulumi.junipermist.org.GatewaytemplateArgs;
import com.pulumi.junipermist.org.inputs.GatewaytemplateServicePolicyArgs;
import com.pulumi.junipermist.org.inputs.GatewaytemplateServicePolicyIdpArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var gatewaytemplateOne = new Gatewaytemplate("gatewaytemplateOne", GatewaytemplateArgs.builder()
.type("spoke")
.name("gatewaytemplate_one")
.orgId(terraformTest.id())
.portConfig(Map.ofEntries(
Map.entry("ge-0/0/3", Map.ofEntries(
Map.entry("name", "FTTH"),
Map.entry("usage", "wan"),
Map.entry("aggregated", false),
Map.entry("redundant", false),
Map.entry("critical", false),
Map.entry("wanType", "broadband"),
Map.entry("ipConfig", Map.ofEntries(
Map.entry("type", "static"),
Map.entry("ip", "192.168.1.8"),
Map.entry("netmask", "/24"),
Map.entry("gateway", "192.168.1.1")
)),
Map.entry("disableAutoneg", false),
Map.entry("speed", "auto"),
Map.entry("duplex", "auto"),
Map.entry("wanSourceNat", Map.of("disabled", false)),
Map.entry("vpnPaths", Map.of("SSR_HUB_DC-MPLS.OrgOverlay", Map.ofEntries(
Map.entry("key", 0),
Map.entry("role", "spoke"),
Map.entry("bfdProfile", "broadband")
)))
)),
Map.entry("ge-0/0/5", Map.ofEntries(
Map.entry("usage", "lan"),
Map.entry("critical", false),
Map.entry("aggregated", true),
Map.entry("aeDisableLacp", false),
Map.entry("aeLacpForceUp", true),
Map.entry("aeIdx", 0),
Map.entry("redundant", false),
Map.entry("networks",
"PRD-Core",
"PRD-Mgmt",
"PRD-Lab")
))
))
.ipConfigs(Map.ofEntries(
Map.entry("PRD-Core", Map.ofEntries(
Map.entry("type", "static"),
Map.entry("ip", "10.3.100.9"),
Map.entry("netmask", "/24")
)),
Map.entry("PRD-Mgmt", Map.ofEntries(
Map.entry("type", "static"),
Map.entry("ip", "10.3.172.1"),
Map.entry("netmask", "/24")
)),
Map.entry("PRD-Lab", Map.ofEntries(
Map.entry("type", "static"),
Map.entry("ip", "10.3.171.1"),
Map.entry("netmask", "/24")
))
))
.servicePolicies(GatewaytemplateServicePolicyArgs.builder()
.name("Policy-14")
.tenants("PRD-Core")
.services("any")
.action("allow")
.path_preference("HUB")
.idp(GatewaytemplateServicePolicyIdpArgs.builder()
.enabled(true)
.profile("critical")
.alertOnly(false)
.build())
.build())
.build());
}
}
resources:
gatewaytemplateOne:
type: junipermist:org:Gatewaytemplate
name: gatewaytemplate_one
properties:
type: spoke
name: gatewaytemplate_one
orgId: ${terraformTest.id}
portConfig:
ge-0/0/3:
name: FTTH
usage: wan
aggregated: false
redundant: false
critical: false
wanType: broadband
ipConfig:
type: static
ip: 192.168.1.8
netmask: /24
gateway: 192.168.1.1
disableAutoneg: false
speed: auto
duplex: auto
wanSourceNat:
disabled: false
vpnPaths:
SSR_HUB_DC-MPLS.OrgOverlay:
key: 0
role: spoke
bfdProfile: broadband
ge-0/0/5:
usage: lan
critical: false
aggregated: true
aeDisableLacp: false
aeLacpForceUp: true
aeIdx: 0
redundant: false
networks:
- PRD-Core
- PRD-Mgmt
- PRD-Lab
ipConfigs:
PRD-Core:
type: static
ip: 10.3.100.9
netmask: /24
PRD-Mgmt:
type: static
ip: 10.3.172.1
netmask: /24
PRD-Lab:
type: static
ip: 10.3.171.1
netmask: /24
servicePolicies:
- name: Policy-14
tenants:
- PRD-Core
services:
- any
action: allow
path_preference: HUB
idp:
enabled: true
profile: critical
alertOnly: false
Create Gatewaytemplate Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new Gatewaytemplate(name: string, args: GatewaytemplateArgs, opts?: CustomResourceOptions);@overload
def Gatewaytemplate(resource_name: str,
args: GatewaytemplateArgs,
opts: Optional[ResourceOptions] = None)
@overload
def Gatewaytemplate(resource_name: str,
opts: Optional[ResourceOptions] = None,
org_id: Optional[str] = None,
ntp_override: Optional[bool] = None,
dns_suffixes: Optional[Sequence[str]] = None,
ntp_servers: Optional[Sequence[str]] = None,
dns_servers: Optional[Sequence[str]] = None,
oob_ip_config: Optional[GatewaytemplateOobIpConfigArgs] = None,
extra_routes: Optional[Mapping[str, GatewaytemplateExtraRoutesArgs]] = None,
extra_routes6: Optional[Mapping[str, GatewaytemplateExtraRoutes6Args]] = None,
bgp_config: Optional[Mapping[str, GatewaytemplateBgpConfigArgs]] = None,
ip_configs: Optional[Mapping[str, GatewaytemplateIpConfigsArgs]] = None,
name: Optional[str] = None,
networks: Optional[Sequence[GatewaytemplateNetworkArgs]] = None,
additional_config_cmds: Optional[Sequence[str]] = None,
dns_override: Optional[bool] = None,
dhcpd_config: Optional[GatewaytemplateDhcpdConfigArgs] = None,
idp_profiles: Optional[Mapping[str, GatewaytemplateIdpProfilesArgs]] = None,
path_preferences: Optional[Mapping[str, GatewaytemplatePathPreferencesArgs]] = None,
port_config: Optional[Mapping[str, GatewaytemplatePortConfigArgs]] = None,
router_id: Optional[str] = None,
routing_policies: Optional[Mapping[str, GatewaytemplateRoutingPoliciesArgs]] = None,
service_policies: Optional[Sequence[GatewaytemplateServicePolicyArgs]] = None,
tunnel_configs: Optional[Mapping[str, GatewaytemplateTunnelConfigsArgs]] = None,
tunnel_provider_options: Optional[GatewaytemplateTunnelProviderOptionsArgs] = None,
type: Optional[str] = None,
vrf_config: Optional[GatewaytemplateVrfConfigArgs] = None,
vrf_instances: Optional[Mapping[str, GatewaytemplateVrfInstancesArgs]] = None)func NewGatewaytemplate(ctx *Context, name string, args GatewaytemplateArgs, opts ...ResourceOption) (*Gatewaytemplate, error)public Gatewaytemplate(string name, GatewaytemplateArgs args, CustomResourceOptions? opts = null)
public Gatewaytemplate(String name, GatewaytemplateArgs args)
public Gatewaytemplate(String name, GatewaytemplateArgs args, CustomResourceOptions options)
type: junipermist:org:Gatewaytemplate
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args GatewaytemplateArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args GatewaytemplateArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args GatewaytemplateArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args GatewaytemplateArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args GatewaytemplateArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var gatewaytemplateResource = new JuniperMist.Org.Gatewaytemplate("gatewaytemplateResource", new()
{
OrgId = "string",
NtpOverride = false,
DnsSuffixes = new[]
{
"string",
},
NtpServers = new[]
{
"string",
},
DnsServers = new[]
{
"string",
},
OobIpConfig = new JuniperMist.Org.Inputs.GatewaytemplateOobIpConfigArgs
{
Gateway = "string",
Ip = "string",
Netmask = "string",
Node1 = new JuniperMist.Org.Inputs.GatewaytemplateOobIpConfigNode1Args
{
Gateway = "string",
Ip = "string",
Netmask = "string",
Type = "string",
UseMgmtVrf = false,
UseMgmtVrfForHostOut = false,
VlanId = "string",
},
Type = "string",
UseMgmtVrf = false,
UseMgmtVrfForHostOut = false,
VlanId = "string",
},
ExtraRoutes =
{
{ "string", new JuniperMist.Org.Inputs.GatewaytemplateExtraRoutesArgs
{
Via = "string",
} },
},
ExtraRoutes6 =
{
{ "string", new JuniperMist.Org.Inputs.GatewaytemplateExtraRoutes6Args
{
Via = "string",
} },
},
BgpConfig =
{
{ "string", new JuniperMist.Org.Inputs.GatewaytemplateBgpConfigArgs
{
AuthKey = "string",
BfdMinimumInterval = 0,
BfdMultiplier = 0,
DisableBfd = false,
Export = "string",
ExportPolicy = "string",
ExtendedV4Nexthop = false,
GracefulRestartTime = 0,
HoldTime = 0,
Import = "string",
ImportPolicy = "string",
LocalAs = 0,
NeighborAs = 0,
Neighbors =
{
{ "string", new JuniperMist.Org.Inputs.GatewaytemplateBgpConfigNeighborsArgs
{
Disabled = false,
ExportPolicy = "string",
HoldTime = 0,
ImportPolicy = "string",
MultihopTtl = 0,
NeighborAs = 0,
} },
},
Networks = new[]
{
"string",
},
NoReadvertiseToOverlay = false,
TunnelName = "string",
Type = "string",
Via = "string",
VpnName = "string",
WanName = "string",
} },
},
IpConfigs =
{
{ "string", new JuniperMist.Org.Inputs.GatewaytemplateIpConfigsArgs
{
Ip = "string",
Netmask = "string",
SecondaryIps = new[]
{
"string",
},
Type = "string",
} },
},
Name = "string",
Networks = new[]
{
new JuniperMist.Org.Inputs.GatewaytemplateNetworkArgs
{
Name = "string",
Subnet = "string",
InternalAccess = new JuniperMist.Org.Inputs.GatewaytemplateNetworkInternalAccessArgs
{
Enabled = false,
},
DisallowMistServices = false,
InternetAccess = new JuniperMist.Org.Inputs.GatewaytemplateNetworkInternetAccessArgs
{
CreateSimpleServicePolicy = false,
DestinationNat =
{
{ "string", new JuniperMist.Org.Inputs.GatewaytemplateNetworkInternetAccessDestinationNatArgs
{
InternalIp = "string",
Name = "string",
Port = "string",
WanName = "string",
} },
},
Enabled = false,
Restricted = false,
StaticNat =
{
{ "string", new JuniperMist.Org.Inputs.GatewaytemplateNetworkInternetAccessStaticNatArgs
{
InternalIp = "string",
Name = "string",
WanName = "string",
} },
},
},
Isolation = false,
Multicast = new JuniperMist.Org.Inputs.GatewaytemplateNetworkMulticastArgs
{
DisableIgmp = false,
Enabled = false,
Groups =
{
{ "string", new JuniperMist.Org.Inputs.GatewaytemplateNetworkMulticastGroupsArgs
{
RpIp = "string",
} },
},
},
Gateway6 = "string",
RoutedForNetworks = new[]
{
"string",
},
Gateway = "string",
Subnet6 = "string",
Tenants =
{
{ "string", new JuniperMist.Org.Inputs.GatewaytemplateNetworkTenantsArgs
{
Addresses = new[]
{
"string",
},
} },
},
VlanId = "string",
VpnAccess =
{
{ "string", new JuniperMist.Org.Inputs.GatewaytemplateNetworkVpnAccessArgs
{
AdvertisedSubnet = "string",
AllowPing = false,
DestinationNat =
{
{ "string", new JuniperMist.Org.Inputs.GatewaytemplateNetworkVpnAccessDestinationNatArgs
{
InternalIp = "string",
Name = "string",
Port = "string",
} },
},
NatPool = "string",
NoReadvertiseToLanBgp = false,
NoReadvertiseToLanOspf = false,
NoReadvertiseToOverlay = false,
OtherVrfs = new[]
{
"string",
},
Routed = false,
SourceNat = new JuniperMist.Org.Inputs.GatewaytemplateNetworkVpnAccessSourceNatArgs
{
ExternalIp = "string",
},
StaticNat =
{
{ "string", new JuniperMist.Org.Inputs.GatewaytemplateNetworkVpnAccessStaticNatArgs
{
InternalIp = "string",
Name = "string",
} },
},
SummarizedSubnet = "string",
SummarizedSubnetToLanBgp = "string",
SummarizedSubnetToLanOspf = "string",
} },
},
},
},
AdditionalConfigCmds = new[]
{
"string",
},
DnsOverride = false,
DhcpdConfig = new JuniperMist.Org.Inputs.GatewaytemplateDhcpdConfigArgs
{
Config =
{
{ "string", new JuniperMist.Org.Inputs.GatewaytemplateDhcpdConfigConfigArgs
{
DnsServers = new[]
{
"string",
},
DnsSuffixes = new[]
{
"string",
},
FixedBindings =
{
{ "string", new JuniperMist.Org.Inputs.GatewaytemplateDhcpdConfigConfigFixedBindingsArgs
{
Ip = "string",
Name = "string",
} },
},
Gateway = "string",
IpEnd = "string",
IpEnd6 = "string",
IpStart = "string",
IpStart6 = "string",
LeaseTime = 0,
Options =
{
{ "string", new JuniperMist.Org.Inputs.GatewaytemplateDhcpdConfigConfigOptionsArgs
{
Type = "string",
Value = "string",
} },
},
ServerIdOverride = false,
Servers = new[]
{
"string",
},
Servers6s = new[]
{
"string",
},
Type = "string",
Type6 = "string",
VendorEncapsulated =
{
{ "string", new JuniperMist.Org.Inputs.GatewaytemplateDhcpdConfigConfigVendorEncapsulatedArgs
{
Type = "string",
Value = "string",
} },
},
} },
},
Enabled = false,
},
IdpProfiles =
{
{ "string", new JuniperMist.Org.Inputs.GatewaytemplateIdpProfilesArgs
{
BaseProfile = "string",
Name = "string",
OrgId = "string",
Overwrites = new[]
{
new JuniperMist.Org.Inputs.GatewaytemplateIdpProfilesOverwriteArgs
{
Action = "string",
Matching = new JuniperMist.Org.Inputs.GatewaytemplateIdpProfilesOverwriteMatchingArgs
{
AttackNames = new[]
{
"string",
},
DstSubnets = new[]
{
"string",
},
Severities = new[]
{
"string",
},
},
Name = "string",
},
},
} },
},
PathPreferences =
{
{ "string", new JuniperMist.Org.Inputs.GatewaytemplatePathPreferencesArgs
{
Paths = new[]
{
new JuniperMist.Org.Inputs.GatewaytemplatePathPreferencesPathArgs
{
Cost = 0,
Disabled = false,
GatewayIp = "string",
InternetAccess = false,
Name = "string",
Networks = new[]
{
"string",
},
TargetIps = new[]
{
"string",
},
Type = "string",
WanName = "string",
},
},
Strategy = "string",
} },
},
PortConfig =
{
{ "string", new JuniperMist.Org.Inputs.GatewaytemplatePortConfigArgs
{
Usage = "string",
Networks = new[]
{
"string",
},
DslType = "string",
PortNetwork = "string",
Critical = false,
Description = "string",
DisableAutoneg = false,
Disabled = false,
PoeDisabled = false,
DslVci = 0,
DslVpi = 0,
Duplex = "string",
IpConfig = new JuniperMist.Org.Inputs.GatewaytemplatePortConfigIpConfigArgs
{
Dns = new[]
{
"string",
},
DnsSuffixes = new[]
{
"string",
},
Gateway = "string",
Ip = "string",
Netmask = "string",
Network = "string",
PoserPassword = "string",
PppoeAuth = "string",
PppoeUsername = "string",
Type = "string",
},
OuterVlanId = 0,
LteAuth = "string",
LteBackup = false,
LtePassword = "string",
LteUsername = "string",
Mtu = 0,
Name = "string",
AeDisableLacp = false,
LteApn = "string",
AeLacpForceUp = false,
Aggregated = false,
PreserveDscp = false,
Redundant = false,
RethIdx = 0,
RethNode = "string",
RethNodes = new[]
{
"string",
},
Speed = "string",
SsrNoVirtualMac = false,
SvrPortRange = "string",
TrafficShaping = new JuniperMist.Org.Inputs.GatewaytemplatePortConfigTrafficShapingArgs
{
ClassPercentages = new[]
{
0,
},
Enabled = false,
MaxTxKbps = 0,
},
AeIdx = "string",
VlanId = "string",
VpnPaths =
{
{ "string", new JuniperMist.Org.Inputs.GatewaytemplatePortConfigVpnPathsArgs
{
BfdProfile = "string",
BfdUseTunnelMode = false,
LinkName = "string",
Preference = 0,
Role = "string",
TrafficShaping = new JuniperMist.Org.Inputs.GatewaytemplatePortConfigVpnPathsTrafficShapingArgs
{
ClassPercentages = new[]
{
0,
},
Enabled = false,
MaxTxKbps = 0,
},
} },
},
WanArpPolicer = "string",
WanExtIp = "string",
WanExtraRoutes =
{
{ "string", new JuniperMist.Org.Inputs.GatewaytemplatePortConfigWanExtraRoutesArgs
{
Via = "string",
} },
},
WanNetworks = new[]
{
"string",
},
WanProbeOverride = new JuniperMist.Org.Inputs.GatewaytemplatePortConfigWanProbeOverrideArgs
{
Ips = new[]
{
"string",
},
ProbeProfile = "string",
},
WanSourceNat = new JuniperMist.Org.Inputs.GatewaytemplatePortConfigWanSourceNatArgs
{
Disabled = false,
NatPool = "string",
},
WanType = "string",
} },
},
RouterId = "string",
RoutingPolicies =
{
{ "string", new JuniperMist.Org.Inputs.GatewaytemplateRoutingPoliciesArgs
{
Terms = new[]
{
new JuniperMist.Org.Inputs.GatewaytemplateRoutingPoliciesTermArgs
{
Action = new JuniperMist.Org.Inputs.GatewaytemplateRoutingPoliciesTermActionArgs
{
Accept = false,
AddCommunities = new[]
{
"string",
},
AddTargetVrfs = new[]
{
"string",
},
Aggregates = new[]
{
"string",
},
Communities = new[]
{
"string",
},
ExcludeAsPaths = new[]
{
"string",
},
ExcludeCommunities = new[]
{
"string",
},
ExportCommunitites = new[]
{
"string",
},
LocalPreference = "string",
PrependAsPaths = new[]
{
"string",
},
},
Matching = new JuniperMist.Org.Inputs.GatewaytemplateRoutingPoliciesTermMatchingArgs
{
AsPaths = new[]
{
"string",
},
Communities = new[]
{
"string",
},
Networks = new[]
{
"string",
},
Prefixes = new[]
{
"string",
},
Protocols = new[]
{
"string",
},
RouteExists = new JuniperMist.Org.Inputs.GatewaytemplateRoutingPoliciesTermMatchingRouteExistsArgs
{
Route = "string",
VrfName = "string",
},
VpnNeighborMacs = new[]
{
"string",
},
VpnPathSla = new JuniperMist.Org.Inputs.GatewaytemplateRoutingPoliciesTermMatchingVpnPathSlaArgs
{
MaxJitter = 0,
MaxLatency = 0,
MaxLoss = 0,
},
VpnPaths = new[]
{
"string",
},
},
},
},
} },
},
ServicePolicies = new[]
{
new JuniperMist.Org.Inputs.GatewaytemplateServicePolicyArgs
{
Action = "string",
Antivirus = new JuniperMist.Org.Inputs.GatewaytemplateServicePolicyAntivirusArgs
{
AvprofileId = "string",
Enabled = false,
Profile = "string",
},
Appqoe = new JuniperMist.Org.Inputs.GatewaytemplateServicePolicyAppqoeArgs
{
Enabled = false,
},
Ewfs = new[]
{
new JuniperMist.Org.Inputs.GatewaytemplateServicePolicyEwfArgs
{
AlertOnly = false,
BlockMessage = "string",
Enabled = false,
Profile = "string",
},
},
Idp = new JuniperMist.Org.Inputs.GatewaytemplateServicePolicyIdpArgs
{
AlertOnly = false,
Enabled = false,
IdpprofileId = "string",
Profile = "string",
},
LocalRouting = false,
Name = "string",
PathPreference = "string",
ServicepolicyId = "string",
Services = new[]
{
"string",
},
SslProxy = new JuniperMist.Org.Inputs.GatewaytemplateServicePolicySslProxyArgs
{
CiphersCategory = "string",
Enabled = false,
},
Tenants = new[]
{
"string",
},
},
},
TunnelConfigs =
{
{ "string", new JuniperMist.Org.Inputs.GatewaytemplateTunnelConfigsArgs
{
AutoProvision = new JuniperMist.Org.Inputs.GatewaytemplateTunnelConfigsAutoProvisionArgs
{
Provider = "string",
Enable = false,
Latlng = new JuniperMist.Org.Inputs.GatewaytemplateTunnelConfigsAutoProvisionLatlngArgs
{
Lat = 0,
Lng = 0,
},
Primary = new JuniperMist.Org.Inputs.GatewaytemplateTunnelConfigsAutoProvisionPrimaryArgs
{
ProbeIps = new[]
{
"string",
},
WanNames = new[]
{
"string",
},
},
Region = "string",
Secondary = new JuniperMist.Org.Inputs.GatewaytemplateTunnelConfigsAutoProvisionSecondaryArgs
{
ProbeIps = new[]
{
"string",
},
WanNames = new[]
{
"string",
},
},
},
IkeLifetime = 0,
IkeMode = "string",
IkeProposals = new[]
{
new JuniperMist.Org.Inputs.GatewaytemplateTunnelConfigsIkeProposalArgs
{
AuthAlgo = "string",
DhGroup = "string",
EncAlgo = "string",
},
},
IpsecLifetime = 0,
IpsecProposals = new[]
{
new JuniperMist.Org.Inputs.GatewaytemplateTunnelConfigsIpsecProposalArgs
{
AuthAlgo = "string",
DhGroup = "string",
EncAlgo = "string",
},
},
LocalId = "string",
Mode = "string",
Networks = new[]
{
"string",
},
Primary = new JuniperMist.Org.Inputs.GatewaytemplateTunnelConfigsPrimaryArgs
{
Hosts = new[]
{
"string",
},
WanNames = new[]
{
"string",
},
InternalIps = new[]
{
"string",
},
ProbeIps = new[]
{
"string",
},
RemoteIds = new[]
{
"string",
},
},
Probe = new JuniperMist.Org.Inputs.GatewaytemplateTunnelConfigsProbeArgs
{
Interval = 0,
Threshold = 0,
Timeout = 0,
Type = "string",
},
Protocol = "string",
Provider = "string",
Psk = "string",
Secondary = new JuniperMist.Org.Inputs.GatewaytemplateTunnelConfigsSecondaryArgs
{
Hosts = new[]
{
"string",
},
WanNames = new[]
{
"string",
},
InternalIps = new[]
{
"string",
},
ProbeIps = new[]
{
"string",
},
RemoteIds = new[]
{
"string",
},
},
Version = "string",
} },
},
TunnelProviderOptions = new JuniperMist.Org.Inputs.GatewaytemplateTunnelProviderOptionsArgs
{
Jse = new JuniperMist.Org.Inputs.GatewaytemplateTunnelProviderOptionsJseArgs
{
NumUsers = 0,
OrgName = "string",
},
Zscaler = new JuniperMist.Org.Inputs.GatewaytemplateTunnelProviderOptionsZscalerArgs
{
AupBlockInternetUntilAccepted = false,
AupEnabled = false,
AupForceSslInspection = false,
AupTimeoutInDays = 0,
AuthRequired = false,
CautionEnabled = false,
DnBandwidth = 0,
IdleTimeInMinutes = 0,
OfwEnabled = false,
SubLocations = new[]
{
new JuniperMist.Org.Inputs.GatewaytemplateTunnelProviderOptionsZscalerSubLocationArgs
{
AupBlockInternetUntilAccepted = false,
AupEnabled = false,
AupForceSslInspection = false,
AupTimeoutInDays = 0,
AuthRequired = false,
CautionEnabled = false,
DnBandwidth = 0,
IdleTimeInMinutes = 0,
Name = "string",
OfwEnabled = false,
SurrogateIp = false,
SurrogateIpEnforcedForKnownBrowsers = false,
SurrogateRefreshTimeInMinutes = 0,
UpBandwidth = 0,
},
},
SurrogateIp = false,
SurrogateIpEnforcedForKnownBrowsers = false,
SurrogateRefreshTimeInMinutes = 0,
UpBandwidth = 0,
XffForwardEnabled = false,
},
},
Type = "string",
VrfConfig = new JuniperMist.Org.Inputs.GatewaytemplateVrfConfigArgs
{
Enabled = false,
},
VrfInstances =
{
{ "string", new JuniperMist.Org.Inputs.GatewaytemplateVrfInstancesArgs
{
Networks = new[]
{
"string",
},
} },
},
});
example, err := org.NewGatewaytemplate(ctx, "gatewaytemplateResource", &org.GatewaytemplateArgs{
OrgId: pulumi.String("string"),
NtpOverride: pulumi.Bool(false),
DnsSuffixes: pulumi.StringArray{
pulumi.String("string"),
},
NtpServers: pulumi.StringArray{
pulumi.String("string"),
},
DnsServers: pulumi.StringArray{
pulumi.String("string"),
},
OobIpConfig: &org.GatewaytemplateOobIpConfigArgs{
Gateway: pulumi.String("string"),
Ip: pulumi.String("string"),
Netmask: pulumi.String("string"),
Node1: &org.GatewaytemplateOobIpConfigNode1Args{
Gateway: pulumi.String("string"),
Ip: pulumi.String("string"),
Netmask: pulumi.String("string"),
Type: pulumi.String("string"),
UseMgmtVrf: pulumi.Bool(false),
UseMgmtVrfForHostOut: pulumi.Bool(false),
VlanId: pulumi.String("string"),
},
Type: pulumi.String("string"),
UseMgmtVrf: pulumi.Bool(false),
UseMgmtVrfForHostOut: pulumi.Bool(false),
VlanId: pulumi.String("string"),
},
ExtraRoutes: org.GatewaytemplateExtraRoutesMap{
"string": &org.GatewaytemplateExtraRoutesArgs{
Via: pulumi.String("string"),
},
},
ExtraRoutes6: org.GatewaytemplateExtraRoutes6Map{
"string": &org.GatewaytemplateExtraRoutes6Args{
Via: pulumi.String("string"),
},
},
BgpConfig: org.GatewaytemplateBgpConfigMap{
"string": &org.GatewaytemplateBgpConfigArgs{
AuthKey: pulumi.String("string"),
BfdMinimumInterval: pulumi.Int(0),
BfdMultiplier: pulumi.Int(0),
DisableBfd: pulumi.Bool(false),
Export: pulumi.String("string"),
ExportPolicy: pulumi.String("string"),
ExtendedV4Nexthop: pulumi.Bool(false),
GracefulRestartTime: pulumi.Int(0),
HoldTime: pulumi.Int(0),
Import: pulumi.String("string"),
ImportPolicy: pulumi.String("string"),
LocalAs: pulumi.Int(0),
NeighborAs: pulumi.Int(0),
Neighbors: org.GatewaytemplateBgpConfigNeighborsMap{
"string": &org.GatewaytemplateBgpConfigNeighborsArgs{
Disabled: pulumi.Bool(false),
ExportPolicy: pulumi.String("string"),
HoldTime: pulumi.Int(0),
ImportPolicy: pulumi.String("string"),
MultihopTtl: pulumi.Int(0),
NeighborAs: pulumi.Int(0),
},
},
Networks: pulumi.StringArray{
pulumi.String("string"),
},
NoReadvertiseToOverlay: pulumi.Bool(false),
TunnelName: pulumi.String("string"),
Type: pulumi.String("string"),
Via: pulumi.String("string"),
VpnName: pulumi.String("string"),
WanName: pulumi.String("string"),
},
},
IpConfigs: org.GatewaytemplateIpConfigsMap{
"string": &org.GatewaytemplateIpConfigsArgs{
Ip: pulumi.String("string"),
Netmask: pulumi.String("string"),
SecondaryIps: pulumi.StringArray{
pulumi.String("string"),
},
Type: pulumi.String("string"),
},
},
Name: pulumi.String("string"),
Networks: org.GatewaytemplateNetworkArray{
&org.GatewaytemplateNetworkArgs{
Name: pulumi.String("string"),
Subnet: pulumi.String("string"),
InternalAccess: &org.GatewaytemplateNetworkInternalAccessArgs{
Enabled: pulumi.Bool(false),
},
DisallowMistServices: pulumi.Bool(false),
InternetAccess: &org.GatewaytemplateNetworkInternetAccessArgs{
CreateSimpleServicePolicy: pulumi.Bool(false),
DestinationNat: org.GatewaytemplateNetworkInternetAccessDestinationNatMap{
"string": &org.GatewaytemplateNetworkInternetAccessDestinationNatArgs{
InternalIp: pulumi.String("string"),
Name: pulumi.String("string"),
Port: pulumi.String("string"),
WanName: pulumi.String("string"),
},
},
Enabled: pulumi.Bool(false),
Restricted: pulumi.Bool(false),
StaticNat: org.GatewaytemplateNetworkInternetAccessStaticNatMap{
"string": &org.GatewaytemplateNetworkInternetAccessStaticNatArgs{
InternalIp: pulumi.String("string"),
Name: pulumi.String("string"),
WanName: pulumi.String("string"),
},
},
},
Isolation: pulumi.Bool(false),
Multicast: &org.GatewaytemplateNetworkMulticastArgs{
DisableIgmp: pulumi.Bool(false),
Enabled: pulumi.Bool(false),
Groups: org.GatewaytemplateNetworkMulticastGroupsMap{
"string": &org.GatewaytemplateNetworkMulticastGroupsArgs{
RpIp: pulumi.String("string"),
},
},
},
Gateway6: pulumi.String("string"),
RoutedForNetworks: pulumi.StringArray{
pulumi.String("string"),
},
Gateway: pulumi.String("string"),
Subnet6: pulumi.String("string"),
Tenants: org.GatewaytemplateNetworkTenantsMap{
"string": &org.GatewaytemplateNetworkTenantsArgs{
Addresses: pulumi.StringArray{
pulumi.String("string"),
},
},
},
VlanId: pulumi.String("string"),
VpnAccess: org.GatewaytemplateNetworkVpnAccessMap{
"string": &org.GatewaytemplateNetworkVpnAccessArgs{
AdvertisedSubnet: pulumi.String("string"),
AllowPing: pulumi.Bool(false),
DestinationNat: org.GatewaytemplateNetworkVpnAccessDestinationNatMap{
"string": &org.GatewaytemplateNetworkVpnAccessDestinationNatArgs{
InternalIp: pulumi.String("string"),
Name: pulumi.String("string"),
Port: pulumi.String("string"),
},
},
NatPool: pulumi.String("string"),
NoReadvertiseToLanBgp: pulumi.Bool(false),
NoReadvertiseToLanOspf: pulumi.Bool(false),
NoReadvertiseToOverlay: pulumi.Bool(false),
OtherVrfs: pulumi.StringArray{
pulumi.String("string"),
},
Routed: pulumi.Bool(false),
SourceNat: &org.GatewaytemplateNetworkVpnAccessSourceNatArgs{
ExternalIp: pulumi.String("string"),
},
StaticNat: org.GatewaytemplateNetworkVpnAccessStaticNatMap{
"string": &org.GatewaytemplateNetworkVpnAccessStaticNatArgs{
InternalIp: pulumi.String("string"),
Name: pulumi.String("string"),
},
},
SummarizedSubnet: pulumi.String("string"),
SummarizedSubnetToLanBgp: pulumi.String("string"),
SummarizedSubnetToLanOspf: pulumi.String("string"),
},
},
},
},
AdditionalConfigCmds: pulumi.StringArray{
pulumi.String("string"),
},
DnsOverride: pulumi.Bool(false),
DhcpdConfig: &org.GatewaytemplateDhcpdConfigArgs{
Config: org.GatewaytemplateDhcpdConfigConfigMap{
"string": &org.GatewaytemplateDhcpdConfigConfigArgs{
DnsServers: pulumi.StringArray{
pulumi.String("string"),
},
DnsSuffixes: pulumi.StringArray{
pulumi.String("string"),
},
FixedBindings: org.GatewaytemplateDhcpdConfigConfigFixedBindingsMap{
"string": &org.GatewaytemplateDhcpdConfigConfigFixedBindingsArgs{
Ip: pulumi.String("string"),
Name: pulumi.String("string"),
},
},
Gateway: pulumi.String("string"),
IpEnd: pulumi.String("string"),
IpEnd6: pulumi.String("string"),
IpStart: pulumi.String("string"),
IpStart6: pulumi.String("string"),
LeaseTime: pulumi.Int(0),
Options: org.GatewaytemplateDhcpdConfigConfigOptionsMap{
"string": &org.GatewaytemplateDhcpdConfigConfigOptionsArgs{
Type: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
ServerIdOverride: pulumi.Bool(false),
Servers: pulumi.StringArray{
pulumi.String("string"),
},
Servers6s: pulumi.StringArray{
pulumi.String("string"),
},
Type: pulumi.String("string"),
Type6: pulumi.String("string"),
VendorEncapsulated: org.GatewaytemplateDhcpdConfigConfigVendorEncapsulatedMap{
"string": &org.GatewaytemplateDhcpdConfigConfigVendorEncapsulatedArgs{
Type: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
},
},
Enabled: pulumi.Bool(false),
},
IdpProfiles: org.GatewaytemplateIdpProfilesMap{
"string": &org.GatewaytemplateIdpProfilesArgs{
BaseProfile: pulumi.String("string"),
Name: pulumi.String("string"),
OrgId: pulumi.String("string"),
Overwrites: org.GatewaytemplateIdpProfilesOverwriteArray{
&org.GatewaytemplateIdpProfilesOverwriteArgs{
Action: pulumi.String("string"),
Matching: &org.GatewaytemplateIdpProfilesOverwriteMatchingArgs{
AttackNames: pulumi.StringArray{
pulumi.String("string"),
},
DstSubnets: pulumi.StringArray{
pulumi.String("string"),
},
Severities: pulumi.StringArray{
pulumi.String("string"),
},
},
Name: pulumi.String("string"),
},
},
},
},
PathPreferences: org.GatewaytemplatePathPreferencesMap{
"string": &org.GatewaytemplatePathPreferencesArgs{
Paths: org.GatewaytemplatePathPreferencesPathArray{
&org.GatewaytemplatePathPreferencesPathArgs{
Cost: pulumi.Int(0),
Disabled: pulumi.Bool(false),
GatewayIp: pulumi.String("string"),
InternetAccess: pulumi.Bool(false),
Name: pulumi.String("string"),
Networks: pulumi.StringArray{
pulumi.String("string"),
},
TargetIps: pulumi.StringArray{
pulumi.String("string"),
},
Type: pulumi.String("string"),
WanName: pulumi.String("string"),
},
},
Strategy: pulumi.String("string"),
},
},
PortConfig: org.GatewaytemplatePortConfigMap{
"string": &org.GatewaytemplatePortConfigArgs{
Usage: pulumi.String("string"),
Networks: pulumi.StringArray{
pulumi.String("string"),
},
DslType: pulumi.String("string"),
PortNetwork: pulumi.String("string"),
Critical: pulumi.Bool(false),
Description: pulumi.String("string"),
DisableAutoneg: pulumi.Bool(false),
Disabled: pulumi.Bool(false),
PoeDisabled: pulumi.Bool(false),
DslVci: pulumi.Int(0),
DslVpi: pulumi.Int(0),
Duplex: pulumi.String("string"),
IpConfig: &org.GatewaytemplatePortConfigIpConfigArgs{
Dns: pulumi.StringArray{
pulumi.String("string"),
},
DnsSuffixes: pulumi.StringArray{
pulumi.String("string"),
},
Gateway: pulumi.String("string"),
Ip: pulumi.String("string"),
Netmask: pulumi.String("string"),
Network: pulumi.String("string"),
PoserPassword: pulumi.String("string"),
PppoeAuth: pulumi.String("string"),
PppoeUsername: pulumi.String("string"),
Type: pulumi.String("string"),
},
OuterVlanId: pulumi.Int(0),
LteAuth: pulumi.String("string"),
LteBackup: pulumi.Bool(false),
LtePassword: pulumi.String("string"),
LteUsername: pulumi.String("string"),
Mtu: pulumi.Int(0),
Name: pulumi.String("string"),
AeDisableLacp: pulumi.Bool(false),
LteApn: pulumi.String("string"),
AeLacpForceUp: pulumi.Bool(false),
Aggregated: pulumi.Bool(false),
PreserveDscp: pulumi.Bool(false),
Redundant: pulumi.Bool(false),
RethIdx: pulumi.Int(0),
RethNode: pulumi.String("string"),
RethNodes: pulumi.StringArray{
pulumi.String("string"),
},
Speed: pulumi.String("string"),
SsrNoVirtualMac: pulumi.Bool(false),
SvrPortRange: pulumi.String("string"),
TrafficShaping: &org.GatewaytemplatePortConfigTrafficShapingArgs{
ClassPercentages: pulumi.IntArray{
pulumi.Int(0),
},
Enabled: pulumi.Bool(false),
MaxTxKbps: pulumi.Int(0),
},
AeIdx: pulumi.String("string"),
VlanId: pulumi.String("string"),
VpnPaths: org.GatewaytemplatePortConfigVpnPathsMap{
"string": &org.GatewaytemplatePortConfigVpnPathsArgs{
BfdProfile: pulumi.String("string"),
BfdUseTunnelMode: pulumi.Bool(false),
LinkName: pulumi.String("string"),
Preference: pulumi.Int(0),
Role: pulumi.String("string"),
TrafficShaping: &org.GatewaytemplatePortConfigVpnPathsTrafficShapingArgs{
ClassPercentages: pulumi.IntArray{
pulumi.Int(0),
},
Enabled: pulumi.Bool(false),
MaxTxKbps: pulumi.Int(0),
},
},
},
WanArpPolicer: pulumi.String("string"),
WanExtIp: pulumi.String("string"),
WanExtraRoutes: org.GatewaytemplatePortConfigWanExtraRoutesMap{
"string": &org.GatewaytemplatePortConfigWanExtraRoutesArgs{
Via: pulumi.String("string"),
},
},
WanNetworks: pulumi.StringArray{
pulumi.String("string"),
},
WanProbeOverride: &org.GatewaytemplatePortConfigWanProbeOverrideArgs{
Ips: pulumi.StringArray{
pulumi.String("string"),
},
ProbeProfile: pulumi.String("string"),
},
WanSourceNat: &org.GatewaytemplatePortConfigWanSourceNatArgs{
Disabled: pulumi.Bool(false),
NatPool: pulumi.String("string"),
},
WanType: pulumi.String("string"),
},
},
RouterId: pulumi.String("string"),
RoutingPolicies: org.GatewaytemplateRoutingPoliciesMap{
"string": &org.GatewaytemplateRoutingPoliciesArgs{
Terms: org.GatewaytemplateRoutingPoliciesTermArray{
&org.GatewaytemplateRoutingPoliciesTermArgs{
Action: &org.GatewaytemplateRoutingPoliciesTermActionArgs{
Accept: pulumi.Bool(false),
AddCommunities: pulumi.StringArray{
pulumi.String("string"),
},
AddTargetVrfs: pulumi.StringArray{
pulumi.String("string"),
},
Aggregates: pulumi.StringArray{
pulumi.String("string"),
},
Communities: pulumi.StringArray{
pulumi.String("string"),
},
ExcludeAsPaths: pulumi.StringArray{
pulumi.String("string"),
},
ExcludeCommunities: pulumi.StringArray{
pulumi.String("string"),
},
ExportCommunitites: pulumi.StringArray{
pulumi.String("string"),
},
LocalPreference: pulumi.String("string"),
PrependAsPaths: pulumi.StringArray{
pulumi.String("string"),
},
},
Matching: &org.GatewaytemplateRoutingPoliciesTermMatchingArgs{
AsPaths: pulumi.StringArray{
pulumi.String("string"),
},
Communities: pulumi.StringArray{
pulumi.String("string"),
},
Networks: pulumi.StringArray{
pulumi.String("string"),
},
Prefixes: pulumi.StringArray{
pulumi.String("string"),
},
Protocols: pulumi.StringArray{
pulumi.String("string"),
},
RouteExists: &org.GatewaytemplateRoutingPoliciesTermMatchingRouteExistsArgs{
Route: pulumi.String("string"),
VrfName: pulumi.String("string"),
},
VpnNeighborMacs: pulumi.StringArray{
pulumi.String("string"),
},
VpnPathSla: &org.GatewaytemplateRoutingPoliciesTermMatchingVpnPathSlaArgs{
MaxJitter: pulumi.Int(0),
MaxLatency: pulumi.Int(0),
MaxLoss: pulumi.Int(0),
},
VpnPaths: pulumi.StringArray{
pulumi.String("string"),
},
},
},
},
},
},
ServicePolicies: org.GatewaytemplateServicePolicyArray{
&org.GatewaytemplateServicePolicyArgs{
Action: pulumi.String("string"),
Antivirus: &org.GatewaytemplateServicePolicyAntivirusArgs{
AvprofileId: pulumi.String("string"),
Enabled: pulumi.Bool(false),
Profile: pulumi.String("string"),
},
Appqoe: &org.GatewaytemplateServicePolicyAppqoeArgs{
Enabled: pulumi.Bool(false),
},
Ewfs: org.GatewaytemplateServicePolicyEwfArray{
&org.GatewaytemplateServicePolicyEwfArgs{
AlertOnly: pulumi.Bool(false),
BlockMessage: pulumi.String("string"),
Enabled: pulumi.Bool(false),
Profile: pulumi.String("string"),
},
},
Idp: &org.GatewaytemplateServicePolicyIdpArgs{
AlertOnly: pulumi.Bool(false),
Enabled: pulumi.Bool(false),
IdpprofileId: pulumi.String("string"),
Profile: pulumi.String("string"),
},
LocalRouting: pulumi.Bool(false),
Name: pulumi.String("string"),
PathPreference: pulumi.String("string"),
ServicepolicyId: pulumi.String("string"),
Services: pulumi.StringArray{
pulumi.String("string"),
},
SslProxy: &org.GatewaytemplateServicePolicySslProxyArgs{
CiphersCategory: pulumi.String("string"),
Enabled: pulumi.Bool(false),
},
Tenants: pulumi.StringArray{
pulumi.String("string"),
},
},
},
TunnelConfigs: org.GatewaytemplateTunnelConfigsMap{
"string": &org.GatewaytemplateTunnelConfigsArgs{
AutoProvision: &org.GatewaytemplateTunnelConfigsAutoProvisionArgs{
Provider: pulumi.String("string"),
Enable: pulumi.Bool(false),
Latlng: &org.GatewaytemplateTunnelConfigsAutoProvisionLatlngArgs{
Lat: pulumi.Float64(0),
Lng: pulumi.Float64(0),
},
Primary: &org.GatewaytemplateTunnelConfigsAutoProvisionPrimaryArgs{
ProbeIps: pulumi.StringArray{
pulumi.String("string"),
},
WanNames: pulumi.StringArray{
pulumi.String("string"),
},
},
Region: pulumi.String("string"),
Secondary: &org.GatewaytemplateTunnelConfigsAutoProvisionSecondaryArgs{
ProbeIps: pulumi.StringArray{
pulumi.String("string"),
},
WanNames: pulumi.StringArray{
pulumi.String("string"),
},
},
},
IkeLifetime: pulumi.Int(0),
IkeMode: pulumi.String("string"),
IkeProposals: org.GatewaytemplateTunnelConfigsIkeProposalArray{
&org.GatewaytemplateTunnelConfigsIkeProposalArgs{
AuthAlgo: pulumi.String("string"),
DhGroup: pulumi.String("string"),
EncAlgo: pulumi.String("string"),
},
},
IpsecLifetime: pulumi.Int(0),
IpsecProposals: org.GatewaytemplateTunnelConfigsIpsecProposalArray{
&org.GatewaytemplateTunnelConfigsIpsecProposalArgs{
AuthAlgo: pulumi.String("string"),
DhGroup: pulumi.String("string"),
EncAlgo: pulumi.String("string"),
},
},
LocalId: pulumi.String("string"),
Mode: pulumi.String("string"),
Networks: pulumi.StringArray{
pulumi.String("string"),
},
Primary: &org.GatewaytemplateTunnelConfigsPrimaryArgs{
Hosts: pulumi.StringArray{
pulumi.String("string"),
},
WanNames: pulumi.StringArray{
pulumi.String("string"),
},
InternalIps: pulumi.StringArray{
pulumi.String("string"),
},
ProbeIps: pulumi.StringArray{
pulumi.String("string"),
},
RemoteIds: pulumi.StringArray{
pulumi.String("string"),
},
},
Probe: &org.GatewaytemplateTunnelConfigsProbeArgs{
Interval: pulumi.Int(0),
Threshold: pulumi.Int(0),
Timeout: pulumi.Int(0),
Type: pulumi.String("string"),
},
Protocol: pulumi.String("string"),
Provider: pulumi.String("string"),
Psk: pulumi.String("string"),
Secondary: &org.GatewaytemplateTunnelConfigsSecondaryArgs{
Hosts: pulumi.StringArray{
pulumi.String("string"),
},
WanNames: pulumi.StringArray{
pulumi.String("string"),
},
InternalIps: pulumi.StringArray{
pulumi.String("string"),
},
ProbeIps: pulumi.StringArray{
pulumi.String("string"),
},
RemoteIds: pulumi.StringArray{
pulumi.String("string"),
},
},
Version: pulumi.String("string"),
},
},
TunnelProviderOptions: &org.GatewaytemplateTunnelProviderOptionsArgs{
Jse: &org.GatewaytemplateTunnelProviderOptionsJseArgs{
NumUsers: pulumi.Int(0),
OrgName: pulumi.String("string"),
},
Zscaler: &org.GatewaytemplateTunnelProviderOptionsZscalerArgs{
AupBlockInternetUntilAccepted: pulumi.Bool(false),
AupEnabled: pulumi.Bool(false),
AupForceSslInspection: pulumi.Bool(false),
AupTimeoutInDays: pulumi.Int(0),
AuthRequired: pulumi.Bool(false),
CautionEnabled: pulumi.Bool(false),
DnBandwidth: pulumi.Float64(0),
IdleTimeInMinutes: pulumi.Int(0),
OfwEnabled: pulumi.Bool(false),
SubLocations: org.GatewaytemplateTunnelProviderOptionsZscalerSubLocationArray{
&org.GatewaytemplateTunnelProviderOptionsZscalerSubLocationArgs{
AupBlockInternetUntilAccepted: pulumi.Bool(false),
AupEnabled: pulumi.Bool(false),
AupForceSslInspection: pulumi.Bool(false),
AupTimeoutInDays: pulumi.Int(0),
AuthRequired: pulumi.Bool(false),
CautionEnabled: pulumi.Bool(false),
DnBandwidth: pulumi.Float64(0),
IdleTimeInMinutes: pulumi.Int(0),
Name: pulumi.String("string"),
OfwEnabled: pulumi.Bool(false),
SurrogateIp: pulumi.Bool(false),
SurrogateIpEnforcedForKnownBrowsers: pulumi.Bool(false),
SurrogateRefreshTimeInMinutes: pulumi.Int(0),
UpBandwidth: pulumi.Float64(0),
},
},
SurrogateIp: pulumi.Bool(false),
SurrogateIpEnforcedForKnownBrowsers: pulumi.Bool(false),
SurrogateRefreshTimeInMinutes: pulumi.Int(0),
UpBandwidth: pulumi.Float64(0),
XffForwardEnabled: pulumi.Bool(false),
},
},
Type: pulumi.String("string"),
VrfConfig: &org.GatewaytemplateVrfConfigArgs{
Enabled: pulumi.Bool(false),
},
VrfInstances: org.GatewaytemplateVrfInstancesMap{
"string": &org.GatewaytemplateVrfInstancesArgs{
Networks: pulumi.StringArray{
pulumi.String("string"),
},
},
},
})
var gatewaytemplateResource = new Gatewaytemplate("gatewaytemplateResource", GatewaytemplateArgs.builder()
.orgId("string")
.ntpOverride(false)
.dnsSuffixes("string")
.ntpServers("string")
.dnsServers("string")
.oobIpConfig(GatewaytemplateOobIpConfigArgs.builder()
.gateway("string")
.ip("string")
.netmask("string")
.node1(GatewaytemplateOobIpConfigNode1Args.builder()
.gateway("string")
.ip("string")
.netmask("string")
.type("string")
.useMgmtVrf(false)
.useMgmtVrfForHostOut(false)
.vlanId("string")
.build())
.type("string")
.useMgmtVrf(false)
.useMgmtVrfForHostOut(false)
.vlanId("string")
.build())
.extraRoutes(Map.of("string", Map.of("via", "string")))
.extraRoutes6(Map.of("string", Map.of("via", "string")))
.bgpConfig(Map.of("string", Map.ofEntries(
Map.entry("authKey", "string"),
Map.entry("bfdMinimumInterval", 0),
Map.entry("bfdMultiplier", 0),
Map.entry("disableBfd", false),
Map.entry("export", "string"),
Map.entry("exportPolicy", "string"),
Map.entry("extendedV4Nexthop", false),
Map.entry("gracefulRestartTime", 0),
Map.entry("holdTime", 0),
Map.entry("import", "string"),
Map.entry("importPolicy", "string"),
Map.entry("localAs", 0),
Map.entry("neighborAs", 0),
Map.entry("neighbors", Map.of("string", Map.ofEntries(
Map.entry("disabled", false),
Map.entry("exportPolicy", "string"),
Map.entry("holdTime", 0),
Map.entry("importPolicy", "string"),
Map.entry("multihopTtl", 0),
Map.entry("neighborAs", 0)
))),
Map.entry("networks", "string"),
Map.entry("noReadvertiseToOverlay", false),
Map.entry("tunnelName", "string"),
Map.entry("type", "string"),
Map.entry("via", "string"),
Map.entry("vpnName", "string"),
Map.entry("wanName", "string")
)))
.ipConfigs(Map.of("string", Map.ofEntries(
Map.entry("ip", "string"),
Map.entry("netmask", "string"),
Map.entry("secondaryIps", "string"),
Map.entry("type", "string")
)))
.name("string")
.networks(GatewaytemplateNetworkArgs.builder()
.name("string")
.subnet("string")
.internalAccess(GatewaytemplateNetworkInternalAccessArgs.builder()
.enabled(false)
.build())
.disallowMistServices(false)
.internetAccess(GatewaytemplateNetworkInternetAccessArgs.builder()
.createSimpleServicePolicy(false)
.destinationNat(Map.of("string", Map.ofEntries(
Map.entry("internalIp", "string"),
Map.entry("name", "string"),
Map.entry("port", "string"),
Map.entry("wanName", "string")
)))
.enabled(false)
.restricted(false)
.staticNat(Map.of("string", Map.ofEntries(
Map.entry("internalIp", "string"),
Map.entry("name", "string"),
Map.entry("wanName", "string")
)))
.build())
.isolation(false)
.multicast(GatewaytemplateNetworkMulticastArgs.builder()
.disableIgmp(false)
.enabled(false)
.groups(Map.of("string", Map.of("rpIp", "string")))
.build())
.gateway6("string")
.routedForNetworks("string")
.gateway("string")
.subnet6("string")
.tenants(Map.of("string", Map.of("addresses", "string")))
.vlanId("string")
.vpnAccess(Map.of("string", Map.ofEntries(
Map.entry("advertisedSubnet", "string"),
Map.entry("allowPing", false),
Map.entry("destinationNat", Map.of("string", Map.ofEntries(
Map.entry("internalIp", "string"),
Map.entry("name", "string"),
Map.entry("port", "string")
))),
Map.entry("natPool", "string"),
Map.entry("noReadvertiseToLanBgp", false),
Map.entry("noReadvertiseToLanOspf", false),
Map.entry("noReadvertiseToOverlay", false),
Map.entry("otherVrfs", "string"),
Map.entry("routed", false),
Map.entry("sourceNat", Map.of("externalIp", "string")),
Map.entry("staticNat", Map.of("string", Map.ofEntries(
Map.entry("internalIp", "string"),
Map.entry("name", "string")
))),
Map.entry("summarizedSubnet", "string"),
Map.entry("summarizedSubnetToLanBgp", "string"),
Map.entry("summarizedSubnetToLanOspf", "string")
)))
.build())
.additionalConfigCmds("string")
.dnsOverride(false)
.dhcpdConfig(GatewaytemplateDhcpdConfigArgs.builder()
.config(Map.of("string", Map.ofEntries(
Map.entry("dnsServers", "string"),
Map.entry("dnsSuffixes", "string"),
Map.entry("fixedBindings", Map.of("string", Map.ofEntries(
Map.entry("ip", "string"),
Map.entry("name", "string")
))),
Map.entry("gateway", "string"),
Map.entry("ipEnd", "string"),
Map.entry("ipEnd6", "string"),
Map.entry("ipStart", "string"),
Map.entry("ipStart6", "string"),
Map.entry("leaseTime", 0),
Map.entry("options", Map.of("string", Map.ofEntries(
Map.entry("type", "string"),
Map.entry("value", "string")
))),
Map.entry("serverIdOverride", false),
Map.entry("servers", "string"),
Map.entry("servers6s", "string"),
Map.entry("type", "string"),
Map.entry("type6", "string"),
Map.entry("vendorEncapsulated", Map.of("string", Map.ofEntries(
Map.entry("type", "string"),
Map.entry("value", "string")
)))
)))
.enabled(false)
.build())
.idpProfiles(Map.of("string", Map.ofEntries(
Map.entry("baseProfile", "string"),
Map.entry("name", "string"),
Map.entry("orgId", "string"),
Map.entry("overwrites", Map.ofEntries(
Map.entry("action", "string"),
Map.entry("matching", Map.ofEntries(
Map.entry("attackNames", "string"),
Map.entry("dstSubnets", "string"),
Map.entry("severities", "string")
)),
Map.entry("name", "string")
))
)))
.pathPreferences(Map.of("string", Map.ofEntries(
Map.entry("paths", Map.ofEntries(
Map.entry("cost", 0),
Map.entry("disabled", false),
Map.entry("gatewayIp", "string"),
Map.entry("internetAccess", false),
Map.entry("name", "string"),
Map.entry("networks", "string"),
Map.entry("targetIps", "string"),
Map.entry("type", "string"),
Map.entry("wanName", "string")
)),
Map.entry("strategy", "string")
)))
.portConfig(Map.of("string", Map.ofEntries(
Map.entry("usage", "string"),
Map.entry("networks", "string"),
Map.entry("dslType", "string"),
Map.entry("portNetwork", "string"),
Map.entry("critical", false),
Map.entry("description", "string"),
Map.entry("disableAutoneg", false),
Map.entry("disabled", false),
Map.entry("poeDisabled", false),
Map.entry("dslVci", 0),
Map.entry("dslVpi", 0),
Map.entry("duplex", "string"),
Map.entry("ipConfig", Map.ofEntries(
Map.entry("dns", "string"),
Map.entry("dnsSuffixes", "string"),
Map.entry("gateway", "string"),
Map.entry("ip", "string"),
Map.entry("netmask", "string"),
Map.entry("network", "string"),
Map.entry("poserPassword", "string"),
Map.entry("pppoeAuth", "string"),
Map.entry("pppoeUsername", "string"),
Map.entry("type", "string")
)),
Map.entry("outerVlanId", 0),
Map.entry("lteAuth", "string"),
Map.entry("lteBackup", false),
Map.entry("ltePassword", "string"),
Map.entry("lteUsername", "string"),
Map.entry("mtu", 0),
Map.entry("name", "string"),
Map.entry("aeDisableLacp", false),
Map.entry("lteApn", "string"),
Map.entry("aeLacpForceUp", false),
Map.entry("aggregated", false),
Map.entry("preserveDscp", false),
Map.entry("redundant", false),
Map.entry("rethIdx", 0),
Map.entry("rethNode", "string"),
Map.entry("rethNodes", "string"),
Map.entry("speed", "string"),
Map.entry("ssrNoVirtualMac", false),
Map.entry("svrPortRange", "string"),
Map.entry("trafficShaping", Map.ofEntries(
Map.entry("classPercentages", 0),
Map.entry("enabled", false),
Map.entry("maxTxKbps", 0)
)),
Map.entry("aeIdx", "string"),
Map.entry("vlanId", "string"),
Map.entry("vpnPaths", Map.of("string", Map.ofEntries(
Map.entry("bfdProfile", "string"),
Map.entry("bfdUseTunnelMode", false),
Map.entry("linkName", "string"),
Map.entry("preference", 0),
Map.entry("role", "string"),
Map.entry("trafficShaping", Map.ofEntries(
Map.entry("classPercentages", 0),
Map.entry("enabled", false),
Map.entry("maxTxKbps", 0)
))
))),
Map.entry("wanArpPolicer", "string"),
Map.entry("wanExtIp", "string"),
Map.entry("wanExtraRoutes", Map.of("string", Map.of("via", "string"))),
Map.entry("wanNetworks", "string"),
Map.entry("wanProbeOverride", Map.ofEntries(
Map.entry("ips", "string"),
Map.entry("probeProfile", "string")
)),
Map.entry("wanSourceNat", Map.ofEntries(
Map.entry("disabled", false),
Map.entry("natPool", "string")
)),
Map.entry("wanType", "string")
)))
.routerId("string")
.routingPolicies(Map.of("string", Map.of("terms", Map.ofEntries(
Map.entry("action", Map.ofEntries(
Map.entry("accept", false),
Map.entry("addCommunities", "string"),
Map.entry("addTargetVrfs", "string"),
Map.entry("aggregates", "string"),
Map.entry("communities", "string"),
Map.entry("excludeAsPaths", "string"),
Map.entry("excludeCommunities", "string"),
Map.entry("exportCommunitites", "string"),
Map.entry("localPreference", "string"),
Map.entry("prependAsPaths", "string")
)),
Map.entry("matching", Map.ofEntries(
Map.entry("asPaths", "string"),
Map.entry("communities", "string"),
Map.entry("networks", "string"),
Map.entry("prefixes", "string"),
Map.entry("protocols", "string"),
Map.entry("routeExists", Map.ofEntries(
Map.entry("route", "string"),
Map.entry("vrfName", "string")
)),
Map.entry("vpnNeighborMacs", "string"),
Map.entry("vpnPathSla", Map.ofEntries(
Map.entry("maxJitter", 0),
Map.entry("maxLatency", 0),
Map.entry("maxLoss", 0)
)),
Map.entry("vpnPaths", "string")
))
))))
.servicePolicies(GatewaytemplateServicePolicyArgs.builder()
.action("string")
.antivirus(GatewaytemplateServicePolicyAntivirusArgs.builder()
.avprofileId("string")
.enabled(false)
.profile("string")
.build())
.appqoe(GatewaytemplateServicePolicyAppqoeArgs.builder()
.enabled(false)
.build())
.ewfs(GatewaytemplateServicePolicyEwfArgs.builder()
.alertOnly(false)
.blockMessage("string")
.enabled(false)
.profile("string")
.build())
.idp(GatewaytemplateServicePolicyIdpArgs.builder()
.alertOnly(false)
.enabled(false)
.idpprofileId("string")
.profile("string")
.build())
.localRouting(false)
.name("string")
.pathPreference("string")
.servicepolicyId("string")
.services("string")
.sslProxy(GatewaytemplateServicePolicySslProxyArgs.builder()
.ciphersCategory("string")
.enabled(false)
.build())
.tenants("string")
.build())
.tunnelConfigs(Map.of("string", Map.ofEntries(
Map.entry("autoProvision", Map.ofEntries(
Map.entry("provider", "string"),
Map.entry("enable", false),
Map.entry("latlng", Map.ofEntries(
Map.entry("lat", 0),
Map.entry("lng", 0)
)),
Map.entry("primary", Map.ofEntries(
Map.entry("probeIps", "string"),
Map.entry("wanNames", "string")
)),
Map.entry("region", "string"),
Map.entry("secondary", Map.ofEntries(
Map.entry("probeIps", "string"),
Map.entry("wanNames", "string")
))
)),
Map.entry("ikeLifetime", 0),
Map.entry("ikeMode", "string"),
Map.entry("ikeProposals", Map.ofEntries(
Map.entry("authAlgo", "string"),
Map.entry("dhGroup", "string"),
Map.entry("encAlgo", "string")
)),
Map.entry("ipsecLifetime", 0),
Map.entry("ipsecProposals", Map.ofEntries(
Map.entry("authAlgo", "string"),
Map.entry("dhGroup", "string"),
Map.entry("encAlgo", "string")
)),
Map.entry("localId", "string"),
Map.entry("mode", "string"),
Map.entry("networks", "string"),
Map.entry("primary", Map.ofEntries(
Map.entry("hosts", "string"),
Map.entry("wanNames", "string"),
Map.entry("internalIps", "string"),
Map.entry("probeIps", "string"),
Map.entry("remoteIds", "string")
)),
Map.entry("probe", Map.ofEntries(
Map.entry("interval", 0),
Map.entry("threshold", 0),
Map.entry("timeout", 0),
Map.entry("type", "string")
)),
Map.entry("protocol", "string"),
Map.entry("provider", "string"),
Map.entry("psk", "string"),
Map.entry("secondary", Map.ofEntries(
Map.entry("hosts", "string"),
Map.entry("wanNames", "string"),
Map.entry("internalIps", "string"),
Map.entry("probeIps", "string"),
Map.entry("remoteIds", "string")
)),
Map.entry("version", "string")
)))
.tunnelProviderOptions(GatewaytemplateTunnelProviderOptionsArgs.builder()
.jse(GatewaytemplateTunnelProviderOptionsJseArgs.builder()
.numUsers(0)
.orgName("string")
.build())
.zscaler(GatewaytemplateTunnelProviderOptionsZscalerArgs.builder()
.aupBlockInternetUntilAccepted(false)
.aupEnabled(false)
.aupForceSslInspection(false)
.aupTimeoutInDays(0)
.authRequired(false)
.cautionEnabled(false)
.dnBandwidth(0)
.idleTimeInMinutes(0)
.ofwEnabled(false)
.subLocations(GatewaytemplateTunnelProviderOptionsZscalerSubLocationArgs.builder()
.aupBlockInternetUntilAccepted(false)
.aupEnabled(false)
.aupForceSslInspection(false)
.aupTimeoutInDays(0)
.authRequired(false)
.cautionEnabled(false)
.dnBandwidth(0)
.idleTimeInMinutes(0)
.name("string")
.ofwEnabled(false)
.surrogateIp(false)
.surrogateIpEnforcedForKnownBrowsers(false)
.surrogateRefreshTimeInMinutes(0)
.upBandwidth(0)
.build())
.surrogateIp(false)
.surrogateIpEnforcedForKnownBrowsers(false)
.surrogateRefreshTimeInMinutes(0)
.upBandwidth(0)
.xffForwardEnabled(false)
.build())
.build())
.type("string")
.vrfConfig(GatewaytemplateVrfConfigArgs.builder()
.enabled(false)
.build())
.vrfInstances(Map.of("string", Map.of("networks", "string")))
.build());
gatewaytemplate_resource = junipermist.org.Gatewaytemplate("gatewaytemplateResource",
org_id="string",
ntp_override=False,
dns_suffixes=["string"],
ntp_servers=["string"],
dns_servers=["string"],
oob_ip_config={
"gateway": "string",
"ip": "string",
"netmask": "string",
"node1": {
"gateway": "string",
"ip": "string",
"netmask": "string",
"type": "string",
"use_mgmt_vrf": False,
"use_mgmt_vrf_for_host_out": False,
"vlan_id": "string",
},
"type": "string",
"use_mgmt_vrf": False,
"use_mgmt_vrf_for_host_out": False,
"vlan_id": "string",
},
extra_routes={
"string": {
"via": "string",
},
},
extra_routes6={
"string": {
"via": "string",
},
},
bgp_config={
"string": {
"auth_key": "string",
"bfd_minimum_interval": 0,
"bfd_multiplier": 0,
"disable_bfd": False,
"export": "string",
"export_policy": "string",
"extended_v4_nexthop": False,
"graceful_restart_time": 0,
"hold_time": 0,
"import_": "string",
"import_policy": "string",
"local_as": 0,
"neighbor_as": 0,
"neighbors": {
"string": {
"disabled": False,
"export_policy": "string",
"hold_time": 0,
"import_policy": "string",
"multihop_ttl": 0,
"neighbor_as": 0,
},
},
"networks": ["string"],
"no_readvertise_to_overlay": False,
"tunnel_name": "string",
"type": "string",
"via": "string",
"vpn_name": "string",
"wan_name": "string",
},
},
ip_configs={
"string": {
"ip": "string",
"netmask": "string",
"secondary_ips": ["string"],
"type": "string",
},
},
name="string",
networks=[{
"name": "string",
"subnet": "string",
"internal_access": {
"enabled": False,
},
"disallow_mist_services": False,
"internet_access": {
"create_simple_service_policy": False,
"destination_nat": {
"string": {
"internal_ip": "string",
"name": "string",
"port": "string",
"wan_name": "string",
},
},
"enabled": False,
"restricted": False,
"static_nat": {
"string": {
"internal_ip": "string",
"name": "string",
"wan_name": "string",
},
},
},
"isolation": False,
"multicast": {
"disable_igmp": False,
"enabled": False,
"groups": {
"string": {
"rp_ip": "string",
},
},
},
"gateway6": "string",
"routed_for_networks": ["string"],
"gateway": "string",
"subnet6": "string",
"tenants": {
"string": {
"addresses": ["string"],
},
},
"vlan_id": "string",
"vpn_access": {
"string": {
"advertised_subnet": "string",
"allow_ping": False,
"destination_nat": {
"string": {
"internal_ip": "string",
"name": "string",
"port": "string",
},
},
"nat_pool": "string",
"no_readvertise_to_lan_bgp": False,
"no_readvertise_to_lan_ospf": False,
"no_readvertise_to_overlay": False,
"other_vrfs": ["string"],
"routed": False,
"source_nat": {
"external_ip": "string",
},
"static_nat": {
"string": {
"internal_ip": "string",
"name": "string",
},
},
"summarized_subnet": "string",
"summarized_subnet_to_lan_bgp": "string",
"summarized_subnet_to_lan_ospf": "string",
},
},
}],
additional_config_cmds=["string"],
dns_override=False,
dhcpd_config={
"config": {
"string": {
"dns_servers": ["string"],
"dns_suffixes": ["string"],
"fixed_bindings": {
"string": {
"ip": "string",
"name": "string",
},
},
"gateway": "string",
"ip_end": "string",
"ip_end6": "string",
"ip_start": "string",
"ip_start6": "string",
"lease_time": 0,
"options": {
"string": {
"type": "string",
"value": "string",
},
},
"server_id_override": False,
"servers": ["string"],
"servers6s": ["string"],
"type": "string",
"type6": "string",
"vendor_encapsulated": {
"string": {
"type": "string",
"value": "string",
},
},
},
},
"enabled": False,
},
idp_profiles={
"string": {
"base_profile": "string",
"name": "string",
"org_id": "string",
"overwrites": [{
"action": "string",
"matching": {
"attack_names": ["string"],
"dst_subnets": ["string"],
"severities": ["string"],
},
"name": "string",
}],
},
},
path_preferences={
"string": {
"paths": [{
"cost": 0,
"disabled": False,
"gateway_ip": "string",
"internet_access": False,
"name": "string",
"networks": ["string"],
"target_ips": ["string"],
"type": "string",
"wan_name": "string",
}],
"strategy": "string",
},
},
port_config={
"string": {
"usage": "string",
"networks": ["string"],
"dsl_type": "string",
"port_network": "string",
"critical": False,
"description": "string",
"disable_autoneg": False,
"disabled": False,
"poe_disabled": False,
"dsl_vci": 0,
"dsl_vpi": 0,
"duplex": "string",
"ip_config": {
"dns": ["string"],
"dns_suffixes": ["string"],
"gateway": "string",
"ip": "string",
"netmask": "string",
"network": "string",
"poser_password": "string",
"pppoe_auth": "string",
"pppoe_username": "string",
"type": "string",
},
"outer_vlan_id": 0,
"lte_auth": "string",
"lte_backup": False,
"lte_password": "string",
"lte_username": "string",
"mtu": 0,
"name": "string",
"ae_disable_lacp": False,
"lte_apn": "string",
"ae_lacp_force_up": False,
"aggregated": False,
"preserve_dscp": False,
"redundant": False,
"reth_idx": 0,
"reth_node": "string",
"reth_nodes": ["string"],
"speed": "string",
"ssr_no_virtual_mac": False,
"svr_port_range": "string",
"traffic_shaping": {
"class_percentages": [0],
"enabled": False,
"max_tx_kbps": 0,
},
"ae_idx": "string",
"vlan_id": "string",
"vpn_paths": {
"string": {
"bfd_profile": "string",
"bfd_use_tunnel_mode": False,
"link_name": "string",
"preference": 0,
"role": "string",
"traffic_shaping": {
"class_percentages": [0],
"enabled": False,
"max_tx_kbps": 0,
},
},
},
"wan_arp_policer": "string",
"wan_ext_ip": "string",
"wan_extra_routes": {
"string": {
"via": "string",
},
},
"wan_networks": ["string"],
"wan_probe_override": {
"ips": ["string"],
"probe_profile": "string",
},
"wan_source_nat": {
"disabled": False,
"nat_pool": "string",
},
"wan_type": "string",
},
},
router_id="string",
routing_policies={
"string": {
"terms": [{
"action": {
"accept": False,
"add_communities": ["string"],
"add_target_vrfs": ["string"],
"aggregates": ["string"],
"communities": ["string"],
"exclude_as_paths": ["string"],
"exclude_communities": ["string"],
"export_communitites": ["string"],
"local_preference": "string",
"prepend_as_paths": ["string"],
},
"matching": {
"as_paths": ["string"],
"communities": ["string"],
"networks": ["string"],
"prefixes": ["string"],
"protocols": ["string"],
"route_exists": {
"route": "string",
"vrf_name": "string",
},
"vpn_neighbor_macs": ["string"],
"vpn_path_sla": {
"max_jitter": 0,
"max_latency": 0,
"max_loss": 0,
},
"vpn_paths": ["string"],
},
}],
},
},
service_policies=[{
"action": "string",
"antivirus": {
"avprofile_id": "string",
"enabled": False,
"profile": "string",
},
"appqoe": {
"enabled": False,
},
"ewfs": [{
"alert_only": False,
"block_message": "string",
"enabled": False,
"profile": "string",
}],
"idp": {
"alert_only": False,
"enabled": False,
"idpprofile_id": "string",
"profile": "string",
},
"local_routing": False,
"name": "string",
"path_preference": "string",
"servicepolicy_id": "string",
"services": ["string"],
"ssl_proxy": {
"ciphers_category": "string",
"enabled": False,
},
"tenants": ["string"],
}],
tunnel_configs={
"string": {
"auto_provision": {
"provider": "string",
"enable": False,
"latlng": {
"lat": 0,
"lng": 0,
},
"primary": {
"probe_ips": ["string"],
"wan_names": ["string"],
},
"region": "string",
"secondary": {
"probe_ips": ["string"],
"wan_names": ["string"],
},
},
"ike_lifetime": 0,
"ike_mode": "string",
"ike_proposals": [{
"auth_algo": "string",
"dh_group": "string",
"enc_algo": "string",
}],
"ipsec_lifetime": 0,
"ipsec_proposals": [{
"auth_algo": "string",
"dh_group": "string",
"enc_algo": "string",
}],
"local_id": "string",
"mode": "string",
"networks": ["string"],
"primary": {
"hosts": ["string"],
"wan_names": ["string"],
"internal_ips": ["string"],
"probe_ips": ["string"],
"remote_ids": ["string"],
},
"probe": {
"interval": 0,
"threshold": 0,
"timeout": 0,
"type": "string",
},
"protocol": "string",
"provider": "string",
"psk": "string",
"secondary": {
"hosts": ["string"],
"wan_names": ["string"],
"internal_ips": ["string"],
"probe_ips": ["string"],
"remote_ids": ["string"],
},
"version": "string",
},
},
tunnel_provider_options={
"jse": {
"num_users": 0,
"org_name": "string",
},
"zscaler": {
"aup_block_internet_until_accepted": False,
"aup_enabled": False,
"aup_force_ssl_inspection": False,
"aup_timeout_in_days": 0,
"auth_required": False,
"caution_enabled": False,
"dn_bandwidth": 0,
"idle_time_in_minutes": 0,
"ofw_enabled": False,
"sub_locations": [{
"aup_block_internet_until_accepted": False,
"aup_enabled": False,
"aup_force_ssl_inspection": False,
"aup_timeout_in_days": 0,
"auth_required": False,
"caution_enabled": False,
"dn_bandwidth": 0,
"idle_time_in_minutes": 0,
"name": "string",
"ofw_enabled": False,
"surrogate_ip": False,
"surrogate_ip_enforced_for_known_browsers": False,
"surrogate_refresh_time_in_minutes": 0,
"up_bandwidth": 0,
}],
"surrogate_ip": False,
"surrogate_ip_enforced_for_known_browsers": False,
"surrogate_refresh_time_in_minutes": 0,
"up_bandwidth": 0,
"xff_forward_enabled": False,
},
},
type="string",
vrf_config={
"enabled": False,
},
vrf_instances={
"string": {
"networks": ["string"],
},
})
const gatewaytemplateResource = new junipermist.org.Gatewaytemplate("gatewaytemplateResource", {
orgId: "string",
ntpOverride: false,
dnsSuffixes: ["string"],
ntpServers: ["string"],
dnsServers: ["string"],
oobIpConfig: {
gateway: "string",
ip: "string",
netmask: "string",
node1: {
gateway: "string",
ip: "string",
netmask: "string",
type: "string",
useMgmtVrf: false,
useMgmtVrfForHostOut: false,
vlanId: "string",
},
type: "string",
useMgmtVrf: false,
useMgmtVrfForHostOut: false,
vlanId: "string",
},
extraRoutes: {
string: {
via: "string",
},
},
extraRoutes6: {
string: {
via: "string",
},
},
bgpConfig: {
string: {
authKey: "string",
bfdMinimumInterval: 0,
bfdMultiplier: 0,
disableBfd: false,
"export": "string",
exportPolicy: "string",
extendedV4Nexthop: false,
gracefulRestartTime: 0,
holdTime: 0,
"import": "string",
importPolicy: "string",
localAs: 0,
neighborAs: 0,
neighbors: {
string: {
disabled: false,
exportPolicy: "string",
holdTime: 0,
importPolicy: "string",
multihopTtl: 0,
neighborAs: 0,
},
},
networks: ["string"],
noReadvertiseToOverlay: false,
tunnelName: "string",
type: "string",
via: "string",
vpnName: "string",
wanName: "string",
},
},
ipConfigs: {
string: {
ip: "string",
netmask: "string",
secondaryIps: ["string"],
type: "string",
},
},
name: "string",
networks: [{
name: "string",
subnet: "string",
internalAccess: {
enabled: false,
},
disallowMistServices: false,
internetAccess: {
createSimpleServicePolicy: false,
destinationNat: {
string: {
internalIp: "string",
name: "string",
port: "string",
wanName: "string",
},
},
enabled: false,
restricted: false,
staticNat: {
string: {
internalIp: "string",
name: "string",
wanName: "string",
},
},
},
isolation: false,
multicast: {
disableIgmp: false,
enabled: false,
groups: {
string: {
rpIp: "string",
},
},
},
gateway6: "string",
routedForNetworks: ["string"],
gateway: "string",
subnet6: "string",
tenants: {
string: {
addresses: ["string"],
},
},
vlanId: "string",
vpnAccess: {
string: {
advertisedSubnet: "string",
allowPing: false,
destinationNat: {
string: {
internalIp: "string",
name: "string",
port: "string",
},
},
natPool: "string",
noReadvertiseToLanBgp: false,
noReadvertiseToLanOspf: false,
noReadvertiseToOverlay: false,
otherVrfs: ["string"],
routed: false,
sourceNat: {
externalIp: "string",
},
staticNat: {
string: {
internalIp: "string",
name: "string",
},
},
summarizedSubnet: "string",
summarizedSubnetToLanBgp: "string",
summarizedSubnetToLanOspf: "string",
},
},
}],
additionalConfigCmds: ["string"],
dnsOverride: false,
dhcpdConfig: {
config: {
string: {
dnsServers: ["string"],
dnsSuffixes: ["string"],
fixedBindings: {
string: {
ip: "string",
name: "string",
},
},
gateway: "string",
ipEnd: "string",
ipEnd6: "string",
ipStart: "string",
ipStart6: "string",
leaseTime: 0,
options: {
string: {
type: "string",
value: "string",
},
},
serverIdOverride: false,
servers: ["string"],
servers6s: ["string"],
type: "string",
type6: "string",
vendorEncapsulated: {
string: {
type: "string",
value: "string",
},
},
},
},
enabled: false,
},
idpProfiles: {
string: {
baseProfile: "string",
name: "string",
orgId: "string",
overwrites: [{
action: "string",
matching: {
attackNames: ["string"],
dstSubnets: ["string"],
severities: ["string"],
},
name: "string",
}],
},
},
pathPreferences: {
string: {
paths: [{
cost: 0,
disabled: false,
gatewayIp: "string",
internetAccess: false,
name: "string",
networks: ["string"],
targetIps: ["string"],
type: "string",
wanName: "string",
}],
strategy: "string",
},
},
portConfig: {
string: {
usage: "string",
networks: ["string"],
dslType: "string",
portNetwork: "string",
critical: false,
description: "string",
disableAutoneg: false,
disabled: false,
poeDisabled: false,
dslVci: 0,
dslVpi: 0,
duplex: "string",
ipConfig: {
dns: ["string"],
dnsSuffixes: ["string"],
gateway: "string",
ip: "string",
netmask: "string",
network: "string",
poserPassword: "string",
pppoeAuth: "string",
pppoeUsername: "string",
type: "string",
},
outerVlanId: 0,
lteAuth: "string",
lteBackup: false,
ltePassword: "string",
lteUsername: "string",
mtu: 0,
name: "string",
aeDisableLacp: false,
lteApn: "string",
aeLacpForceUp: false,
aggregated: false,
preserveDscp: false,
redundant: false,
rethIdx: 0,
rethNode: "string",
rethNodes: ["string"],
speed: "string",
ssrNoVirtualMac: false,
svrPortRange: "string",
trafficShaping: {
classPercentages: [0],
enabled: false,
maxTxKbps: 0,
},
aeIdx: "string",
vlanId: "string",
vpnPaths: {
string: {
bfdProfile: "string",
bfdUseTunnelMode: false,
linkName: "string",
preference: 0,
role: "string",
trafficShaping: {
classPercentages: [0],
enabled: false,
maxTxKbps: 0,
},
},
},
wanArpPolicer: "string",
wanExtIp: "string",
wanExtraRoutes: {
string: {
via: "string",
},
},
wanNetworks: ["string"],
wanProbeOverride: {
ips: ["string"],
probeProfile: "string",
},
wanSourceNat: {
disabled: false,
natPool: "string",
},
wanType: "string",
},
},
routerId: "string",
routingPolicies: {
string: {
terms: [{
action: {
accept: false,
addCommunities: ["string"],
addTargetVrfs: ["string"],
aggregates: ["string"],
communities: ["string"],
excludeAsPaths: ["string"],
excludeCommunities: ["string"],
exportCommunitites: ["string"],
localPreference: "string",
prependAsPaths: ["string"],
},
matching: {
asPaths: ["string"],
communities: ["string"],
networks: ["string"],
prefixes: ["string"],
protocols: ["string"],
routeExists: {
route: "string",
vrfName: "string",
},
vpnNeighborMacs: ["string"],
vpnPathSla: {
maxJitter: 0,
maxLatency: 0,
maxLoss: 0,
},
vpnPaths: ["string"],
},
}],
},
},
servicePolicies: [{
action: "string",
antivirus: {
avprofileId: "string",
enabled: false,
profile: "string",
},
appqoe: {
enabled: false,
},
ewfs: [{
alertOnly: false,
blockMessage: "string",
enabled: false,
profile: "string",
}],
idp: {
alertOnly: false,
enabled: false,
idpprofileId: "string",
profile: "string",
},
localRouting: false,
name: "string",
pathPreference: "string",
servicepolicyId: "string",
services: ["string"],
sslProxy: {
ciphersCategory: "string",
enabled: false,
},
tenants: ["string"],
}],
tunnelConfigs: {
string: {
autoProvision: {
provider: "string",
enable: false,
latlng: {
lat: 0,
lng: 0,
},
primary: {
probeIps: ["string"],
wanNames: ["string"],
},
region: "string",
secondary: {
probeIps: ["string"],
wanNames: ["string"],
},
},
ikeLifetime: 0,
ikeMode: "string",
ikeProposals: [{
authAlgo: "string",
dhGroup: "string",
encAlgo: "string",
}],
ipsecLifetime: 0,
ipsecProposals: [{
authAlgo: "string",
dhGroup: "string",
encAlgo: "string",
}],
localId: "string",
mode: "string",
networks: ["string"],
primary: {
hosts: ["string"],
wanNames: ["string"],
internalIps: ["string"],
probeIps: ["string"],
remoteIds: ["string"],
},
probe: {
interval: 0,
threshold: 0,
timeout: 0,
type: "string",
},
protocol: "string",
provider: "string",
psk: "string",
secondary: {
hosts: ["string"],
wanNames: ["string"],
internalIps: ["string"],
probeIps: ["string"],
remoteIds: ["string"],
},
version: "string",
},
},
tunnelProviderOptions: {
jse: {
numUsers: 0,
orgName: "string",
},
zscaler: {
aupBlockInternetUntilAccepted: false,
aupEnabled: false,
aupForceSslInspection: false,
aupTimeoutInDays: 0,
authRequired: false,
cautionEnabled: false,
dnBandwidth: 0,
idleTimeInMinutes: 0,
ofwEnabled: false,
subLocations: [{
aupBlockInternetUntilAccepted: false,
aupEnabled: false,
aupForceSslInspection: false,
aupTimeoutInDays: 0,
authRequired: false,
cautionEnabled: false,
dnBandwidth: 0,
idleTimeInMinutes: 0,
name: "string",
ofwEnabled: false,
surrogateIp: false,
surrogateIpEnforcedForKnownBrowsers: false,
surrogateRefreshTimeInMinutes: 0,
upBandwidth: 0,
}],
surrogateIp: false,
surrogateIpEnforcedForKnownBrowsers: false,
surrogateRefreshTimeInMinutes: 0,
upBandwidth: 0,
xffForwardEnabled: false,
},
},
type: "string",
vrfConfig: {
enabled: false,
},
vrfInstances: {
string: {
networks: ["string"],
},
},
});
type: junipermist:org:Gatewaytemplate
properties:
additionalConfigCmds:
- string
bgpConfig:
string:
authKey: string
bfdMinimumInterval: 0
bfdMultiplier: 0
disableBfd: false
export: string
exportPolicy: string
extendedV4Nexthop: false
gracefulRestartTime: 0
holdTime: 0
import: string
importPolicy: string
localAs: 0
neighborAs: 0
neighbors:
string:
disabled: false
exportPolicy: string
holdTime: 0
importPolicy: string
multihopTtl: 0
neighborAs: 0
networks:
- string
noReadvertiseToOverlay: false
tunnelName: string
type: string
via: string
vpnName: string
wanName: string
dhcpdConfig:
config:
string:
dnsServers:
- string
dnsSuffixes:
- string
fixedBindings:
string:
ip: string
name: string
gateway: string
ipEnd: string
ipEnd6: string
ipStart: string
ipStart6: string
leaseTime: 0
options:
string:
type: string
value: string
serverIdOverride: false
servers:
- string
servers6s:
- string
type: string
type6: string
vendorEncapsulated:
string:
type: string
value: string
enabled: false
dnsOverride: false
dnsServers:
- string
dnsSuffixes:
- string
extraRoutes:
string:
via: string
extraRoutes6:
string:
via: string
idpProfiles:
string:
baseProfile: string
name: string
orgId: string
overwrites:
- action: string
matching:
attackNames:
- string
dstSubnets:
- string
severities:
- string
name: string
ipConfigs:
string:
ip: string
netmask: string
secondaryIps:
- string
type: string
name: string
networks:
- disallowMistServices: false
gateway: string
gateway6: string
internalAccess:
enabled: false
internetAccess:
createSimpleServicePolicy: false
destinationNat:
string:
internalIp: string
name: string
port: string
wanName: string
enabled: false
restricted: false
staticNat:
string:
internalIp: string
name: string
wanName: string
isolation: false
multicast:
disableIgmp: false
enabled: false
groups:
string:
rpIp: string
name: string
routedForNetworks:
- string
subnet: string
subnet6: string
tenants:
string:
addresses:
- string
vlanId: string
vpnAccess:
string:
advertisedSubnet: string
allowPing: false
destinationNat:
string:
internalIp: string
name: string
port: string
natPool: string
noReadvertiseToLanBgp: false
noReadvertiseToLanOspf: false
noReadvertiseToOverlay: false
otherVrfs:
- string
routed: false
sourceNat:
externalIp: string
staticNat:
string:
internalIp: string
name: string
summarizedSubnet: string
summarizedSubnetToLanBgp: string
summarizedSubnetToLanOspf: string
ntpOverride: false
ntpServers:
- string
oobIpConfig:
gateway: string
ip: string
netmask: string
node1:
gateway: string
ip: string
netmask: string
type: string
useMgmtVrf: false
useMgmtVrfForHostOut: false
vlanId: string
type: string
useMgmtVrf: false
useMgmtVrfForHostOut: false
vlanId: string
orgId: string
pathPreferences:
string:
paths:
- cost: 0
disabled: false
gatewayIp: string
internetAccess: false
name: string
networks:
- string
targetIps:
- string
type: string
wanName: string
strategy: string
portConfig:
string:
aeDisableLacp: false
aeIdx: string
aeLacpForceUp: false
aggregated: false
critical: false
description: string
disableAutoneg: false
disabled: false
dslType: string
dslVci: 0
dslVpi: 0
duplex: string
ipConfig:
dns:
- string
dnsSuffixes:
- string
gateway: string
ip: string
netmask: string
network: string
poserPassword: string
pppoeAuth: string
pppoeUsername: string
type: string
lteApn: string
lteAuth: string
lteBackup: false
ltePassword: string
lteUsername: string
mtu: 0
name: string
networks:
- string
outerVlanId: 0
poeDisabled: false
portNetwork: string
preserveDscp: false
redundant: false
rethIdx: 0
rethNode: string
rethNodes:
- string
speed: string
ssrNoVirtualMac: false
svrPortRange: string
trafficShaping:
classPercentages:
- 0
enabled: false
maxTxKbps: 0
usage: string
vlanId: string
vpnPaths:
string:
bfdProfile: string
bfdUseTunnelMode: false
linkName: string
preference: 0
role: string
trafficShaping:
classPercentages:
- 0
enabled: false
maxTxKbps: 0
wanArpPolicer: string
wanExtIp: string
wanExtraRoutes:
string:
via: string
wanNetworks:
- string
wanProbeOverride:
ips:
- string
probeProfile: string
wanSourceNat:
disabled: false
natPool: string
wanType: string
routerId: string
routingPolicies:
string:
terms:
- action:
accept: false
addCommunities:
- string
addTargetVrfs:
- string
aggregates:
- string
communities:
- string
excludeAsPaths:
- string
excludeCommunities:
- string
exportCommunitites:
- string
localPreference: string
prependAsPaths:
- string
matching:
asPaths:
- string
communities:
- string
networks:
- string
prefixes:
- string
protocols:
- string
routeExists:
route: string
vrfName: string
vpnNeighborMacs:
- string
vpnPathSla:
maxJitter: 0
maxLatency: 0
maxLoss: 0
vpnPaths:
- string
servicePolicies:
- action: string
antivirus:
avprofileId: string
enabled: false
profile: string
appqoe:
enabled: false
ewfs:
- alertOnly: false
blockMessage: string
enabled: false
profile: string
idp:
alertOnly: false
enabled: false
idpprofileId: string
profile: string
localRouting: false
name: string
pathPreference: string
servicepolicyId: string
services:
- string
sslProxy:
ciphersCategory: string
enabled: false
tenants:
- string
tunnelConfigs:
string:
autoProvision:
enable: false
latlng:
lat: 0
lng: 0
primary:
probeIps:
- string
wanNames:
- string
provider: string
region: string
secondary:
probeIps:
- string
wanNames:
- string
ikeLifetime: 0
ikeMode: string
ikeProposals:
- authAlgo: string
dhGroup: string
encAlgo: string
ipsecLifetime: 0
ipsecProposals:
- authAlgo: string
dhGroup: string
encAlgo: string
localId: string
mode: string
networks:
- string
primary:
hosts:
- string
internalIps:
- string
probeIps:
- string
remoteIds:
- string
wanNames:
- string
probe:
interval: 0
threshold: 0
timeout: 0
type: string
protocol: string
provider: string
psk: string
secondary:
hosts:
- string
internalIps:
- string
probeIps:
- string
remoteIds:
- string
wanNames:
- string
version: string
tunnelProviderOptions:
jse:
numUsers: 0
orgName: string
zscaler:
aupBlockInternetUntilAccepted: false
aupEnabled: false
aupForceSslInspection: false
aupTimeoutInDays: 0
authRequired: false
cautionEnabled: false
dnBandwidth: 0
idleTimeInMinutes: 0
ofwEnabled: false
subLocations:
- aupBlockInternetUntilAccepted: false
aupEnabled: false
aupForceSslInspection: false
aupTimeoutInDays: 0
authRequired: false
cautionEnabled: false
dnBandwidth: 0
idleTimeInMinutes: 0
name: string
ofwEnabled: false
surrogateIp: false
surrogateIpEnforcedForKnownBrowsers: false
surrogateRefreshTimeInMinutes: 0
upBandwidth: 0
surrogateIp: false
surrogateIpEnforcedForKnownBrowsers: false
surrogateRefreshTimeInMinutes: 0
upBandwidth: 0
xffForwardEnabled: false
type: string
vrfConfig:
enabled: false
vrfInstances:
string:
networks:
- string
Gatewaytemplate Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The Gatewaytemplate resource accepts the following input properties:
- Org
Id string - Additional
Config List<string>Cmds - additional CLI commands to append to the generated Junos config. Note: no check is done
- Bgp
Config Dictionary<string, Pulumi.Juniper Mist. Org. Inputs. Gatewaytemplate Bgp Config Args> - Dhcpd
Config Pulumi.Juniper Mist. Org. Inputs. Gatewaytemplate Dhcpd Config - Dns
Override bool - Dns
Servers List<string> - Global dns settings. To keep compatibility, dns settings in
ip_configandoob_ip_configwill overwrite this setting - Dns
Suffixes List<string> - Global dns settings. To keep compatibility, dns settings in
ip_configandoob_ip_configwill overwrite this setting - Extra
Routes Dictionary<string, Pulumi.Juniper Mist. Org. Inputs. Gatewaytemplate Extra Routes Args> - Property key is the destination CIDR (e.g. "10.0.0.0/8")
- Extra
Routes6 Dictionary<string, Pulumi.Juniper Mist. Org. Inputs. Gatewaytemplate Extra Routes6Args> - Property key is the destination CIDR (e.g. "2a02:1234:420a:10c9::/64")
- Idp
Profiles Dictionary<string, Pulumi.Juniper Mist. Org. Inputs. Gatewaytemplate Idp Profiles Args> - Property key is the profile name
- Ip
Configs Dictionary<string, Pulumi.Juniper Mist. Org. Inputs. Gatewaytemplate Ip Configs Args> - Property key is the network name
- Name string
- Networks
List<Pulumi.
Juniper Mist. Org. Inputs. Gatewaytemplate Network> - Ntp
Override bool - Ntp
Servers List<string> - List of NTP servers specific to this device. By default, those in Site Settings will be used
- Oob
Ip Pulumi.Config Juniper Mist. Org. Inputs. Gatewaytemplate Oob Ip Config - Out-of-band (vme/em0/fxp0) IP config
- Path
Preferences Dictionary<string, Pulumi.Juniper Mist. Org. Inputs. Gatewaytemplate Path Preferences Args> - Property key is the path name
- Port
Config Dictionary<string, Pulumi.Juniper Mist. Org. Inputs. Gatewaytemplate Port Config Args> - Property key is the Port Name (i.e. "ge-0/0/0"), the Ports Range (i.e. "ge-0/0/0-10"), the List of Ports (i.e. "ge-0/0/0,ge-1/0/0", only allowed for Aggregated or Redundant interfaces) or a Variable (i.e. "{{myvar}}").
- Router
Id string - Auto assigned if not set
- Routing
Policies Dictionary<string, Pulumi.Juniper Mist. Org. Inputs. Gatewaytemplate Routing Policies Args> - Property key is the routing policy name
- Service
Policies List<Pulumi.Juniper Mist. Org. Inputs. Gatewaytemplate Service Policy> - Tunnel
Configs Dictionary<string, Pulumi.Juniper Mist. Org. Inputs. Gatewaytemplate Tunnel Configs Args> - Property key is the tunnel name
- Tunnel
Provider Pulumi.Options Juniper Mist. Org. Inputs. Gatewaytemplate Tunnel Provider Options - Type string
- enum:
spoke,standalone - Vrf
Config Pulumi.Juniper Mist. Org. Inputs. Gatewaytemplate Vrf Config - Vrf
Instances Dictionary<string, Pulumi.Juniper Mist. Org. Inputs. Gatewaytemplate Vrf Instances Args> - Property key is the network name
- Org
Id string - Additional
Config []stringCmds - additional CLI commands to append to the generated Junos config. Note: no check is done
- Bgp
Config map[string]GatewaytemplateBgp Config Args - Dhcpd
Config GatewaytemplateDhcpd Config Args - Dns
Override bool - Dns
Servers []string - Global dns settings. To keep compatibility, dns settings in
ip_configandoob_ip_configwill overwrite this setting - Dns
Suffixes []string - Global dns settings. To keep compatibility, dns settings in
ip_configandoob_ip_configwill overwrite this setting - Extra
Routes map[string]GatewaytemplateExtra Routes Args - Property key is the destination CIDR (e.g. "10.0.0.0/8")
- Extra
Routes6 map[string]GatewaytemplateExtra Routes6Args - Property key is the destination CIDR (e.g. "2a02:1234:420a:10c9::/64")
- Idp
Profiles map[string]GatewaytemplateIdp Profiles Args - Property key is the profile name
- Ip
Configs map[string]GatewaytemplateIp Configs Args - Property key is the network name
- Name string
- Networks
[]Gatewaytemplate
Network Args - Ntp
Override bool - Ntp
Servers []string - List of NTP servers specific to this device. By default, those in Site Settings will be used
- Oob
Ip GatewaytemplateConfig Oob Ip Config Args - Out-of-band (vme/em0/fxp0) IP config
- Path
Preferences map[string]GatewaytemplatePath Preferences Args - Property key is the path name
- Port
Config map[string]GatewaytemplatePort Config Args - Property key is the Port Name (i.e. "ge-0/0/0"), the Ports Range (i.e. "ge-0/0/0-10"), the List of Ports (i.e. "ge-0/0/0,ge-1/0/0", only allowed for Aggregated or Redundant interfaces) or a Variable (i.e. "{{myvar}}").
- Router
Id string - Auto assigned if not set
- Routing
Policies map[string]GatewaytemplateRouting Policies Args - Property key is the routing policy name
- Service
Policies []GatewaytemplateService Policy Args - Tunnel
Configs map[string]GatewaytemplateTunnel Configs Args - Property key is the tunnel name
- Tunnel
Provider GatewaytemplateOptions Tunnel Provider Options Args - Type string
- enum:
spoke,standalone - Vrf
Config GatewaytemplateVrf Config Args - Vrf
Instances map[string]GatewaytemplateVrf Instances Args - Property key is the network name
- org
Id String - additional
Config List<String>Cmds - additional CLI commands to append to the generated Junos config. Note: no check is done
- bgp
Config Map<String,GatewaytemplateBgp Config Args> - dhcpd
Config GatewaytemplateDhcpd Config - dns
Override Boolean - dns
Servers List<String> - Global dns settings. To keep compatibility, dns settings in
ip_configandoob_ip_configwill overwrite this setting - dns
Suffixes List<String> - Global dns settings. To keep compatibility, dns settings in
ip_configandoob_ip_configwill overwrite this setting - extra
Routes Map<String,GatewaytemplateExtra Routes Args> - Property key is the destination CIDR (e.g. "10.0.0.0/8")
- extra
Routes6 Map<String,GatewaytemplateExtra Routes6Args> - Property key is the destination CIDR (e.g. "2a02:1234:420a:10c9::/64")
- idp
Profiles Map<String,GatewaytemplateIdp Profiles Args> - Property key is the profile name
- ip
Configs Map<String,GatewaytemplateIp Configs Args> - Property key is the network name
- name String
- networks
List<Gatewaytemplate
Network> - ntp
Override Boolean - ntp
Servers List<String> - List of NTP servers specific to this device. By default, those in Site Settings will be used
- oob
Ip GatewaytemplateConfig Oob Ip Config - Out-of-band (vme/em0/fxp0) IP config
- path
Preferences Map<String,GatewaytemplatePath Preferences Args> - Property key is the path name
- port
Config Map<String,GatewaytemplatePort Config Args> - Property key is the Port Name (i.e. "ge-0/0/0"), the Ports Range (i.e. "ge-0/0/0-10"), the List of Ports (i.e. "ge-0/0/0,ge-1/0/0", only allowed for Aggregated or Redundant interfaces) or a Variable (i.e. "{{myvar}}").
- router
Id String - Auto assigned if not set
- routing
Policies Map<String,GatewaytemplateRouting Policies Args> - Property key is the routing policy name
- service
Policies List<GatewaytemplateService Policy> - tunnel
Configs Map<String,GatewaytemplateTunnel Configs Args> - Property key is the tunnel name
- tunnel
Provider GatewaytemplateOptions Tunnel Provider Options - type String
- enum:
spoke,standalone - vrf
Config GatewaytemplateVrf Config - vrf
Instances Map<String,GatewaytemplateVrf Instances Args> - Property key is the network name
- org
Id string - additional
Config string[]Cmds - additional CLI commands to append to the generated Junos config. Note: no check is done
- bgp
Config {[key: string]: GatewaytemplateBgp Config Args} - dhcpd
Config GatewaytemplateDhcpd Config - dns
Override boolean - dns
Servers string[] - Global dns settings. To keep compatibility, dns settings in
ip_configandoob_ip_configwill overwrite this setting - dns
Suffixes string[] - Global dns settings. To keep compatibility, dns settings in
ip_configandoob_ip_configwill overwrite this setting - extra
Routes {[key: string]: GatewaytemplateExtra Routes Args} - Property key is the destination CIDR (e.g. "10.0.0.0/8")
- extra
Routes6 {[key: string]: GatewaytemplateExtra Routes6Args} - Property key is the destination CIDR (e.g. "2a02:1234:420a:10c9::/64")
- idp
Profiles {[key: string]: GatewaytemplateIdp Profiles Args} - Property key is the profile name
- ip
Configs {[key: string]: GatewaytemplateIp Configs Args} - Property key is the network name
- name string
- networks
Gatewaytemplate
Network[] - ntp
Override boolean - ntp
Servers string[] - List of NTP servers specific to this device. By default, those in Site Settings will be used
- oob
Ip GatewaytemplateConfig Oob Ip Config - Out-of-band (vme/em0/fxp0) IP config
- path
Preferences {[key: string]: GatewaytemplatePath Preferences Args} - Property key is the path name
- port
Config {[key: string]: GatewaytemplatePort Config Args} - Property key is the Port Name (i.e. "ge-0/0/0"), the Ports Range (i.e. "ge-0/0/0-10"), the List of Ports (i.e. "ge-0/0/0,ge-1/0/0", only allowed for Aggregated or Redundant interfaces) or a Variable (i.e. "{{myvar}}").
- router
Id string - Auto assigned if not set
- routing
Policies {[key: string]: GatewaytemplateRouting Policies Args} - Property key is the routing policy name
- service
Policies GatewaytemplateService Policy[] - tunnel
Configs {[key: string]: GatewaytemplateTunnel Configs Args} - Property key is the tunnel name
- tunnel
Provider GatewaytemplateOptions Tunnel Provider Options - type string
- enum:
spoke,standalone - vrf
Config GatewaytemplateVrf Config - vrf
Instances {[key: string]: GatewaytemplateVrf Instances Args} - Property key is the network name
- org_
id str - additional_
config_ Sequence[str]cmds - additional CLI commands to append to the generated Junos config. Note: no check is done
- bgp_
config Mapping[str, GatewaytemplateBgp Config Args] - dhcpd_
config GatewaytemplateDhcpd Config Args - dns_
override bool - dns_
servers Sequence[str] - Global dns settings. To keep compatibility, dns settings in
ip_configandoob_ip_configwill overwrite this setting - dns_
suffixes Sequence[str] - Global dns settings. To keep compatibility, dns settings in
ip_configandoob_ip_configwill overwrite this setting - extra_
routes Mapping[str, GatewaytemplateExtra Routes Args] - Property key is the destination CIDR (e.g. "10.0.0.0/8")
- extra_
routes6 Mapping[str, GatewaytemplateExtra Routes6Args] - Property key is the destination CIDR (e.g. "2a02:1234:420a:10c9::/64")
- idp_
profiles Mapping[str, GatewaytemplateIdp Profiles Args] - Property key is the profile name
- ip_
configs Mapping[str, GatewaytemplateIp Configs Args] - Property key is the network name
- name str
- networks
Sequence[Gatewaytemplate
Network Args] - ntp_
override bool - ntp_
servers Sequence[str] - List of NTP servers specific to this device. By default, those in Site Settings will be used
- oob_
ip_ Gatewaytemplateconfig Oob Ip Config Args - Out-of-band (vme/em0/fxp0) IP config
- path_
preferences Mapping[str, GatewaytemplatePath Preferences Args] - Property key is the path name
- port_
config Mapping[str, GatewaytemplatePort Config Args] - Property key is the Port Name (i.e. "ge-0/0/0"), the Ports Range (i.e. "ge-0/0/0-10"), the List of Ports (i.e. "ge-0/0/0,ge-1/0/0", only allowed for Aggregated or Redundant interfaces) or a Variable (i.e. "{{myvar}}").
- router_
id str - Auto assigned if not set
- routing_
policies Mapping[str, GatewaytemplateRouting Policies Args] - Property key is the routing policy name
- service_
policies Sequence[GatewaytemplateService Policy Args] - tunnel_
configs Mapping[str, GatewaytemplateTunnel Configs Args] - Property key is the tunnel name
- tunnel_
provider_ Gatewaytemplateoptions Tunnel Provider Options Args - type str
- enum:
spoke,standalone - vrf_
config GatewaytemplateVrf Config Args - vrf_
instances Mapping[str, GatewaytemplateVrf Instances Args] - Property key is the network name
- org
Id String - additional
Config List<String>Cmds - additional CLI commands to append to the generated Junos config. Note: no check is done
- bgp
Config Map<Property Map> - dhcpd
Config Property Map - dns
Override Boolean - dns
Servers List<String> - Global dns settings. To keep compatibility, dns settings in
ip_configandoob_ip_configwill overwrite this setting - dns
Suffixes List<String> - Global dns settings. To keep compatibility, dns settings in
ip_configandoob_ip_configwill overwrite this setting - extra
Routes Map<Property Map> - Property key is the destination CIDR (e.g. "10.0.0.0/8")
- extra
Routes6 Map<Property Map> - Property key is the destination CIDR (e.g. "2a02:1234:420a:10c9::/64")
- idp
Profiles Map<Property Map> - Property key is the profile name
- ip
Configs Map<Property Map> - Property key is the network name
- name String
- networks List<Property Map>
- ntp
Override Boolean - ntp
Servers List<String> - List of NTP servers specific to this device. By default, those in Site Settings will be used
- oob
Ip Property MapConfig - Out-of-band (vme/em0/fxp0) IP config
- path
Preferences Map<Property Map> - Property key is the path name
- port
Config Map<Property Map> - Property key is the Port Name (i.e. "ge-0/0/0"), the Ports Range (i.e. "ge-0/0/0-10"), the List of Ports (i.e. "ge-0/0/0,ge-1/0/0", only allowed for Aggregated or Redundant interfaces) or a Variable (i.e. "{{myvar}}").
- router
Id String - Auto assigned if not set
- routing
Policies Map<Property Map> - Property key is the routing policy name
- service
Policies List<Property Map> - tunnel
Configs Map<Property Map> - Property key is the tunnel name
- tunnel
Provider Property MapOptions - type String
- enum:
spoke,standalone - vrf
Config Property Map - vrf
Instances Map<Property Map> - Property key is the network name
Outputs
All input properties are implicitly available as output properties. Additionally, the Gatewaytemplate resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing Gatewaytemplate Resource
Get an existing Gatewaytemplate resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: GatewaytemplateState, opts?: CustomResourceOptions): Gatewaytemplate@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
additional_config_cmds: Optional[Sequence[str]] = None,
bgp_config: Optional[Mapping[str, GatewaytemplateBgpConfigArgs]] = None,
dhcpd_config: Optional[GatewaytemplateDhcpdConfigArgs] = None,
dns_override: Optional[bool] = None,
dns_servers: Optional[Sequence[str]] = None,
dns_suffixes: Optional[Sequence[str]] = None,
extra_routes: Optional[Mapping[str, GatewaytemplateExtraRoutesArgs]] = None,
extra_routes6: Optional[Mapping[str, GatewaytemplateExtraRoutes6Args]] = None,
idp_profiles: Optional[Mapping[str, GatewaytemplateIdpProfilesArgs]] = None,
ip_configs: Optional[Mapping[str, GatewaytemplateIpConfigsArgs]] = None,
name: Optional[str] = None,
networks: Optional[Sequence[GatewaytemplateNetworkArgs]] = None,
ntp_override: Optional[bool] = None,
ntp_servers: Optional[Sequence[str]] = None,
oob_ip_config: Optional[GatewaytemplateOobIpConfigArgs] = None,
org_id: Optional[str] = None,
path_preferences: Optional[Mapping[str, GatewaytemplatePathPreferencesArgs]] = None,
port_config: Optional[Mapping[str, GatewaytemplatePortConfigArgs]] = None,
router_id: Optional[str] = None,
routing_policies: Optional[Mapping[str, GatewaytemplateRoutingPoliciesArgs]] = None,
service_policies: Optional[Sequence[GatewaytemplateServicePolicyArgs]] = None,
tunnel_configs: Optional[Mapping[str, GatewaytemplateTunnelConfigsArgs]] = None,
tunnel_provider_options: Optional[GatewaytemplateTunnelProviderOptionsArgs] = None,
type: Optional[str] = None,
vrf_config: Optional[GatewaytemplateVrfConfigArgs] = None,
vrf_instances: Optional[Mapping[str, GatewaytemplateVrfInstancesArgs]] = None) -> Gatewaytemplatefunc GetGatewaytemplate(ctx *Context, name string, id IDInput, state *GatewaytemplateState, opts ...ResourceOption) (*Gatewaytemplate, error)public static Gatewaytemplate Get(string name, Input<string> id, GatewaytemplateState? state, CustomResourceOptions? opts = null)public static Gatewaytemplate get(String name, Output<String> id, GatewaytemplateState state, CustomResourceOptions options)resources: _: type: junipermist:org:Gatewaytemplate get: id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Additional
Config List<string>Cmds - additional CLI commands to append to the generated Junos config. Note: no check is done
- Bgp
Config Dictionary<string, Pulumi.Juniper Mist. Org. Inputs. Gatewaytemplate Bgp Config Args> - Dhcpd
Config Pulumi.Juniper Mist. Org. Inputs. Gatewaytemplate Dhcpd Config - Dns
Override bool - Dns
Servers List<string> - Global dns settings. To keep compatibility, dns settings in
ip_configandoob_ip_configwill overwrite this setting - Dns
Suffixes List<string> - Global dns settings. To keep compatibility, dns settings in
ip_configandoob_ip_configwill overwrite this setting - Extra
Routes Dictionary<string, Pulumi.Juniper Mist. Org. Inputs. Gatewaytemplate Extra Routes Args> - Property key is the destination CIDR (e.g. "10.0.0.0/8")
- Extra
Routes6 Dictionary<string, Pulumi.Juniper Mist. Org. Inputs. Gatewaytemplate Extra Routes6Args> - Property key is the destination CIDR (e.g. "2a02:1234:420a:10c9::/64")
- Idp
Profiles Dictionary<string, Pulumi.Juniper Mist. Org. Inputs. Gatewaytemplate Idp Profiles Args> - Property key is the profile name
- Ip
Configs Dictionary<string, Pulumi.Juniper Mist. Org. Inputs. Gatewaytemplate Ip Configs Args> - Property key is the network name
- Name string
- Networks
List<Pulumi.
Juniper Mist. Org. Inputs. Gatewaytemplate Network> - Ntp
Override bool - Ntp
Servers List<string> - List of NTP servers specific to this device. By default, those in Site Settings will be used
- Oob
Ip Pulumi.Config Juniper Mist. Org. Inputs. Gatewaytemplate Oob Ip Config - Out-of-band (vme/em0/fxp0) IP config
- Org
Id string - Path
Preferences Dictionary<string, Pulumi.Juniper Mist. Org. Inputs. Gatewaytemplate Path Preferences Args> - Property key is the path name
- Port
Config Dictionary<string, Pulumi.Juniper Mist. Org. Inputs. Gatewaytemplate Port Config Args> - Property key is the Port Name (i.e. "ge-0/0/0"), the Ports Range (i.e. "ge-0/0/0-10"), the List of Ports (i.e. "ge-0/0/0,ge-1/0/0", only allowed for Aggregated or Redundant interfaces) or a Variable (i.e. "{{myvar}}").
- Router
Id string - Auto assigned if not set
- Routing
Policies Dictionary<string, Pulumi.Juniper Mist. Org. Inputs. Gatewaytemplate Routing Policies Args> - Property key is the routing policy name
- Service
Policies List<Pulumi.Juniper Mist. Org. Inputs. Gatewaytemplate Service Policy> - Tunnel
Configs Dictionary<string, Pulumi.Juniper Mist. Org. Inputs. Gatewaytemplate Tunnel Configs Args> - Property key is the tunnel name
- Tunnel
Provider Pulumi.Options Juniper Mist. Org. Inputs. Gatewaytemplate Tunnel Provider Options - Type string
- enum:
spoke,standalone - Vrf
Config Pulumi.Juniper Mist. Org. Inputs. Gatewaytemplate Vrf Config - Vrf
Instances Dictionary<string, Pulumi.Juniper Mist. Org. Inputs. Gatewaytemplate Vrf Instances Args> - Property key is the network name
- Additional
Config []stringCmds - additional CLI commands to append to the generated Junos config. Note: no check is done
- Bgp
Config map[string]GatewaytemplateBgp Config Args - Dhcpd
Config GatewaytemplateDhcpd Config Args - Dns
Override bool - Dns
Servers []string - Global dns settings. To keep compatibility, dns settings in
ip_configandoob_ip_configwill overwrite this setting - Dns
Suffixes []string - Global dns settings. To keep compatibility, dns settings in
ip_configandoob_ip_configwill overwrite this setting - Extra
Routes map[string]GatewaytemplateExtra Routes Args - Property key is the destination CIDR (e.g. "10.0.0.0/8")
- Extra
Routes6 map[string]GatewaytemplateExtra Routes6Args - Property key is the destination CIDR (e.g. "2a02:1234:420a:10c9::/64")
- Idp
Profiles map[string]GatewaytemplateIdp Profiles Args - Property key is the profile name
- Ip
Configs map[string]GatewaytemplateIp Configs Args - Property key is the network name
- Name string
- Networks
[]Gatewaytemplate
Network Args - Ntp
Override bool - Ntp
Servers []string - List of NTP servers specific to this device. By default, those in Site Settings will be used
- Oob
Ip GatewaytemplateConfig Oob Ip Config Args - Out-of-band (vme/em0/fxp0) IP config
- Org
Id string - Path
Preferences map[string]GatewaytemplatePath Preferences Args - Property key is the path name
- Port
Config map[string]GatewaytemplatePort Config Args - Property key is the Port Name (i.e. "ge-0/0/0"), the Ports Range (i.e. "ge-0/0/0-10"), the List of Ports (i.e. "ge-0/0/0,ge-1/0/0", only allowed for Aggregated or Redundant interfaces) or a Variable (i.e. "{{myvar}}").
- Router
Id string - Auto assigned if not set
- Routing
Policies map[string]GatewaytemplateRouting Policies Args - Property key is the routing policy name
- Service
Policies []GatewaytemplateService Policy Args - Tunnel
Configs map[string]GatewaytemplateTunnel Configs Args - Property key is the tunnel name
- Tunnel
Provider GatewaytemplateOptions Tunnel Provider Options Args - Type string
- enum:
spoke,standalone - Vrf
Config GatewaytemplateVrf Config Args - Vrf
Instances map[string]GatewaytemplateVrf Instances Args - Property key is the network name
- additional
Config List<String>Cmds - additional CLI commands to append to the generated Junos config. Note: no check is done
- bgp
Config Map<String,GatewaytemplateBgp Config Args> - dhcpd
Config GatewaytemplateDhcpd Config - dns
Override Boolean - dns
Servers List<String> - Global dns settings. To keep compatibility, dns settings in
ip_configandoob_ip_configwill overwrite this setting - dns
Suffixes List<String> - Global dns settings. To keep compatibility, dns settings in
ip_configandoob_ip_configwill overwrite this setting - extra
Routes Map<String,GatewaytemplateExtra Routes Args> - Property key is the destination CIDR (e.g. "10.0.0.0/8")
- extra
Routes6 Map<String,GatewaytemplateExtra Routes6Args> - Property key is the destination CIDR (e.g. "2a02:1234:420a:10c9::/64")
- idp
Profiles Map<String,GatewaytemplateIdp Profiles Args> - Property key is the profile name
- ip
Configs Map<String,GatewaytemplateIp Configs Args> - Property key is the network name
- name String
- networks
List<Gatewaytemplate
Network> - ntp
Override Boolean - ntp
Servers List<String> - List of NTP servers specific to this device. By default, those in Site Settings will be used
- oob
Ip GatewaytemplateConfig Oob Ip Config - Out-of-band (vme/em0/fxp0) IP config
- org
Id String - path
Preferences Map<String,GatewaytemplatePath Preferences Args> - Property key is the path name
- port
Config Map<String,GatewaytemplatePort Config Args> - Property key is the Port Name (i.e. "ge-0/0/0"), the Ports Range (i.e. "ge-0/0/0-10"), the List of Ports (i.e. "ge-0/0/0,ge-1/0/0", only allowed for Aggregated or Redundant interfaces) or a Variable (i.e. "{{myvar}}").
- router
Id String - Auto assigned if not set
- routing
Policies Map<String,GatewaytemplateRouting Policies Args> - Property key is the routing policy name
- service
Policies List<GatewaytemplateService Policy> - tunnel
Configs Map<String,GatewaytemplateTunnel Configs Args> - Property key is the tunnel name
- tunnel
Provider GatewaytemplateOptions Tunnel Provider Options - type String
- enum:
spoke,standalone - vrf
Config GatewaytemplateVrf Config - vrf
Instances Map<String,GatewaytemplateVrf Instances Args> - Property key is the network name
- additional
Config string[]Cmds - additional CLI commands to append to the generated Junos config. Note: no check is done
- bgp
Config {[key: string]: GatewaytemplateBgp Config Args} - dhcpd
Config GatewaytemplateDhcpd Config - dns
Override boolean - dns
Servers string[] - Global dns settings. To keep compatibility, dns settings in
ip_configandoob_ip_configwill overwrite this setting - dns
Suffixes string[] - Global dns settings. To keep compatibility, dns settings in
ip_configandoob_ip_configwill overwrite this setting - extra
Routes {[key: string]: GatewaytemplateExtra Routes Args} - Property key is the destination CIDR (e.g. "10.0.0.0/8")
- extra
Routes6 {[key: string]: GatewaytemplateExtra Routes6Args} - Property key is the destination CIDR (e.g. "2a02:1234:420a:10c9::/64")
- idp
Profiles {[key: string]: GatewaytemplateIdp Profiles Args} - Property key is the profile name
- ip
Configs {[key: string]: GatewaytemplateIp Configs Args} - Property key is the network name
- name string
- networks
Gatewaytemplate
Network[] - ntp
Override boolean - ntp
Servers string[] - List of NTP servers specific to this device. By default, those in Site Settings will be used
- oob
Ip GatewaytemplateConfig Oob Ip Config - Out-of-band (vme/em0/fxp0) IP config
- org
Id string - path
Preferences {[key: string]: GatewaytemplatePath Preferences Args} - Property key is the path name
- port
Config {[key: string]: GatewaytemplatePort Config Args} - Property key is the Port Name (i.e. "ge-0/0/0"), the Ports Range (i.e. "ge-0/0/0-10"), the List of Ports (i.e. "ge-0/0/0,ge-1/0/0", only allowed for Aggregated or Redundant interfaces) or a Variable (i.e. "{{myvar}}").
- router
Id string - Auto assigned if not set
- routing
Policies {[key: string]: GatewaytemplateRouting Policies Args} - Property key is the routing policy name
- service
Policies GatewaytemplateService Policy[] - tunnel
Configs {[key: string]: GatewaytemplateTunnel Configs Args} - Property key is the tunnel name
- tunnel
Provider GatewaytemplateOptions Tunnel Provider Options - type string
- enum:
spoke,standalone - vrf
Config GatewaytemplateVrf Config - vrf
Instances {[key: string]: GatewaytemplateVrf Instances Args} - Property key is the network name
- additional_
config_ Sequence[str]cmds - additional CLI commands to append to the generated Junos config. Note: no check is done
- bgp_
config Mapping[str, GatewaytemplateBgp Config Args] - dhcpd_
config GatewaytemplateDhcpd Config Args - dns_
override bool - dns_
servers Sequence[str] - Global dns settings. To keep compatibility, dns settings in
ip_configandoob_ip_configwill overwrite this setting - dns_
suffixes Sequence[str] - Global dns settings. To keep compatibility, dns settings in
ip_configandoob_ip_configwill overwrite this setting - extra_
routes Mapping[str, GatewaytemplateExtra Routes Args] - Property key is the destination CIDR (e.g. "10.0.0.0/8")
- extra_
routes6 Mapping[str, GatewaytemplateExtra Routes6Args] - Property key is the destination CIDR (e.g. "2a02:1234:420a:10c9::/64")
- idp_
profiles Mapping[str, GatewaytemplateIdp Profiles Args] - Property key is the profile name
- ip_
configs Mapping[str, GatewaytemplateIp Configs Args] - Property key is the network name
- name str
- networks
Sequence[Gatewaytemplate
Network Args] - ntp_
override bool - ntp_
servers Sequence[str] - List of NTP servers specific to this device. By default, those in Site Settings will be used
- oob_
ip_ Gatewaytemplateconfig Oob Ip Config Args - Out-of-band (vme/em0/fxp0) IP config
- org_
id str - path_
preferences Mapping[str, GatewaytemplatePath Preferences Args] - Property key is the path name
- port_
config Mapping[str, GatewaytemplatePort Config Args] - Property key is the Port Name (i.e. "ge-0/0/0"), the Ports Range (i.e. "ge-0/0/0-10"), the List of Ports (i.e. "ge-0/0/0,ge-1/0/0", only allowed for Aggregated or Redundant interfaces) or a Variable (i.e. "{{myvar}}").
- router_
id str - Auto assigned if not set
- routing_
policies Mapping[str, GatewaytemplateRouting Policies Args] - Property key is the routing policy name
- service_
policies Sequence[GatewaytemplateService Policy Args] - tunnel_
configs Mapping[str, GatewaytemplateTunnel Configs Args] - Property key is the tunnel name
- tunnel_
provider_ Gatewaytemplateoptions Tunnel Provider Options Args - type str
- enum:
spoke,standalone - vrf_
config GatewaytemplateVrf Config Args - vrf_
instances Mapping[str, GatewaytemplateVrf Instances Args] - Property key is the network name
- additional
Config List<String>Cmds - additional CLI commands to append to the generated Junos config. Note: no check is done
- bgp
Config Map<Property Map> - dhcpd
Config Property Map - dns
Override Boolean - dns
Servers List<String> - Global dns settings. To keep compatibility, dns settings in
ip_configandoob_ip_configwill overwrite this setting - dns
Suffixes List<String> - Global dns settings. To keep compatibility, dns settings in
ip_configandoob_ip_configwill overwrite this setting - extra
Routes Map<Property Map> - Property key is the destination CIDR (e.g. "10.0.0.0/8")
- extra
Routes6 Map<Property Map> - Property key is the destination CIDR (e.g. "2a02:1234:420a:10c9::/64")
- idp
Profiles Map<Property Map> - Property key is the profile name
- ip
Configs Map<Property Map> - Property key is the network name
- name String
- networks List<Property Map>
- ntp
Override Boolean - ntp
Servers List<String> - List of NTP servers specific to this device. By default, those in Site Settings will be used
- oob
Ip Property MapConfig - Out-of-band (vme/em0/fxp0) IP config
- org
Id String - path
Preferences Map<Property Map> - Property key is the path name
- port
Config Map<Property Map> - Property key is the Port Name (i.e. "ge-0/0/0"), the Ports Range (i.e. "ge-0/0/0-10"), the List of Ports (i.e. "ge-0/0/0,ge-1/0/0", only allowed for Aggregated or Redundant interfaces) or a Variable (i.e. "{{myvar}}").
- router
Id String - Auto assigned if not set
- routing
Policies Map<Property Map> - Property key is the routing policy name
- service
Policies List<Property Map> - tunnel
Configs Map<Property Map> - Property key is the tunnel name
- tunnel
Provider Property MapOptions - type String
- enum:
spoke,standalone - vrf
Config Property Map - vrf
Instances Map<Property Map> - Property key is the network name
Supporting Types
GatewaytemplateBgpConfig, GatewaytemplateBgpConfigArgs
- Auth
Key string - Bfd
Minimum intInterval - When bfd_multiplier is configured alone. Default:
- 1000 if
type==external - 350
type==internal
- 1000 if
- Bfd
Multiplier int - When bfd_minimum_interval_is_configured alone
- Disable
Bfd bool - BFD provides faster path failure detection and is enabled by default
- Export string
- Export
Policy string - Default export policies if no per-neighbor policies defined
- Extended
V4Nexthop bool - By default, either inet/net6 unicast depending on neighbor IP family (v4 or v6). For v6 neighbors, to exchange v4 nexthop, which allows dual-stack support, enable this
- Graceful
Restart intTime 0means disable- Hold
Time int - Import string
- Import
Policy string - Default import policies if no per-neighbor policies defined
- Local
As int - Neighbor
As int - Neighbors
Dictionary<string, Pulumi.
Juniper Mist. Org. Inputs. Gatewaytemplate Bgp Config Neighbors> - If per-neighbor as is desired. Property key is the neighbor address
- Networks List<string>
- If
type!=externalorvia==wannetworks where we expect BGP neighbor to connect to/from - No
Readvertise boolTo Overlay - By default, we'll re-advertise all learned BGP routers toward overlay
- Tunnel
Name string - If
type==tunnel - Type string
- enum:
external,internal - Via string
- network name. enum:
lan,tunnel,vpn,wan - Vpn
Name string - Wan
Name string - If
via==wan
- Auth
Key string - Bfd
Minimum intInterval - When bfd_multiplier is configured alone. Default:
- 1000 if
type==external - 350
type==internal
- 1000 if
- Bfd
Multiplier int - When bfd_minimum_interval_is_configured alone
- Disable
Bfd bool - BFD provides faster path failure detection and is enabled by default
- Export string
- Export
Policy string - Default export policies if no per-neighbor policies defined
- Extended
V4Nexthop bool - By default, either inet/net6 unicast depending on neighbor IP family (v4 or v6). For v6 neighbors, to exchange v4 nexthop, which allows dual-stack support, enable this
- Graceful
Restart intTime 0means disable- Hold
Time int - Import string
- Import
Policy string - Default import policies if no per-neighbor policies defined
- Local
As int - Neighbor
As int - Neighbors
map[string]Gatewaytemplate
Bgp Config Neighbors - If per-neighbor as is desired. Property key is the neighbor address
- Networks []string
- If
type!=externalorvia==wannetworks where we expect BGP neighbor to connect to/from - No
Readvertise boolTo Overlay - By default, we'll re-advertise all learned BGP routers toward overlay
- Tunnel
Name string - If
type==tunnel - Type string
- enum:
external,internal - Via string
- network name. enum:
lan,tunnel,vpn,wan - Vpn
Name string - Wan
Name string - If
via==wan
- auth
Key String - bfd
Minimum IntegerInterval - When bfd_multiplier is configured alone. Default:
- 1000 if
type==external - 350
type==internal
- 1000 if
- bfd
Multiplier Integer - When bfd_minimum_interval_is_configured alone
- disable
Bfd Boolean - BFD provides faster path failure detection and is enabled by default
- export String
- export
Policy String - Default export policies if no per-neighbor policies defined
- extended
V4Nexthop Boolean - By default, either inet/net6 unicast depending on neighbor IP family (v4 or v6). For v6 neighbors, to exchange v4 nexthop, which allows dual-stack support, enable this
- graceful
Restart IntegerTime 0means disable- hold
Time Integer - import
Policy String - Default import policies if no per-neighbor policies defined
- import_ String
- local
As Integer - neighbor
As Integer - neighbors
Map<String,Gatewaytemplate
Bgp Config Neighbors> - If per-neighbor as is desired. Property key is the neighbor address
- networks List<String>
- If
type!=externalorvia==wannetworks where we expect BGP neighbor to connect to/from - no
Readvertise BooleanTo Overlay - By default, we'll re-advertise all learned BGP routers toward overlay
- tunnel
Name String - If
type==tunnel - type String
- enum:
external,internal - via String
- network name. enum:
lan,tunnel,vpn,wan - vpn
Name String - wan
Name String - If
via==wan
- auth
Key string - bfd
Minimum numberInterval - When bfd_multiplier is configured alone. Default:
- 1000 if
type==external - 350
type==internal
- 1000 if
- bfd
Multiplier number - When bfd_minimum_interval_is_configured alone
- disable
Bfd boolean - BFD provides faster path failure detection and is enabled by default
- export string
- export
Policy string - Default export policies if no per-neighbor policies defined
- extended
V4Nexthop boolean - By default, either inet/net6 unicast depending on neighbor IP family (v4 or v6). For v6 neighbors, to exchange v4 nexthop, which allows dual-stack support, enable this
- graceful
Restart numberTime 0means disable- hold
Time number - import string
- import
Policy string - Default import policies if no per-neighbor policies defined
- local
As number - neighbor
As number - neighbors
{[key: string]: Gatewaytemplate
Bgp Config Neighbors} - If per-neighbor as is desired. Property key is the neighbor address
- networks string[]
- If
type!=externalorvia==wannetworks where we expect BGP neighbor to connect to/from - no
Readvertise booleanTo Overlay - By default, we'll re-advertise all learned BGP routers toward overlay
- tunnel
Name string - If
type==tunnel - type string
- enum:
external,internal - via string
- network name. enum:
lan,tunnel,vpn,wan - vpn
Name string - wan
Name string - If
via==wan
- auth_
key str - bfd_
minimum_ intinterval - When bfd_multiplier is configured alone. Default:
- 1000 if
type==external - 350
type==internal
- 1000 if
- bfd_
multiplier int - When bfd_minimum_interval_is_configured alone
- disable_
bfd bool - BFD provides faster path failure detection and is enabled by default
- export str
- export_
policy str - Default export policies if no per-neighbor policies defined
- extended_
v4_ boolnexthop - By default, either inet/net6 unicast depending on neighbor IP family (v4 or v6). For v6 neighbors, to exchange v4 nexthop, which allows dual-stack support, enable this
- graceful_
restart_ inttime 0means disable- hold_
time int - import_ str
- import_
policy str - Default import policies if no per-neighbor policies defined
- local_
as int - neighbor_
as int - neighbors
Mapping[str, Gatewaytemplate
Bgp Config Neighbors] - If per-neighbor as is desired. Property key is the neighbor address
- networks Sequence[str]
- If
type!=externalorvia==wannetworks where we expect BGP neighbor to connect to/from - no_
readvertise_ boolto_ overlay - By default, we'll re-advertise all learned BGP routers toward overlay
- tunnel_
name str - If
type==tunnel - type str
- enum:
external,internal - via str
- network name. enum:
lan,tunnel,vpn,wan - vpn_
name str - wan_
name str - If
via==wan
- auth
Key String - bfd
Minimum NumberInterval - When bfd_multiplier is configured alone. Default:
- 1000 if
type==external - 350
type==internal
- 1000 if
- bfd
Multiplier Number - When bfd_minimum_interval_is_configured alone
- disable
Bfd Boolean - BFD provides faster path failure detection and is enabled by default
- export String
- export
Policy String - Default export policies if no per-neighbor policies defined
- extended
V4Nexthop Boolean - By default, either inet/net6 unicast depending on neighbor IP family (v4 or v6). For v6 neighbors, to exchange v4 nexthop, which allows dual-stack support, enable this
- graceful
Restart NumberTime 0means disable- hold
Time Number - import String
- import
Policy String - Default import policies if no per-neighbor policies defined
- local
As Number - neighbor
As Number - neighbors Map<Property Map>
- If per-neighbor as is desired. Property key is the neighbor address
- networks List<String>
- If
type!=externalorvia==wannetworks where we expect BGP neighbor to connect to/from - no
Readvertise BooleanTo Overlay - By default, we'll re-advertise all learned BGP routers toward overlay
- tunnel
Name String - If
type==tunnel - type String
- enum:
external,internal - via String
- network name. enum:
lan,tunnel,vpn,wan - vpn
Name String - wan
Name String - If
via==wan
GatewaytemplateBgpConfigNeighbors, GatewaytemplateBgpConfigNeighborsArgs
- Disabled bool
- If true, the BGP session to this neighbor will be administratively disabled/shutdown
- Export
Policy string - Hold
Time int - Import
Policy string - Multihop
Ttl int - Assuming BGP neighbor is directly connected
- Neighbor
As int
- Disabled bool
- If true, the BGP session to this neighbor will be administratively disabled/shutdown
- Export
Policy string - Hold
Time int - Import
Policy string - Multihop
Ttl int - Assuming BGP neighbor is directly connected
- Neighbor
As int
- disabled Boolean
- If true, the BGP session to this neighbor will be administratively disabled/shutdown
- export
Policy String - hold
Time Integer - import
Policy String - multihop
Ttl Integer - Assuming BGP neighbor is directly connected
- neighbor
As Integer
- disabled boolean
- If true, the BGP session to this neighbor will be administratively disabled/shutdown
- export
Policy string - hold
Time number - import
Policy string - multihop
Ttl number - Assuming BGP neighbor is directly connected
- neighbor
As number
- disabled bool
- If true, the BGP session to this neighbor will be administratively disabled/shutdown
- export_
policy str - hold_
time int - import_
policy str - multihop_
ttl int - Assuming BGP neighbor is directly connected
- neighbor_
as int
- disabled Boolean
- If true, the BGP session to this neighbor will be administratively disabled/shutdown
- export
Policy String - hold
Time Number - import
Policy String - multihop
Ttl Number - Assuming BGP neighbor is directly connected
- neighbor
As Number
GatewaytemplateDhcpdConfig, GatewaytemplateDhcpdConfigArgs
GatewaytemplateDhcpdConfigConfig, GatewaytemplateDhcpdConfigConfigArgs
- Dns
Servers List<string> - If
type==localortype6==local- optional, if not defined, system one will be used - Dns
Suffixes List<string> - If
type==localortype6==local- optional, if not defined, system one will be used - Fixed
Bindings Dictionary<string, Pulumi.Juniper Mist. Org. Inputs. Gatewaytemplate Dhcpd Config Config Fixed Bindings> - If
type==localortype6==local. Property key is the MAC Address. Format is[0-9a-f]{12}(e.g "5684dae9ac8b") - Gateway string
- If
type==local- optional,ipwill be used if not provided - Ip
End string - If
type==local - Ip
End6 string - If
type6==local - Ip
Start string - If
type==local - Ip
Start6 string - If
type6==local - Lease
Time int - In seconds, lease time has to be between 3600 [1hr] - 604800 [1 week], default is 86400 [1 day]
- Options
Dictionary<string, Pulumi.
Juniper Mist. Org. Inputs. Gatewaytemplate Dhcpd Config Config Options> - If
type==localortype6==local. Property key is the DHCP option number - Server
Id boolOverride server_id_override==truemeans the device, when acts as DHCP relay and forwards DHCP responses from DHCP server to clients, should overwrite the Sever Identifier option (i.e. DHCP option 54) in DHCP responses with its own IP address.- Servers List<string>
- If
type==relay - Servers6s List<string>
- If
type6==relay - Type string
- enum:
local(DHCP Server),none,relay(DHCP Relay) - Type6 string
- enum:
local(DHCP Server),none,relay(DHCP Relay) - Vendor
Encapsulated Dictionary<string, Pulumi.Juniper Mist. Org. Inputs. Gatewaytemplate Dhcpd Config Config Vendor Encapsulated> - If
type==localortype6==local. Property key is :, with- enterprise number: 1-65535 (https://www.iana.org/assignments/enterprise-numbers/enterprise-numbers)
- sub option code: 1-255, sub-option code
- Dns
Servers []string - If
type==localortype6==local- optional, if not defined, system one will be used - Dns
Suffixes []string - If
type==localortype6==local- optional, if not defined, system one will be used - Fixed
Bindings map[string]GatewaytemplateDhcpd Config Config Fixed Bindings - If
type==localortype6==local. Property key is the MAC Address. Format is[0-9a-f]{12}(e.g "5684dae9ac8b") - Gateway string
- If
type==local- optional,ipwill be used if not provided - Ip
End string - If
type==local - Ip
End6 string - If
type6==local - Ip
Start string - If
type==local - Ip
Start6 string - If
type6==local - Lease
Time int - In seconds, lease time has to be between 3600 [1hr] - 604800 [1 week], default is 86400 [1 day]
- Options
map[string]Gatewaytemplate
Dhcpd Config Config Options - If
type==localortype6==local. Property key is the DHCP option number - Server
Id boolOverride server_id_override==truemeans the device, when acts as DHCP relay and forwards DHCP responses from DHCP server to clients, should overwrite the Sever Identifier option (i.e. DHCP option 54) in DHCP responses with its own IP address.- Servers []string
- If
type==relay - Servers6s []string
- If
type6==relay - Type string
- enum:
local(DHCP Server),none,relay(DHCP Relay) - Type6 string
- enum:
local(DHCP Server),none,relay(DHCP Relay) - Vendor
Encapsulated map[string]GatewaytemplateDhcpd Config Config Vendor Encapsulated - If
type==localortype6==local. Property key is :, with- enterprise number: 1-65535 (https://www.iana.org/assignments/enterprise-numbers/enterprise-numbers)
- sub option code: 1-255, sub-option code
- dns
Servers List<String> - If
type==localortype6==local- optional, if not defined, system one will be used - dns
Suffixes List<String> - If
type==localortype6==local- optional, if not defined, system one will be used - fixed
Bindings Map<String,GatewaytemplateDhcpd Config Config Fixed Bindings> - If
type==localortype6==local. Property key is the MAC Address. Format is[0-9a-f]{12}(e.g "5684dae9ac8b") - gateway String
- If
type==local- optional,ipwill be used if not provided - ip
End String - If
type==local - ip
End6 String - If
type6==local - ip
Start String - If
type==local - ip
Start6 String - If
type6==local - lease
Time Integer - In seconds, lease time has to be between 3600 [1hr] - 604800 [1 week], default is 86400 [1 day]
- options
Map<String,Gatewaytemplate
Dhcpd Config Config Options> - If
type==localortype6==local. Property key is the DHCP option number - server
Id BooleanOverride server_id_override==truemeans the device, when acts as DHCP relay and forwards DHCP responses from DHCP server to clients, should overwrite the Sever Identifier option (i.e. DHCP option 54) in DHCP responses with its own IP address.- servers List<String>
- If
type==relay - servers6s List<String>
- If
type6==relay - type String
- enum:
local(DHCP Server),none,relay(DHCP Relay) - type6 String
- enum:
local(DHCP Server),none,relay(DHCP Relay) - vendor
Encapsulated Map<String,GatewaytemplateDhcpd Config Config Vendor Encapsulated> - If
type==localortype6==local. Property key is :, with- enterprise number: 1-65535 (https://www.iana.org/assignments/enterprise-numbers/enterprise-numbers)
- sub option code: 1-255, sub-option code
- dns
Servers string[] - If
type==localortype6==local- optional, if not defined, system one will be used - dns
Suffixes string[] - If
type==localortype6==local- optional, if not defined, system one will be used - fixed
Bindings {[key: string]: GatewaytemplateDhcpd Config Config Fixed Bindings} - If
type==localortype6==local. Property key is the MAC Address. Format is[0-9a-f]{12}(e.g "5684dae9ac8b") - gateway string
- If
type==local- optional,ipwill be used if not provided - ip
End string - If
type==local - ip
End6 string - If
type6==local - ip
Start string - If
type==local - ip
Start6 string - If
type6==local - lease
Time number - In seconds, lease time has to be between 3600 [1hr] - 604800 [1 week], default is 86400 [1 day]
- options
{[key: string]: Gatewaytemplate
Dhcpd Config Config Options} - If
type==localortype6==local. Property key is the DHCP option number - server
Id booleanOverride server_id_override==truemeans the device, when acts as DHCP relay and forwards DHCP responses from DHCP server to clients, should overwrite the Sever Identifier option (i.e. DHCP option 54) in DHCP responses with its own IP address.- servers string[]
- If
type==relay - servers6s string[]
- If
type6==relay - type string
- enum:
local(DHCP Server),none,relay(DHCP Relay) - type6 string
- enum:
local(DHCP Server),none,relay(DHCP Relay) - vendor
Encapsulated {[key: string]: GatewaytemplateDhcpd Config Config Vendor Encapsulated} - If
type==localortype6==local. Property key is :, with- enterprise number: 1-65535 (https://www.iana.org/assignments/enterprise-numbers/enterprise-numbers)
- sub option code: 1-255, sub-option code
- dns_
servers Sequence[str] - If
type==localortype6==local- optional, if not defined, system one will be used - dns_
suffixes Sequence[str] - If
type==localortype6==local- optional, if not defined, system one will be used - fixed_
bindings Mapping[str, GatewaytemplateDhcpd Config Config Fixed Bindings] - If
type==localortype6==local. Property key is the MAC Address. Format is[0-9a-f]{12}(e.g "5684dae9ac8b") - gateway str
- If
type==local- optional,ipwill be used if not provided - ip_
end str - If
type==local - ip_
end6 str - If
type6==local - ip_
start str - If
type==local - ip_
start6 str - If
type6==local - lease_
time int - In seconds, lease time has to be between 3600 [1hr] - 604800 [1 week], default is 86400 [1 day]
- options
Mapping[str, Gatewaytemplate
Dhcpd Config Config Options] - If
type==localortype6==local. Property key is the DHCP option number - server_
id_ booloverride server_id_override==truemeans the device, when acts as DHCP relay and forwards DHCP responses from DHCP server to clients, should overwrite the Sever Identifier option (i.e. DHCP option 54) in DHCP responses with its own IP address.- servers Sequence[str]
- If
type==relay - servers6s Sequence[str]
- If
type6==relay - type str
- enum:
local(DHCP Server),none,relay(DHCP Relay) - type6 str
- enum:
local(DHCP Server),none,relay(DHCP Relay) - vendor_
encapsulated Mapping[str, GatewaytemplateDhcpd Config Config Vendor Encapsulated] - If
type==localortype6==local. Property key is :, with- enterprise number: 1-65535 (https://www.iana.org/assignments/enterprise-numbers/enterprise-numbers)
- sub option code: 1-255, sub-option code
- dns
Servers List<String> - If
type==localortype6==local- optional, if not defined, system one will be used - dns
Suffixes List<String> - If
type==localortype6==local- optional, if not defined, system one will be used - fixed
Bindings Map<Property Map> - If
type==localortype6==local. Property key is the MAC Address. Format is[0-9a-f]{12}(e.g "5684dae9ac8b") - gateway String
- If
type==local- optional,ipwill be used if not provided - ip
End String - If
type==local - ip
End6 String - If
type6==local - ip
Start String - If
type==local - ip
Start6 String - If
type6==local - lease
Time Number - In seconds, lease time has to be between 3600 [1hr] - 604800 [1 week], default is 86400 [1 day]
- options Map<Property Map>
- If
type==localortype6==local. Property key is the DHCP option number - server
Id BooleanOverride server_id_override==truemeans the device, when acts as DHCP relay and forwards DHCP responses from DHCP server to clients, should overwrite the Sever Identifier option (i.e. DHCP option 54) in DHCP responses with its own IP address.- servers List<String>
- If
type==relay - servers6s List<String>
- If
type6==relay - type String
- enum:
local(DHCP Server),none,relay(DHCP Relay) - type6 String
- enum:
local(DHCP Server),none,relay(DHCP Relay) - vendor
Encapsulated Map<Property Map> - If
type==localortype6==local. Property key is :, with- enterprise number: 1-65535 (https://www.iana.org/assignments/enterprise-numbers/enterprise-numbers)
- sub option code: 1-255, sub-option code
GatewaytemplateDhcpdConfigConfigFixedBindings, GatewaytemplateDhcpdConfigConfigFixedBindingsArgs
GatewaytemplateDhcpdConfigConfigOptions, GatewaytemplateDhcpdConfigConfigOptionsArgs
GatewaytemplateDhcpdConfigConfigVendorEncapsulated, GatewaytemplateDhcpdConfigConfigVendorEncapsulatedArgs
GatewaytemplateExtraRoutes, GatewaytemplateExtraRoutesArgs
- Via string
- Via string
- via String
- via string
- via str
- via String
GatewaytemplateExtraRoutes6, GatewaytemplateExtraRoutes6Args
- Via string
- Via string
- via String
- via string
- via str
- via String
GatewaytemplateIdpProfiles, GatewaytemplateIdpProfilesArgs
- Base
Profile string - enum:
critical,standard,strict - Name string
- Org
Id string - Overwrites
List<Pulumi.
Juniper Mist. Org. Inputs. Gatewaytemplate Idp Profiles Overwrite>
- Base
Profile string - enum:
critical,standard,strict - Name string
- Org
Id string - Overwrites
[]Gatewaytemplate
Idp Profiles Overwrite
- base
Profile String - enum:
critical,standard,strict - name String
- org
Id String - overwrites
List<Gatewaytemplate
Idp Profiles Overwrite>
- base
Profile string - enum:
critical,standard,strict - name string
- org
Id string - overwrites
Gatewaytemplate
Idp Profiles Overwrite[]
- base_
profile str - enum:
critical,standard,strict - name str
- org_
id str - overwrites
Sequence[Gatewaytemplate
Idp Profiles Overwrite]
- base
Profile String - enum:
critical,standard,strict - name String
- org
Id String - overwrites List<Property Map>
GatewaytemplateIdpProfilesOverwrite, GatewaytemplateIdpProfilesOverwriteArgs
- Action string
- enum:
- alert (default)
- drop: siliently dropping packets
- close: notify client/server to close connection
- Matching
Pulumi.
Juniper Mist. Org. Inputs. Gatewaytemplate Idp Profiles Overwrite Matching - Name string
- Action string
- enum:
- alert (default)
- drop: siliently dropping packets
- close: notify client/server to close connection
- Matching
Gatewaytemplate
Idp Profiles Overwrite Matching - Name string
- action String
- enum:
- alert (default)
- drop: siliently dropping packets
- close: notify client/server to close connection
- matching
Gatewaytemplate
Idp Profiles Overwrite Matching - name String
- action string
- enum:
- alert (default)
- drop: siliently dropping packets
- close: notify client/server to close connection
- matching
Gatewaytemplate
Idp Profiles Overwrite Matching - name string
- action str
- enum:
- alert (default)
- drop: siliently dropping packets
- close: notify client/server to close connection
- matching
Gatewaytemplate
Idp Profiles Overwrite Matching - name str
- action String
- enum:
- alert (default)
- drop: siliently dropping packets
- close: notify client/server to close connection
- matching Property Map
- name String
GatewaytemplateIdpProfilesOverwriteMatching, GatewaytemplateIdpProfilesOverwriteMatchingArgs
- Attack
Names List<string> - Dst
Subnets List<string> - Severities List<string>
- Attack
Names []string - Dst
Subnets []string - Severities []string
- attack
Names List<String> - dst
Subnets List<String> - severities List<String>
- attack
Names string[] - dst
Subnets string[] - severities string[]
- attack_
names Sequence[str] - dst_
subnets Sequence[str] - severities Sequence[str]
- attack
Names List<String> - dst
Subnets List<String> - severities List<String>
GatewaytemplateIpConfigs, GatewaytemplateIpConfigsArgs
- Ip string
- Netmask string
- Secondary
Ips List<string> - Optional list of secondary IPs in CIDR format
- Type string
- enum:
dhcp,static
- Ip string
- Netmask string
- Secondary
Ips []string - Optional list of secondary IPs in CIDR format
- Type string
- enum:
dhcp,static
- ip String
- netmask String
- secondary
Ips List<String> - Optional list of secondary IPs in CIDR format
- type String
- enum:
dhcp,static
- ip string
- netmask string
- secondary
Ips string[] - Optional list of secondary IPs in CIDR format
- type string
- enum:
dhcp,static
- ip str
- netmask str
- secondary_
ips Sequence[str] - Optional list of secondary IPs in CIDR format
- type str
- enum:
dhcp,static
- ip String
- netmask String
- secondary
Ips List<String> - Optional list of secondary IPs in CIDR format
- type String
- enum:
dhcp,static
GatewaytemplateNetwork, GatewaytemplateNetworkArgs
- Name string
- Subnet string
- Disallow
Mist boolServices - Whether to disallow Mist Devices in the network
- Gateway string
- Gateway6 string
- Internal
Access Pulumi.Juniper Mist. Org. Inputs. Gatewaytemplate Network Internal Access - Internet
Access Pulumi.Juniper Mist. Org. Inputs. Gatewaytemplate Network Internet Access - Whether this network has direct internet access
- Isolation bool
- Whether to allow clients in the network to talk to each other
- Multicast
Pulumi.
Juniper Mist. Org. Inputs. Gatewaytemplate Network Multicast - Whether to enable multicast support (only PIM-sparse mode is supported)
- Routed
For List<string>Networks - For a Network (usually LAN), it can be routable to other networks (e.g. OSPF)
- Subnet6 string
- Tenants
Dictionary<string, Pulumi.
Juniper Mist. Org. Inputs. Gatewaytemplate Network Tenants> - Property key must be the user/tenant name (i.e. "printer-1") or a Variable (i.e. "{{myvar}}")
- Vlan
Id string - Vpn
Access Dictionary<string, Pulumi.Juniper Mist. Org. Inputs. Gatewaytemplate Network Vpn Access> - Property key is the VPN name. Whether this network can be accessed from vpn
- Name string
- Subnet string
- Disallow
Mist boolServices - Whether to disallow Mist Devices in the network
- Gateway string
- Gateway6 string
- Internal
Access GatewaytemplateNetwork Internal Access - Internet
Access GatewaytemplateNetwork Internet Access - Whether this network has direct internet access
- Isolation bool
- Whether to allow clients in the network to talk to each other
- Multicast
Gatewaytemplate
Network Multicast - Whether to enable multicast support (only PIM-sparse mode is supported)
- Routed
For []stringNetworks - For a Network (usually LAN), it can be routable to other networks (e.g. OSPF)
- Subnet6 string
- Tenants
map[string]Gatewaytemplate
Network Tenants - Property key must be the user/tenant name (i.e. "printer-1") or a Variable (i.e. "{{myvar}}")
- Vlan
Id string - Vpn
Access map[string]GatewaytemplateNetwork Vpn Access - Property key is the VPN name. Whether this network can be accessed from vpn
- name String
- subnet String
- disallow
Mist BooleanServices - Whether to disallow Mist Devices in the network
- gateway String
- gateway6 String
- internal
Access GatewaytemplateNetwork Internal Access - internet
Access GatewaytemplateNetwork Internet Access - Whether this network has direct internet access
- isolation Boolean
- Whether to allow clients in the network to talk to each other
- multicast
Gatewaytemplate
Network Multicast - Whether to enable multicast support (only PIM-sparse mode is supported)
- routed
For List<String>Networks - For a Network (usually LAN), it can be routable to other networks (e.g. OSPF)
- subnet6 String
- tenants
Map<String,Gatewaytemplate
Network Tenants> - Property key must be the user/tenant name (i.e. "printer-1") or a Variable (i.e. "{{myvar}}")
- vlan
Id String - vpn
Access Map<String,GatewaytemplateNetwork Vpn Access> - Property key is the VPN name. Whether this network can be accessed from vpn
- name string
- subnet string
- disallow
Mist booleanServices - Whether to disallow Mist Devices in the network
- gateway string
- gateway6 string
- internal
Access GatewaytemplateNetwork Internal Access - internet
Access GatewaytemplateNetwork Internet Access - Whether this network has direct internet access
- isolation boolean
- Whether to allow clients in the network to talk to each other
- multicast
Gatewaytemplate
Network Multicast - Whether to enable multicast support (only PIM-sparse mode is supported)
- routed
For string[]Networks - For a Network (usually LAN), it can be routable to other networks (e.g. OSPF)
- subnet6 string
- tenants
{[key: string]: Gatewaytemplate
Network Tenants} - Property key must be the user/tenant name (i.e. "printer-1") or a Variable (i.e. "{{myvar}}")
- vlan
Id string - vpn
Access {[key: string]: GatewaytemplateNetwork Vpn Access} - Property key is the VPN name. Whether this network can be accessed from vpn
- name str
- subnet str
- disallow_
mist_ boolservices - Whether to disallow Mist Devices in the network
- gateway str
- gateway6 str
- internal_
access GatewaytemplateNetwork Internal Access - internet_
access GatewaytemplateNetwork Internet Access - Whether this network has direct internet access
- isolation bool
- Whether to allow clients in the network to talk to each other
- multicast
Gatewaytemplate
Network Multicast - Whether to enable multicast support (only PIM-sparse mode is supported)
- routed_
for_ Sequence[str]networks - For a Network (usually LAN), it can be routable to other networks (e.g. OSPF)
- subnet6 str
- tenants
Mapping[str, Gatewaytemplate
Network Tenants] - Property key must be the user/tenant name (i.e. "printer-1") or a Variable (i.e. "{{myvar}}")
- vlan_
id str - vpn_
access Mapping[str, GatewaytemplateNetwork Vpn Access] - Property key is the VPN name. Whether this network can be accessed from vpn
- name String
- subnet String
- disallow
Mist BooleanServices - Whether to disallow Mist Devices in the network
- gateway String
- gateway6 String
- internal
Access Property Map - internet
Access Property Map - Whether this network has direct internet access
- isolation Boolean
- Whether to allow clients in the network to talk to each other
- multicast Property Map
- Whether to enable multicast support (only PIM-sparse mode is supported)
- routed
For List<String>Networks - For a Network (usually LAN), it can be routable to other networks (e.g. OSPF)
- subnet6 String
- tenants Map<Property Map>
- Property key must be the user/tenant name (i.e. "printer-1") or a Variable (i.e. "{{myvar}}")
- vlan
Id String - vpn
Access Map<Property Map> - Property key is the VPN name. Whether this network can be accessed from vpn
GatewaytemplateNetworkInternalAccess, GatewaytemplateNetworkInternalAccessArgs
- Enabled bool
- Enabled bool
- enabled Boolean
- enabled boolean
- enabled bool
- enabled Boolean
GatewaytemplateNetworkInternetAccess, GatewaytemplateNetworkInternetAccessArgs
- Create
Simple boolService Policy - Destination
Nat Dictionary<string, Pulumi.Juniper Mist. Org. Inputs. Gatewaytemplate Network Internet Access Destination Nat> - Property key can be an External IP (i.e. "63.16.0.3"), an External IP:Port (i.e. "63.16.0.3:443"), an External Port (i.e. ":443"), an External CIDR (i.e. "63.16.0.0/30"), an External CIDR:Port (i.e. "63.16.0.0/30:443") or a Variable (i.e. "{{myvar}}"). At least one of the
internal_iporportmust be defined - Enabled bool
- Restricted bool
- By default, all access is allowed, to only allow certain traffic, make
restricted=trueand define service_policies - Static
Nat Dictionary<string, Pulumi.Juniper Mist. Org. Inputs. Gatewaytemplate Network Internet Access Static Nat> - Property key may be an External IP Address (i.e. "63.16.0.3"), a CIDR (i.e. "63.16.0.12/20") or a Variable (i.e. "{{myvar}}")
- Create
Simple boolService Policy - Destination
Nat map[string]GatewaytemplateNetwork Internet Access Destination Nat - Property key can be an External IP (i.e. "63.16.0.3"), an External IP:Port (i.e. "63.16.0.3:443"), an External Port (i.e. ":443"), an External CIDR (i.e. "63.16.0.0/30"), an External CIDR:Port (i.e. "63.16.0.0/30:443") or a Variable (i.e. "{{myvar}}"). At least one of the
internal_iporportmust be defined - Enabled bool
- Restricted bool
- By default, all access is allowed, to only allow certain traffic, make
restricted=trueand define service_policies - Static
Nat map[string]GatewaytemplateNetwork Internet Access Static Nat - Property key may be an External IP Address (i.e. "63.16.0.3"), a CIDR (i.e. "63.16.0.12/20") or a Variable (i.e. "{{myvar}}")
- create
Simple BooleanService Policy - destination
Nat Map<String,GatewaytemplateNetwork Internet Access Destination Nat> - Property key can be an External IP (i.e. "63.16.0.3"), an External IP:Port (i.e. "63.16.0.3:443"), an External Port (i.e. ":443"), an External CIDR (i.e. "63.16.0.0/30"), an External CIDR:Port (i.e. "63.16.0.0/30:443") or a Variable (i.e. "{{myvar}}"). At least one of the
internal_iporportmust be defined - enabled Boolean
- restricted Boolean
- By default, all access is allowed, to only allow certain traffic, make
restricted=trueand define service_policies - static
Nat Map<String,GatewaytemplateNetwork Internet Access Static Nat> - Property key may be an External IP Address (i.e. "63.16.0.3"), a CIDR (i.e. "63.16.0.12/20") or a Variable (i.e. "{{myvar}}")
- create
Simple booleanService Policy - destination
Nat {[key: string]: GatewaytemplateNetwork Internet Access Destination Nat} - Property key can be an External IP (i.e. "63.16.0.3"), an External IP:Port (i.e. "63.16.0.3:443"), an External Port (i.e. ":443"), an External CIDR (i.e. "63.16.0.0/30"), an External CIDR:Port (i.e. "63.16.0.0/30:443") or a Variable (i.e. "{{myvar}}"). At least one of the
internal_iporportmust be defined - enabled boolean
- restricted boolean
- By default, all access is allowed, to only allow certain traffic, make
restricted=trueand define service_policies - static
Nat {[key: string]: GatewaytemplateNetwork Internet Access Static Nat} - Property key may be an External IP Address (i.e. "63.16.0.3"), a CIDR (i.e. "63.16.0.12/20") or a Variable (i.e. "{{myvar}}")
- create_
simple_ boolservice_ policy - destination_
nat Mapping[str, GatewaytemplateNetwork Internet Access Destination Nat] - Property key can be an External IP (i.e. "63.16.0.3"), an External IP:Port (i.e. "63.16.0.3:443"), an External Port (i.e. ":443"), an External CIDR (i.e. "63.16.0.0/30"), an External CIDR:Port (i.e. "63.16.0.0/30:443") or a Variable (i.e. "{{myvar}}"). At least one of the
internal_iporportmust be defined - enabled bool
- restricted bool
- By default, all access is allowed, to only allow certain traffic, make
restricted=trueand define service_policies - static_
nat Mapping[str, GatewaytemplateNetwork Internet Access Static Nat] - Property key may be an External IP Address (i.e. "63.16.0.3"), a CIDR (i.e. "63.16.0.12/20") or a Variable (i.e. "{{myvar}}")
- create
Simple BooleanService Policy - destination
Nat Map<Property Map> - Property key can be an External IP (i.e. "63.16.0.3"), an External IP:Port (i.e. "63.16.0.3:443"), an External Port (i.e. ":443"), an External CIDR (i.e. "63.16.0.0/30"), an External CIDR:Port (i.e. "63.16.0.0/30:443") or a Variable (i.e. "{{myvar}}"). At least one of the
internal_iporportmust be defined - enabled Boolean
- restricted Boolean
- By default, all access is allowed, to only allow certain traffic, make
restricted=trueand define service_policies - static
Nat Map<Property Map> - Property key may be an External IP Address (i.e. "63.16.0.3"), a CIDR (i.e. "63.16.0.12/20") or a Variable (i.e. "{{myvar}}")
GatewaytemplateNetworkInternetAccessDestinationNat, GatewaytemplateNetworkInternetAccessDestinationNatArgs
- Internal
Ip string - The Destination NAT destination IP Address. Must be an IP (i.e. "192.168.70.30") or a Variable (i.e. "{{myvar}}")
- Name string
- Port string
- The Destination NAT destination IP Address. Must be a Port (i.e. "443") or a Variable (i.e. "{{myvar}}")
- Wan
Name string - SRX Only. If not set, we configure the nat policies against all WAN ports for simplicity
- Internal
Ip string - The Destination NAT destination IP Address. Must be an IP (i.e. "192.168.70.30") or a Variable (i.e. "{{myvar}}")
- Name string
- Port string
- The Destination NAT destination IP Address. Must be a Port (i.e. "443") or a Variable (i.e. "{{myvar}}")
- Wan
Name string - SRX Only. If not set, we configure the nat policies against all WAN ports for simplicity
- internal
Ip String - The Destination NAT destination IP Address. Must be an IP (i.e. "192.168.70.30") or a Variable (i.e. "{{myvar}}")
- name String
- port String
- The Destination NAT destination IP Address. Must be a Port (i.e. "443") or a Variable (i.e. "{{myvar}}")
- wan
Name String - SRX Only. If not set, we configure the nat policies against all WAN ports for simplicity
- internal
Ip string - The Destination NAT destination IP Address. Must be an IP (i.e. "192.168.70.30") or a Variable (i.e. "{{myvar}}")
- name string
- port string
- The Destination NAT destination IP Address. Must be a Port (i.e. "443") or a Variable (i.e. "{{myvar}}")
- wan
Name string - SRX Only. If not set, we configure the nat policies against all WAN ports for simplicity
- internal_
ip str - The Destination NAT destination IP Address. Must be an IP (i.e. "192.168.70.30") or a Variable (i.e. "{{myvar}}")
- name str
- port str
- The Destination NAT destination IP Address. Must be a Port (i.e. "443") or a Variable (i.e. "{{myvar}}")
- wan_
name str - SRX Only. If not set, we configure the nat policies against all WAN ports for simplicity
- internal
Ip String - The Destination NAT destination IP Address. Must be an IP (i.e. "192.168.70.30") or a Variable (i.e. "{{myvar}}")
- name String
- port String
- The Destination NAT destination IP Address. Must be a Port (i.e. "443") or a Variable (i.e. "{{myvar}}")
- wan
Name String - SRX Only. If not set, we configure the nat policies against all WAN ports for simplicity
GatewaytemplateNetworkInternetAccessStaticNat, GatewaytemplateNetworkInternetAccessStaticNatArgs
- Internal
Ip string - The Static NAT destination IP Address. Must be an IP Address (i.e. "192.168.70.3") or a Variable (i.e. "{{myvar}}")
- Name string
- Wan
Name string - SRX Only. If not set, we configure the nat policies against all WAN ports for simplicity. Can be a Variable (i.e. "{{myvar}}")
- Internal
Ip string - The Static NAT destination IP Address. Must be an IP Address (i.e. "192.168.70.3") or a Variable (i.e. "{{myvar}}")
- Name string
- Wan
Name string - SRX Only. If not set, we configure the nat policies against all WAN ports for simplicity. Can be a Variable (i.e. "{{myvar}}")
- internal
Ip String - The Static NAT destination IP Address. Must be an IP Address (i.e. "192.168.70.3") or a Variable (i.e. "{{myvar}}")
- name String
- wan
Name String - SRX Only. If not set, we configure the nat policies against all WAN ports for simplicity. Can be a Variable (i.e. "{{myvar}}")
- internal
Ip string - The Static NAT destination IP Address. Must be an IP Address (i.e. "192.168.70.3") or a Variable (i.e. "{{myvar}}")
- name string
- wan
Name string - SRX Only. If not set, we configure the nat policies against all WAN ports for simplicity. Can be a Variable (i.e. "{{myvar}}")
- internal_
ip str - The Static NAT destination IP Address. Must be an IP Address (i.e. "192.168.70.3") or a Variable (i.e. "{{myvar}}")
- name str
- wan_
name str - SRX Only. If not set, we configure the nat policies against all WAN ports for simplicity. Can be a Variable (i.e. "{{myvar}}")
- internal
Ip String - The Static NAT destination IP Address. Must be an IP Address (i.e. "192.168.70.3") or a Variable (i.e. "{{myvar}}")
- name String
- wan
Name String - SRX Only. If not set, we configure the nat policies against all WAN ports for simplicity. Can be a Variable (i.e. "{{myvar}}")
GatewaytemplateNetworkMulticast, GatewaytemplateNetworkMulticastArgs
- Disable
Igmp bool - If the network will only be the soruce of the multicast traffic, IGMP can be disabled
- Enabled bool
- Groups
Dictionary<string, Pulumi.
Juniper Mist. Org. Inputs. Gatewaytemplate Network Multicast Groups> - Group address to RP (rendezvous point) mapping. Property Key is the CIDR (example "225.1.0.3/32")
- Disable
Igmp bool - If the network will only be the soruce of the multicast traffic, IGMP can be disabled
- Enabled bool
- Groups
map[string]Gatewaytemplate
Network Multicast Groups - Group address to RP (rendezvous point) mapping. Property Key is the CIDR (example "225.1.0.3/32")
- disable
Igmp Boolean - If the network will only be the soruce of the multicast traffic, IGMP can be disabled
- enabled Boolean
- groups
Map<String,Gatewaytemplate
Network Multicast Groups> - Group address to RP (rendezvous point) mapping. Property Key is the CIDR (example "225.1.0.3/32")
- disable
Igmp boolean - If the network will only be the soruce of the multicast traffic, IGMP can be disabled
- enabled boolean
- groups
{[key: string]: Gatewaytemplate
Network Multicast Groups} - Group address to RP (rendezvous point) mapping. Property Key is the CIDR (example "225.1.0.3/32")
- disable_
igmp bool - If the network will only be the soruce of the multicast traffic, IGMP can be disabled
- enabled bool
- groups
Mapping[str, Gatewaytemplate
Network Multicast Groups] - Group address to RP (rendezvous point) mapping. Property Key is the CIDR (example "225.1.0.3/32")
- disable
Igmp Boolean - If the network will only be the soruce of the multicast traffic, IGMP can be disabled
- enabled Boolean
- groups Map<Property Map>
- Group address to RP (rendezvous point) mapping. Property Key is the CIDR (example "225.1.0.3/32")
GatewaytemplateNetworkMulticastGroups, GatewaytemplateNetworkMulticastGroupsArgs
- Rp
Ip string - RP (rendezvous point) IP Address
- Rp
Ip string - RP (rendezvous point) IP Address
- rp
Ip String - RP (rendezvous point) IP Address
- rp
Ip string - RP (rendezvous point) IP Address
- rp_
ip str - RP (rendezvous point) IP Address
- rp
Ip String - RP (rendezvous point) IP Address
GatewaytemplateNetworkTenants, GatewaytemplateNetworkTenantsArgs
- Addresses List<string>
- Addresses []string
- addresses List<String>
- addresses string[]
- addresses Sequence[str]
- addresses List<String>
GatewaytemplateNetworkVpnAccess, GatewaytemplateNetworkVpnAccessArgs
- Advertised
Subnet string - If
routed==true, whether to advertise an aggregated subnet toward HUB this is useful when there are multiple networks on SPOKE's side - Allow
Ping bool - Whether to allow ping from vpn into this routed network
- Destination
Nat Dictionary<string, Pulumi.Juniper Mist. Org. Inputs. Gatewaytemplate Network Vpn Access Destination Nat> - Property key can be an External IP (i.e. "63.16.0.3"), an External IP:Port (i.e. "63.16.0.3:443"), an External Port (i.e. ":443"), an External CIDR (i.e. "63.16.0.0/30"), an External CIDR:Port (i.e. "63.16.0.0/30:443") or a Variable (i.e. "{{myvar}}"). At least one of the
internal_iporportmust be defined - Nat
Pool string - If
routed==false(usually at Spoke), but some hosts needs to be reachable from Hub, a subnet is required to create and advertise the route to Hub - No
Readvertise boolTo Lan Bgp - toward LAN-side BGP peers
- No
Readvertise boolTo Lan Ospf - toward LAN-side OSPF peers
- No
Readvertise boolTo Overlay - toward overlay, how HUB should deal with routes it received from Spokes
- Other
Vrfs List<string> - By default, the routes are only readvertised toward the same vrf on spoke. To allow it to be leaked to other vrfs
- Routed bool
- Whether this network is routable
- Source
Nat Pulumi.Juniper Mist. Org. Inputs. Gatewaytemplate Network Vpn Access Source Nat - If
routed==false(usually at Spoke), but some hosts needs to be reachable from Hub - Static
Nat Dictionary<string, Pulumi.Juniper Mist. Org. Inputs. Gatewaytemplate Network Vpn Access Static Nat> - Property key may be an External IP Address (i.e. "63.16.0.3"), a CIDR (i.e. "63.16.0.12/20") or a Variable (i.e. "{{myvar}}")
- Summarized
Subnet string - toward overlay, how HUB should deal with routes it received from Spokes
- Summarized
Subnet stringTo Lan Bgp - toward LAN-side BGP peers
- Summarized
Subnet stringTo Lan Ospf - toward LAN-side OSPF peers
- Advertised
Subnet string - If
routed==true, whether to advertise an aggregated subnet toward HUB this is useful when there are multiple networks on SPOKE's side - Allow
Ping bool - Whether to allow ping from vpn into this routed network
- Destination
Nat map[string]GatewaytemplateNetwork Vpn Access Destination Nat - Property key can be an External IP (i.e. "63.16.0.3"), an External IP:Port (i.e. "63.16.0.3:443"), an External Port (i.e. ":443"), an External CIDR (i.e. "63.16.0.0/30"), an External CIDR:Port (i.e. "63.16.0.0/30:443") or a Variable (i.e. "{{myvar}}"). At least one of the
internal_iporportmust be defined - Nat
Pool string - If
routed==false(usually at Spoke), but some hosts needs to be reachable from Hub, a subnet is required to create and advertise the route to Hub - No
Readvertise boolTo Lan Bgp - toward LAN-side BGP peers
- No
Readvertise boolTo Lan Ospf - toward LAN-side OSPF peers
- No
Readvertise boolTo Overlay - toward overlay, how HUB should deal with routes it received from Spokes
- Other
Vrfs []string - By default, the routes are only readvertised toward the same vrf on spoke. To allow it to be leaked to other vrfs
- Routed bool
- Whether this network is routable
- Source
Nat GatewaytemplateNetwork Vpn Access Source Nat - If
routed==false(usually at Spoke), but some hosts needs to be reachable from Hub - Static
Nat map[string]GatewaytemplateNetwork Vpn Access Static Nat - Property key may be an External IP Address (i.e. "63.16.0.3"), a CIDR (i.e. "63.16.0.12/20") or a Variable (i.e. "{{myvar}}")
- Summarized
Subnet string - toward overlay, how HUB should deal with routes it received from Spokes
- Summarized
Subnet stringTo Lan Bgp - toward LAN-side BGP peers
- Summarized
Subnet stringTo Lan Ospf - toward LAN-side OSPF peers
- advertised
Subnet String - If
routed==true, whether to advertise an aggregated subnet toward HUB this is useful when there are multiple networks on SPOKE's side - allow
Ping Boolean - Whether to allow ping from vpn into this routed network
- destination
Nat Map<String,GatewaytemplateNetwork Vpn Access Destination Nat> - Property key can be an External IP (i.e. "63.16.0.3"), an External IP:Port (i.e. "63.16.0.3:443"), an External Port (i.e. ":443"), an External CIDR (i.e. "63.16.0.0/30"), an External CIDR:Port (i.e. "63.16.0.0/30:443") or a Variable (i.e. "{{myvar}}"). At least one of the
internal_iporportmust be defined - nat
Pool String - If
routed==false(usually at Spoke), but some hosts needs to be reachable from Hub, a subnet is required to create and advertise the route to Hub - no
Readvertise BooleanTo Lan Bgp - toward LAN-side BGP peers
- no
Readvertise BooleanTo Lan Ospf - toward LAN-side OSPF peers
- no
Readvertise BooleanTo Overlay - toward overlay, how HUB should deal with routes it received from Spokes
- other
Vrfs List<String> - By default, the routes are only readvertised toward the same vrf on spoke. To allow it to be leaked to other vrfs
- routed Boolean
- Whether this network is routable
- source
Nat GatewaytemplateNetwork Vpn Access Source Nat - If
routed==false(usually at Spoke), but some hosts needs to be reachable from Hub - static
Nat Map<String,GatewaytemplateNetwork Vpn Access Static Nat> - Property key may be an External IP Address (i.e. "63.16.0.3"), a CIDR (i.e. "63.16.0.12/20") or a Variable (i.e. "{{myvar}}")
- summarized
Subnet String - toward overlay, how HUB should deal with routes it received from Spokes
- summarized
Subnet StringTo Lan Bgp - toward LAN-side BGP peers
- summarized
Subnet StringTo Lan Ospf - toward LAN-side OSPF peers
- advertised
Subnet string - If
routed==true, whether to advertise an aggregated subnet toward HUB this is useful when there are multiple networks on SPOKE's side - allow
Ping boolean - Whether to allow ping from vpn into this routed network
- destination
Nat {[key: string]: GatewaytemplateNetwork Vpn Access Destination Nat} - Property key can be an External IP (i.e. "63.16.0.3"), an External IP:Port (i.e. "63.16.0.3:443"), an External Port (i.e. ":443"), an External CIDR (i.e. "63.16.0.0/30"), an External CIDR:Port (i.e. "63.16.0.0/30:443") or a Variable (i.e. "{{myvar}}"). At least one of the
internal_iporportmust be defined - nat
Pool string - If
routed==false(usually at Spoke), but some hosts needs to be reachable from Hub, a subnet is required to create and advertise the route to Hub - no
Readvertise booleanTo Lan Bgp - toward LAN-side BGP peers
- no
Readvertise booleanTo Lan Ospf - toward LAN-side OSPF peers
- no
Readvertise booleanTo Overlay - toward overlay, how HUB should deal with routes it received from Spokes
- other
Vrfs string[] - By default, the routes are only readvertised toward the same vrf on spoke. To allow it to be leaked to other vrfs
- routed boolean
- Whether this network is routable
- source
Nat GatewaytemplateNetwork Vpn Access Source Nat - If
routed==false(usually at Spoke), but some hosts needs to be reachable from Hub - static
Nat {[key: string]: GatewaytemplateNetwork Vpn Access Static Nat} - Property key may be an External IP Address (i.e. "63.16.0.3"), a CIDR (i.e. "63.16.0.12/20") or a Variable (i.e. "{{myvar}}")
- summarized
Subnet string - toward overlay, how HUB should deal with routes it received from Spokes
- summarized
Subnet stringTo Lan Bgp - toward LAN-side BGP peers
- summarized
Subnet stringTo Lan Ospf - toward LAN-side OSPF peers
- advertised_
subnet str - If
routed==true, whether to advertise an aggregated subnet toward HUB this is useful when there are multiple networks on SPOKE's side - allow_
ping bool - Whether to allow ping from vpn into this routed network
- destination_
nat Mapping[str, GatewaytemplateNetwork Vpn Access Destination Nat] - Property key can be an External IP (i.e. "63.16.0.3"), an External IP:Port (i.e. "63.16.0.3:443"), an External Port (i.e. ":443"), an External CIDR (i.e. "63.16.0.0/30"), an External CIDR:Port (i.e. "63.16.0.0/30:443") or a Variable (i.e. "{{myvar}}"). At least one of the
internal_iporportmust be defined - nat_
pool str - If
routed==false(usually at Spoke), but some hosts needs to be reachable from Hub, a subnet is required to create and advertise the route to Hub - no_
readvertise_ boolto_ lan_ bgp - toward LAN-side BGP peers
- no_
readvertise_ boolto_ lan_ ospf - toward LAN-side OSPF peers
- no_
readvertise_ boolto_ overlay - toward overlay, how HUB should deal with routes it received from Spokes
- other_
vrfs Sequence[str] - By default, the routes are only readvertised toward the same vrf on spoke. To allow it to be leaked to other vrfs
- routed bool
- Whether this network is routable
- source_
nat GatewaytemplateNetwork Vpn Access Source Nat - If
routed==false(usually at Spoke), but some hosts needs to be reachable from Hub - static_
nat Mapping[str, GatewaytemplateNetwork Vpn Access Static Nat] - Property key may be an External IP Address (i.e. "63.16.0.3"), a CIDR (i.e. "63.16.0.12/20") or a Variable (i.e. "{{myvar}}")
- summarized_
subnet str - toward overlay, how HUB should deal with routes it received from Spokes
- summarized_
subnet_ strto_ lan_ bgp - toward LAN-side BGP peers
- summarized_
subnet_ strto_ lan_ ospf - toward LAN-side OSPF peers
- advertised
Subnet String - If
routed==true, whether to advertise an aggregated subnet toward HUB this is useful when there are multiple networks on SPOKE's side - allow
Ping Boolean - Whether to allow ping from vpn into this routed network
- destination
Nat Map<Property Map> - Property key can be an External IP (i.e. "63.16.0.3"), an External IP:Port (i.e. "63.16.0.3:443"), an External Port (i.e. ":443"), an External CIDR (i.e. "63.16.0.0/30"), an External CIDR:Port (i.e. "63.16.0.0/30:443") or a Variable (i.e. "{{myvar}}"). At least one of the
internal_iporportmust be defined - nat
Pool String - If
routed==false(usually at Spoke), but some hosts needs to be reachable from Hub, a subnet is required to create and advertise the route to Hub - no
Readvertise BooleanTo Lan Bgp - toward LAN-side BGP peers
- no
Readvertise BooleanTo Lan Ospf - toward LAN-side OSPF peers
- no
Readvertise BooleanTo Overlay - toward overlay, how HUB should deal with routes it received from Spokes
- other
Vrfs List<String> - By default, the routes are only readvertised toward the same vrf on spoke. To allow it to be leaked to other vrfs
- routed Boolean
- Whether this network is routable
- source
Nat Property Map - If
routed==false(usually at Spoke), but some hosts needs to be reachable from Hub - static
Nat Map<Property Map> - Property key may be an External IP Address (i.e. "63.16.0.3"), a CIDR (i.e. "63.16.0.12/20") or a Variable (i.e. "{{myvar}}")
- summarized
Subnet String - toward overlay, how HUB should deal with routes it received from Spokes
- summarized
Subnet StringTo Lan Bgp - toward LAN-side BGP peers
- summarized
Subnet StringTo Lan Ospf - toward LAN-side OSPF peers
GatewaytemplateNetworkVpnAccessDestinationNat, GatewaytemplateNetworkVpnAccessDestinationNatArgs
- Internal
Ip string - The Destination NAT destination IP Address. Must be an IP (i.e. "192.168.70.30") or a Variable (i.e. "{{myvar}}")
- Name string
- Port string
- Internal
Ip string - The Destination NAT destination IP Address. Must be an IP (i.e. "192.168.70.30") or a Variable (i.e. "{{myvar}}")
- Name string
- Port string
- internal
Ip String - The Destination NAT destination IP Address. Must be an IP (i.e. "192.168.70.30") or a Variable (i.e. "{{myvar}}")
- name String
- port String
- internal
Ip string - The Destination NAT destination IP Address. Must be an IP (i.e. "192.168.70.30") or a Variable (i.e. "{{myvar}}")
- name string
- port string
- internal_
ip str - The Destination NAT destination IP Address. Must be an IP (i.e. "192.168.70.30") or a Variable (i.e. "{{myvar}}")
- name str
- port str
- internal
Ip String - The Destination NAT destination IP Address. Must be an IP (i.e. "192.168.70.30") or a Variable (i.e. "{{myvar}}")
- name String
- port String
GatewaytemplateNetworkVpnAccessSourceNat, GatewaytemplateNetworkVpnAccessSourceNatArgs
- External
Ip string
- External
Ip string
- external
Ip String
- external
Ip string
- external_
ip str
- external
Ip String
GatewaytemplateNetworkVpnAccessStaticNat, GatewaytemplateNetworkVpnAccessStaticNatArgs
- Internal
Ip string - The Static NAT destination IP Address. Must be an IP Address (i.e. "192.168.70.3") or a Variable (i.e. "{{myvar}}")
- Name string
- Internal
Ip string - The Static NAT destination IP Address. Must be an IP Address (i.e. "192.168.70.3") or a Variable (i.e. "{{myvar}}")
- Name string
- internal
Ip String - The Static NAT destination IP Address. Must be an IP Address (i.e. "192.168.70.3") or a Variable (i.e. "{{myvar}}")
- name String
- internal
Ip string - The Static NAT destination IP Address. Must be an IP Address (i.e. "192.168.70.3") or a Variable (i.e. "{{myvar}}")
- name string
- internal_
ip str - The Static NAT destination IP Address. Must be an IP Address (i.e. "192.168.70.3") or a Variable (i.e. "{{myvar}}")
- name str
- internal
Ip String - The Static NAT destination IP Address. Must be an IP Address (i.e. "192.168.70.3") or a Variable (i.e. "{{myvar}}")
- name String
GatewaytemplateOobIpConfig, GatewaytemplateOobIpConfigArgs
- Gateway string
- If
type==static - Ip string
- If
type==static - Netmask string
- If
type==static - Node1
Pulumi.
Juniper Mist. Org. Inputs. Gatewaytemplate Oob Ip Config Node1 - For HA Cluster, node1 can have different IP Config
- Type string
- enum:
dhcp,static - Use
Mgmt boolVrf - If supported on the platform. If enabled, DNS will be using this routing-instance, too
- Use
Mgmt boolVrf For Host Out - For host-out traffic (NTP/TACPLUS/RADIUS/SYSLOG/SNMP), if alternative source network/ip is desired
- Vlan
Id string
- Gateway string
- If
type==static - Ip string
- If
type==static - Netmask string
- If
type==static - Node1
Gatewaytemplate
Oob Ip Config Node1 - For HA Cluster, node1 can have different IP Config
- Type string
- enum:
dhcp,static - Use
Mgmt boolVrf - If supported on the platform. If enabled, DNS will be using this routing-instance, too
- Use
Mgmt boolVrf For Host Out - For host-out traffic (NTP/TACPLUS/RADIUS/SYSLOG/SNMP), if alternative source network/ip is desired
- Vlan
Id string
- gateway String
- If
type==static - ip String
- If
type==static - netmask String
- If
type==static - node1
Gatewaytemplate
Oob Ip Config Node1 - For HA Cluster, node1 can have different IP Config
- type String
- enum:
dhcp,static - use
Mgmt BooleanVrf - If supported on the platform. If enabled, DNS will be using this routing-instance, too
- use
Mgmt BooleanVrf For Host Out - For host-out traffic (NTP/TACPLUS/RADIUS/SYSLOG/SNMP), if alternative source network/ip is desired
- vlan
Id String
- gateway string
- If
type==static - ip string
- If
type==static - netmask string
- If
type==static - node1
Gatewaytemplate
Oob Ip Config Node1 - For HA Cluster, node1 can have different IP Config
- type string
- enum:
dhcp,static - use
Mgmt booleanVrf - If supported on the platform. If enabled, DNS will be using this routing-instance, too
- use
Mgmt booleanVrf For Host Out - For host-out traffic (NTP/TACPLUS/RADIUS/SYSLOG/SNMP), if alternative source network/ip is desired
- vlan
Id string
- gateway str
- If
type==static - ip str
- If
type==static - netmask str
- If
type==static - node1
Gatewaytemplate
Oob Ip Config Node1 - For HA Cluster, node1 can have different IP Config
- type str
- enum:
dhcp,static - use_
mgmt_ boolvrf - If supported on the platform. If enabled, DNS will be using this routing-instance, too
- use_
mgmt_ boolvrf_ for_ host_ out - For host-out traffic (NTP/TACPLUS/RADIUS/SYSLOG/SNMP), if alternative source network/ip is desired
- vlan_
id str
- gateway String
- If
type==static - ip String
- If
type==static - netmask String
- If
type==static - node1 Property Map
- For HA Cluster, node1 can have different IP Config
- type String
- enum:
dhcp,static - use
Mgmt BooleanVrf - If supported on the platform. If enabled, DNS will be using this routing-instance, too
- use
Mgmt BooleanVrf For Host Out - For host-out traffic (NTP/TACPLUS/RADIUS/SYSLOG/SNMP), if alternative source network/ip is desired
- vlan
Id String
GatewaytemplateOobIpConfigNode1, GatewaytemplateOobIpConfigNode1Args
- Gateway string
- If
type==static - Ip string
- Netmask string
- Used only if
subnetis not specified innetworks - Type string
- enum:
dhcp,static - Use
Mgmt boolVrf - If supported on the platform. If enabled, DNS will be using this routing-instance, too
- Use
Mgmt boolVrf For Host Out - Whether to use
mgmt_junosfor host-out traffic (NTP/TACPLUS/RADIUS/SYSLOG/SNMP), if alternative source network/ip is desired - Vlan
Id string
- Gateway string
- If
type==static - Ip string
- Netmask string
- Used only if
subnetis not specified innetworks - Type string
- enum:
dhcp,static - Use
Mgmt boolVrf - If supported on the platform. If enabled, DNS will be using this routing-instance, too
- Use
Mgmt boolVrf For Host Out - Whether to use
mgmt_junosfor host-out traffic (NTP/TACPLUS/RADIUS/SYSLOG/SNMP), if alternative source network/ip is desired - Vlan
Id string
- gateway String
- If
type==static - ip String
- netmask String
- Used only if
subnetis not specified innetworks - type String
- enum:
dhcp,static - use
Mgmt BooleanVrf - If supported on the platform. If enabled, DNS will be using this routing-instance, too
- use
Mgmt BooleanVrf For Host Out - Whether to use
mgmt_junosfor host-out traffic (NTP/TACPLUS/RADIUS/SYSLOG/SNMP), if alternative source network/ip is desired - vlan
Id String
- gateway string
- If
type==static - ip string
- netmask string
- Used only if
subnetis not specified innetworks - type string
- enum:
dhcp,static - use
Mgmt booleanVrf - If supported on the platform. If enabled, DNS will be using this routing-instance, too
- use
Mgmt booleanVrf For Host Out - Whether to use
mgmt_junosfor host-out traffic (NTP/TACPLUS/RADIUS/SYSLOG/SNMP), if alternative source network/ip is desired - vlan
Id string
- gateway str
- If
type==static - ip str
- netmask str
- Used only if
subnetis not specified innetworks - type str
- enum:
dhcp,static - use_
mgmt_ boolvrf - If supported on the platform. If enabled, DNS will be using this routing-instance, too
- use_
mgmt_ boolvrf_ for_ host_ out - Whether to use
mgmt_junosfor host-out traffic (NTP/TACPLUS/RADIUS/SYSLOG/SNMP), if alternative source network/ip is desired - vlan_
id str
- gateway String
- If
type==static - ip String
- netmask String
- Used only if
subnetis not specified innetworks - type String
- enum:
dhcp,static - use
Mgmt BooleanVrf - If supported on the platform. If enabled, DNS will be using this routing-instance, too
- use
Mgmt BooleanVrf For Host Out - Whether to use
mgmt_junosfor host-out traffic (NTP/TACPLUS/RADIUS/SYSLOG/SNMP), if alternative source network/ip is desired - vlan
Id String
GatewaytemplatePathPreferences, GatewaytemplatePathPreferencesArgs
- Paths
List<Pulumi.
Juniper Mist. Org. Inputs. Gatewaytemplate Path Preferences Path> - Strategy string
- enum:
ecmp,ordered,weighted
- Paths
[]Gatewaytemplate
Path Preferences Path - Strategy string
- enum:
ecmp,ordered,weighted
- paths
List<Gatewaytemplate
Path Preferences Path> - strategy String
- enum:
ecmp,ordered,weighted
- paths
Gatewaytemplate
Path Preferences Path[] - strategy string
- enum:
ecmp,ordered,weighted
- paths
Sequence[Gatewaytemplate
Path Preferences Path] - strategy str
- enum:
ecmp,ordered,weighted
- paths List<Property Map>
- strategy String
- enum:
ecmp,ordered,weighted
GatewaytemplatePathPreferencesPath, GatewaytemplatePathPreferencesPathArgs
- Cost int
- Disabled bool
- For SSR Only.
true, if this specific path is undesired - Gateway
Ip string - Only if
type==local, if a different gateway is desired - Internet
Access bool - Only if
type==vpn, if this vpn path can be used for internet - Name string
- Required when
type==vpn: the name of the VPN Path to usetype==wan: the name of the WAN interface to use
- Networks List<string>
- Required when
type==local - Target
Ips List<string> - If
type==local, if destination IP is to be replaced - Type string
- enum:
local,tunnel,vpn,wan - Wan
Name string - Optional if
type==vpn
- Cost int
- Disabled bool
- For SSR Only.
true, if this specific path is undesired - Gateway
Ip string - Only if
type==local, if a different gateway is desired - Internet
Access bool - Only if
type==vpn, if this vpn path can be used for internet - Name string
- Required when
type==vpn: the name of the VPN Path to usetype==wan: the name of the WAN interface to use
- Networks []string
- Required when
type==local - Target
Ips []string - If
type==local, if destination IP is to be replaced - Type string
- enum:
local,tunnel,vpn,wan - Wan
Name string - Optional if
type==vpn
- cost Integer
- disabled Boolean
- For SSR Only.
true, if this specific path is undesired - gateway
Ip String - Only if
type==local, if a different gateway is desired - internet
Access Boolean - Only if
type==vpn, if this vpn path can be used for internet - name String
- Required when
type==vpn: the name of the VPN Path to usetype==wan: the name of the WAN interface to use
- networks List<String>
- Required when
type==local - target
Ips List<String> - If
type==local, if destination IP is to be replaced - type String
- enum:
local,tunnel,vpn,wan - wan
Name String - Optional if
type==vpn
- cost number
- disabled boolean
- For SSR Only.
true, if this specific path is undesired - gateway
Ip string - Only if
type==local, if a different gateway is desired - internet
Access boolean - Only if
type==vpn, if this vpn path can be used for internet - name string
- Required when
type==vpn: the name of the VPN Path to usetype==wan: the name of the WAN interface to use
- networks string[]
- Required when
type==local - target
Ips string[] - If
type==local, if destination IP is to be replaced - type string
- enum:
local,tunnel,vpn,wan - wan
Name string - Optional if
type==vpn
- cost int
- disabled bool
- For SSR Only.
true, if this specific path is undesired - gateway_
ip str - Only if
type==local, if a different gateway is desired - internet_
access bool - Only if
type==vpn, if this vpn path can be used for internet - name str
- Required when
type==vpn: the name of the VPN Path to usetype==wan: the name of the WAN interface to use
- networks Sequence[str]
- Required when
type==local - target_
ips Sequence[str] - If
type==local, if destination IP is to be replaced - type str
- enum:
local,tunnel,vpn,wan - wan_
name str - Optional if
type==vpn
- cost Number
- disabled Boolean
- For SSR Only.
true, if this specific path is undesired - gateway
Ip String - Only if
type==local, if a different gateway is desired - internet
Access Boolean - Only if
type==vpn, if this vpn path can be used for internet - name String
- Required when
type==vpn: the name of the VPN Path to usetype==wan: the name of the WAN interface to use
- networks List<String>
- Required when
type==local - target
Ips List<String> - If
type==local, if destination IP is to be replaced - type String
- enum:
local,tunnel,vpn,wan - wan
Name String - Optional if
type==vpn
GatewaytemplatePortConfig, GatewaytemplatePortConfigArgs
- Usage string
- port usage name. enum:
ha_control,ha_data,lan,wan - Ae
Disable boolLacp - If
aggregated==true. To disable LCP support for the AE interface - Ae
Idx string - If
aggregated==true. Users could force to use the designated AE name (must be an integer between 0 and 127) - Ae
Lacp boolForce Up - For SRX Only, if
aggregated==true.Sets the state of the interface as UP when the peer has limited LACP capability. Use case: When a device connected to this AE port is ZTPing for the first time, it will not have LACP configured on the other end. Note: Turning this on will enable force-up on one of the interfaces in the bundle only - Aggregated bool
- Critical bool
- To generate port up/down alarm, set it to true
- Description string
- Interface Description. Can be a variable (i.e. "{{myvar}}")
- Disable
Autoneg bool - Disabled bool
- Port admin up (true) / down (false)
- Dsl
Type string - if
wan_type==dsl. enum:adsl,vdsl - Dsl
Vci int - If
wan_type==dsl, 16 bit int - Dsl
Vpi int - If
wan_type==dsl, 8 bit int - Duplex string
- enum:
auto,full,half - Ip
Config Pulumi.Juniper Mist. Org. Inputs. Gatewaytemplate Port Config Ip Config - Junos IP Config
- Lte
Apn string - If
wan_type==lte - Lte
Auth string - if
wan_type==lte. enum:chap,none,pap - Lte
Backup bool - Lte
Password string - If
wan_type==lte - Lte
Username string - If
wan_type==lte - Mtu int
- Name string
- Name that we'll use to derive config
- Networks List<string>
- if
usage==lan, name of thejunipermist.org.Networkresource - Outer
Vlan intId - For Q-in-Q
- Poe
Disabled bool - Port
Network string - Only for SRX and if
usage==lan, the name of the Network to be used as the Untagged VLAN - Preserve
Dscp bool - Whether to preserve dscp when sending traffic over VPN (SSR-only)
- Redundant bool
- If HA mode
- Reth
Idx int - If HA mode
- Reth
Node string - If HA mode
- Reth
Nodes List<string> - SSR only - supporting vlan-based redundancy (matching the size of
networks) - Speed string
- Ssr
No boolVirtual Mac - When SSR is running as VM, this is required on certain hosting platforms
- Svr
Port stringRange - For SSR only
- Traffic
Shaping Pulumi.Juniper Mist. Org. Inputs. Gatewaytemplate Port Config Traffic Shaping - Vlan
Id string - Vpn
Paths Dictionary<string, Pulumi.Juniper Mist. Org. Inputs. Gatewaytemplate Port Config Vpn Paths> - Property key is the VPN name
- Wan
Arp stringPolicer - Only when
wan_type==broadband. enum:default,max,recommended - Wan
Ext stringIp - Only if
usage==wan, optional. If spoke should reach this port by a different IP - Wan
Extra Dictionary<string, Pulumi.Routes Juniper Mist. Org. Inputs. Gatewaytemplate Port Config Wan Extra Routes> - Only if
usage==wan. Property Key is the destianation CIDR (e.g "100.100.100.0/24") - Wan
Networks List<string> - Only if
usage==wan. If some networks are connected to this WAN port, it can be added here so policies can be defined - Wan
Probe Pulumi.Override Juniper Mist. Org. Inputs. Gatewaytemplate Port Config Wan Probe Override - Only if
usage==wan - Wan
Source Pulumi.Nat Juniper Mist. Org. Inputs. Gatewaytemplate Port Config Wan Source Nat - Only if
usage==wan, optional. By default, source-NAT is performed on all WAN Ports using the interface-ip - Wan
Type string - Only if
usage==wan. enum:broadband,dsl,lte
- Usage string
- port usage name. enum:
ha_control,ha_data,lan,wan - Ae
Disable boolLacp - If
aggregated==true. To disable LCP support for the AE interface - Ae
Idx string - If
aggregated==true. Users could force to use the designated AE name (must be an integer between 0 and 127) - Ae
Lacp boolForce Up - For SRX Only, if
aggregated==true.Sets the state of the interface as UP when the peer has limited LACP capability. Use case: When a device connected to this AE port is ZTPing for the first time, it will not have LACP configured on the other end. Note: Turning this on will enable force-up on one of the interfaces in the bundle only - Aggregated bool
- Critical bool
- To generate port up/down alarm, set it to true
- Description string
- Interface Description. Can be a variable (i.e. "{{myvar}}")
- Disable
Autoneg bool - Disabled bool
- Port admin up (true) / down (false)
- Dsl
Type string - if
wan_type==dsl. enum:adsl,vdsl - Dsl
Vci int - If
wan_type==dsl, 16 bit int - Dsl
Vpi int - If
wan_type==dsl, 8 bit int - Duplex string
- enum:
auto,full,half - Ip
Config GatewaytemplatePort Config Ip Config - Junos IP Config
- Lte
Apn string - If
wan_type==lte - Lte
Auth string - if
wan_type==lte. enum:chap,none,pap - Lte
Backup bool - Lte
Password string - If
wan_type==lte - Lte
Username string - If
wan_type==lte - Mtu int
- Name string
- Name that we'll use to derive config
- Networks []string
- if
usage==lan, name of thejunipermist.org.Networkresource - Outer
Vlan intId - For Q-in-Q
- Poe
Disabled bool - Port
Network string - Only for SRX and if
usage==lan, the name of the Network to be used as the Untagged VLAN - Preserve
Dscp bool - Whether to preserve dscp when sending traffic over VPN (SSR-only)
- Redundant bool
- If HA mode
- Reth
Idx int - If HA mode
- Reth
Node string - If HA mode
- Reth
Nodes []string - SSR only - supporting vlan-based redundancy (matching the size of
networks) - Speed string
- Ssr
No boolVirtual Mac - When SSR is running as VM, this is required on certain hosting platforms
- Svr
Port stringRange - For SSR only
- Traffic
Shaping GatewaytemplatePort Config Traffic Shaping - Vlan
Id string - Vpn
Paths map[string]GatewaytemplatePort Config Vpn Paths - Property key is the VPN name
- Wan
Arp stringPolicer - Only when
wan_type==broadband. enum:default,max,recommended - Wan
Ext stringIp - Only if
usage==wan, optional. If spoke should reach this port by a different IP - Wan
Extra map[string]GatewaytemplateRoutes Port Config Wan Extra Routes - Only if
usage==wan. Property Key is the destianation CIDR (e.g "100.100.100.0/24") - Wan
Networks []string - Only if
usage==wan. If some networks are connected to this WAN port, it can be added here so policies can be defined - Wan
Probe GatewaytemplateOverride Port Config Wan Probe Override - Only if
usage==wan - Wan
Source GatewaytemplateNat Port Config Wan Source Nat - Only if
usage==wan, optional. By default, source-NAT is performed on all WAN Ports using the interface-ip - Wan
Type string - Only if
usage==wan. enum:broadband,dsl,lte
- usage String
- port usage name. enum:
ha_control,ha_data,lan,wan - ae
Disable BooleanLacp - If
aggregated==true. To disable LCP support for the AE interface - ae
Idx String - If
aggregated==true. Users could force to use the designated AE name (must be an integer between 0 and 127) - ae
Lacp BooleanForce Up - For SRX Only, if
aggregated==true.Sets the state of the interface as UP when the peer has limited LACP capability. Use case: When a device connected to this AE port is ZTPing for the first time, it will not have LACP configured on the other end. Note: Turning this on will enable force-up on one of the interfaces in the bundle only - aggregated Boolean
- critical Boolean
- To generate port up/down alarm, set it to true
- description String
- Interface Description. Can be a variable (i.e. "{{myvar}}")
- disable
Autoneg Boolean - disabled Boolean
- Port admin up (true) / down (false)
- dsl
Type String - if
wan_type==dsl. enum:adsl,vdsl - dsl
Vci Integer - If
wan_type==dsl, 16 bit int - dsl
Vpi Integer - If
wan_type==dsl, 8 bit int - duplex String
- enum:
auto,full,half - ip
Config GatewaytemplatePort Config Ip Config - Junos IP Config
- lte
Apn String - If
wan_type==lte - lte
Auth String - if
wan_type==lte. enum:chap,none,pap - lte
Backup Boolean - lte
Password String - If
wan_type==lte - lte
Username String - If
wan_type==lte - mtu Integer
- name String
- Name that we'll use to derive config
- networks List<String>
- if
usage==lan, name of thejunipermist.org.Networkresource - outer
Vlan IntegerId - For Q-in-Q
- poe
Disabled Boolean - port
Network String - Only for SRX and if
usage==lan, the name of the Network to be used as the Untagged VLAN - preserve
Dscp Boolean - Whether to preserve dscp when sending traffic over VPN (SSR-only)
- redundant Boolean
- If HA mode
- reth
Idx Integer - If HA mode
- reth
Node String - If HA mode
- reth
Nodes List<String> - SSR only - supporting vlan-based redundancy (matching the size of
networks) - speed String
- ssr
No BooleanVirtual Mac - When SSR is running as VM, this is required on certain hosting platforms
- svr
Port StringRange - For SSR only
- traffic
Shaping GatewaytemplatePort Config Traffic Shaping - vlan
Id String - vpn
Paths Map<String,GatewaytemplatePort Config Vpn Paths> - Property key is the VPN name
- wan
Arp StringPolicer - Only when
wan_type==broadband. enum:default,max,recommended - wan
Ext StringIp - Only if
usage==wan, optional. If spoke should reach this port by a different IP - wan
Extra Map<String,GatewaytemplateRoutes Port Config Wan Extra Routes> - Only if
usage==wan. Property Key is the destianation CIDR (e.g "100.100.100.0/24") - wan
Networks List<String> - Only if
usage==wan. If some networks are connected to this WAN port, it can be added here so policies can be defined - wan
Probe GatewaytemplateOverride Port Config Wan Probe Override - Only if
usage==wan - wan
Source GatewaytemplateNat Port Config Wan Source Nat - Only if
usage==wan, optional. By default, source-NAT is performed on all WAN Ports using the interface-ip - wan
Type String - Only if
usage==wan. enum:broadband,dsl,lte
- usage string
- port usage name. enum:
ha_control,ha_data,lan,wan - ae
Disable booleanLacp - If
aggregated==true. To disable LCP support for the AE interface - ae
Idx string - If
aggregated==true. Users could force to use the designated AE name (must be an integer between 0 and 127) - ae
Lacp booleanForce Up - For SRX Only, if
aggregated==true.Sets the state of the interface as UP when the peer has limited LACP capability. Use case: When a device connected to this AE port is ZTPing for the first time, it will not have LACP configured on the other end. Note: Turning this on will enable force-up on one of the interfaces in the bundle only - aggregated boolean
- critical boolean
- To generate port up/down alarm, set it to true
- description string
- Interface Description. Can be a variable (i.e. "{{myvar}}")
- disable
Autoneg boolean - disabled boolean
- Port admin up (true) / down (false)
- dsl
Type string - if
wan_type==dsl. enum:adsl,vdsl - dsl
Vci number - If
wan_type==dsl, 16 bit int - dsl
Vpi number - If
wan_type==dsl, 8 bit int - duplex string
- enum:
auto,full,half - ip
Config GatewaytemplatePort Config Ip Config - Junos IP Config
- lte
Apn string - If
wan_type==lte - lte
Auth string - if
wan_type==lte. enum:chap,none,pap - lte
Backup boolean - lte
Password string - If
wan_type==lte - lte
Username string - If
wan_type==lte - mtu number
- name string
- Name that we'll use to derive config
- networks string[]
- if
usage==lan, name of thejunipermist.org.Networkresource - outer
Vlan numberId - For Q-in-Q
- poe
Disabled boolean - port
Network string - Only for SRX and if
usage==lan, the name of the Network to be used as the Untagged VLAN - preserve
Dscp boolean - Whether to preserve dscp when sending traffic over VPN (SSR-only)
- redundant boolean
- If HA mode
- reth
Idx number - If HA mode
- reth
Node string - If HA mode
- reth
Nodes string[] - SSR only - supporting vlan-based redundancy (matching the size of
networks) - speed string
- ssr
No booleanVirtual Mac - When SSR is running as VM, this is required on certain hosting platforms
- svr
Port stringRange - For SSR only
- traffic
Shaping GatewaytemplatePort Config Traffic Shaping - vlan
Id string - vpn
Paths {[key: string]: GatewaytemplatePort Config Vpn Paths} - Property key is the VPN name
- wan
Arp stringPolicer - Only when
wan_type==broadband. enum:default,max,recommended - wan
Ext stringIp - Only if
usage==wan, optional. If spoke should reach this port by a different IP - wan
Extra {[key: string]: GatewaytemplateRoutes Port Config Wan Extra Routes} - Only if
usage==wan. Property Key is the destianation CIDR (e.g "100.100.100.0/24") - wan
Networks string[] - Only if
usage==wan. If some networks are connected to this WAN port, it can be added here so policies can be defined - wan
Probe GatewaytemplateOverride Port Config Wan Probe Override - Only if
usage==wan - wan
Source GatewaytemplateNat Port Config Wan Source Nat - Only if
usage==wan, optional. By default, source-NAT is performed on all WAN Ports using the interface-ip - wan
Type string - Only if
usage==wan. enum:broadband,dsl,lte
- usage str
- port usage name. enum:
ha_control,ha_data,lan,wan - ae_
disable_ boollacp - If
aggregated==true. To disable LCP support for the AE interface - ae_
idx str - If
aggregated==true. Users could force to use the designated AE name (must be an integer between 0 and 127) - ae_
lacp_ boolforce_ up - For SRX Only, if
aggregated==true.Sets the state of the interface as UP when the peer has limited LACP capability. Use case: When a device connected to this AE port is ZTPing for the first time, it will not have LACP configured on the other end. Note: Turning this on will enable force-up on one of the interfaces in the bundle only - aggregated bool
- critical bool
- To generate port up/down alarm, set it to true
- description str
- Interface Description. Can be a variable (i.e. "{{myvar}}")
- disable_
autoneg bool - disabled bool
- Port admin up (true) / down (false)
- dsl_
type str - if
wan_type==dsl. enum:adsl,vdsl - dsl_
vci int - If
wan_type==dsl, 16 bit int - dsl_
vpi int - If
wan_type==dsl, 8 bit int - duplex str
- enum:
auto,full,half - ip_
config GatewaytemplatePort Config Ip Config - Junos IP Config
- lte_
apn str - If
wan_type==lte - lte_
auth str - if
wan_type==lte. enum:chap,none,pap - lte_
backup bool - lte_
password str - If
wan_type==lte - lte_
username str - If
wan_type==lte - mtu int
- name str
- Name that we'll use to derive config
- networks Sequence[str]
- if
usage==lan, name of thejunipermist.org.Networkresource - outer_
vlan_ intid - For Q-in-Q
- poe_
disabled bool - port_
network str - Only for SRX and if
usage==lan, the name of the Network to be used as the Untagged VLAN - preserve_
dscp bool - Whether to preserve dscp when sending traffic over VPN (SSR-only)
- redundant bool
- If HA mode
- reth_
idx int - If HA mode
- reth_
node str - If HA mode
- reth_
nodes Sequence[str] - SSR only - supporting vlan-based redundancy (matching the size of
networks) - speed str
- ssr_
no_ boolvirtual_ mac - When SSR is running as VM, this is required on certain hosting platforms
- svr_
port_ strrange - For SSR only
- traffic_
shaping GatewaytemplatePort Config Traffic Shaping - vlan_
id str - vpn_
paths Mapping[str, GatewaytemplatePort Config Vpn Paths] - Property key is the VPN name
- wan_
arp_ strpolicer - Only when
wan_type==broadband. enum:default,max,recommended - wan_
ext_ strip - Only if
usage==wan, optional. If spoke should reach this port by a different IP - wan_
extra_ Mapping[str, Gatewaytemplateroutes Port Config Wan Extra Routes] - Only if
usage==wan. Property Key is the destianation CIDR (e.g "100.100.100.0/24") - wan_
networks Sequence[str] - Only if
usage==wan. If some networks are connected to this WAN port, it can be added here so policies can be defined - wan_
probe_ Gatewaytemplateoverride Port Config Wan Probe Override - Only if
usage==wan - wan_
source_ Gatewaytemplatenat Port Config Wan Source Nat - Only if
usage==wan, optional. By default, source-NAT is performed on all WAN Ports using the interface-ip - wan_
type str - Only if
usage==wan. enum:broadband,dsl,lte
- usage String
- port usage name. enum:
ha_control,ha_data,lan,wan - ae
Disable BooleanLacp - If
aggregated==true. To disable LCP support for the AE interface - ae
Idx String - If
aggregated==true. Users could force to use the designated AE name (must be an integer between 0 and 127) - ae
Lacp BooleanForce Up - For SRX Only, if
aggregated==true.Sets the state of the interface as UP when the peer has limited LACP capability. Use case: When a device connected to this AE port is ZTPing for the first time, it will not have LACP configured on the other end. Note: Turning this on will enable force-up on one of the interfaces in the bundle only - aggregated Boolean
- critical Boolean
- To generate port up/down alarm, set it to true
- description String
- Interface Description. Can be a variable (i.e. "{{myvar}}")
- disable
Autoneg Boolean - disabled Boolean
- Port admin up (true) / down (false)
- dsl
Type String - if
wan_type==dsl. enum:adsl,vdsl - dsl
Vci Number - If
wan_type==dsl, 16 bit int - dsl
Vpi Number - If
wan_type==dsl, 8 bit int - duplex String
- enum:
auto,full,half - ip
Config Property Map - Junos IP Config
- lte
Apn String - If
wan_type==lte - lte
Auth String - if
wan_type==lte. enum:chap,none,pap - lte
Backup Boolean - lte
Password String - If
wan_type==lte - lte
Username String - If
wan_type==lte - mtu Number
- name String
- Name that we'll use to derive config
- networks List<String>
- if
usage==lan, name of thejunipermist.org.Networkresource - outer
Vlan NumberId - For Q-in-Q
- poe
Disabled Boolean - port
Network String - Only for SRX and if
usage==lan, the name of the Network to be used as the Untagged VLAN - preserve
Dscp Boolean - Whether to preserve dscp when sending traffic over VPN (SSR-only)
- redundant Boolean
- If HA mode
- reth
Idx Number - If HA mode
- reth
Node String - If HA mode
- reth
Nodes List<String> - SSR only - supporting vlan-based redundancy (matching the size of
networks) - speed String
- ssr
No BooleanVirtual Mac - When SSR is running as VM, this is required on certain hosting platforms
- svr
Port StringRange - For SSR only
- traffic
Shaping Property Map - vlan
Id String - vpn
Paths Map<Property Map> - Property key is the VPN name
- wan
Arp StringPolicer - Only when
wan_type==broadband. enum:default,max,recommended - wan
Ext StringIp - Only if
usage==wan, optional. If spoke should reach this port by a different IP - wan
Extra Map<Property Map>Routes - Only if
usage==wan. Property Key is the destianation CIDR (e.g "100.100.100.0/24") - wan
Networks List<String> - Only if
usage==wan. If some networks are connected to this WAN port, it can be added here so policies can be defined - wan
Probe Property MapOverride - Only if
usage==wan - wan
Source Property MapNat - Only if
usage==wan, optional. By default, source-NAT is performed on all WAN Ports using the interface-ip - wan
Type String - Only if
usage==wan. enum:broadband,dsl,lte
GatewaytemplatePortConfigIpConfig, GatewaytemplatePortConfigIpConfigArgs
- Dns List<string>
- Except for out-of_band interface (vme/em0/fxp0)
- Dns
Suffixes List<string> - Except for out-of_band interface (vme/em0/fxp0)
- Gateway string
- Except for out-of_band interface (vme/em0/fxp0). Interface Default Gateway IP Address (i.e. "192.168.1.1") or a Variable (i.e. "{{myvar}}")
- Ip string
- Interface IP Address (i.e. "192.168.1.8") or a Variable (i.e. "{{myvar}}")
- Netmask string
- Used only if
subnetis not specified innetworks. Interface Netmask (i.e. "/24") or a Variable (i.e. "{{myvar}}") - Network string
- Optional, the network to be used for mgmt
- Poser
Password string - If
type==pppoe - Pppoe
Auth string - if
type==pppoe. enum:chap,none,pap - Pppoe
Username string - If
type==pppoe - Type string
- enum:
dhcp,pppoe,static
- Dns []string
- Except for out-of_band interface (vme/em0/fxp0)
- Dns
Suffixes []string - Except for out-of_band interface (vme/em0/fxp0)
- Gateway string
- Except for out-of_band interface (vme/em0/fxp0). Interface Default Gateway IP Address (i.e. "192.168.1.1") or a Variable (i.e. "{{myvar}}")
- Ip string
- Interface IP Address (i.e. "192.168.1.8") or a Variable (i.e. "{{myvar}}")
- Netmask string
- Used only if
subnetis not specified innetworks. Interface Netmask (i.e. "/24") or a Variable (i.e. "{{myvar}}") - Network string
- Optional, the network to be used for mgmt
- Poser
Password string - If
type==pppoe - Pppoe
Auth string - if
type==pppoe. enum:chap,none,pap - Pppoe
Username string - If
type==pppoe - Type string
- enum:
dhcp,pppoe,static
- dns List<String>
- Except for out-of_band interface (vme/em0/fxp0)
- dns
Suffixes List<String> - Except for out-of_band interface (vme/em0/fxp0)
- gateway String
- Except for out-of_band interface (vme/em0/fxp0). Interface Default Gateway IP Address (i.e. "192.168.1.1") or a Variable (i.e. "{{myvar}}")
- ip String
- Interface IP Address (i.e. "192.168.1.8") or a Variable (i.e. "{{myvar}}")
- netmask String
- Used only if
subnetis not specified innetworks. Interface Netmask (i.e. "/24") or a Variable (i.e. "{{myvar}}") - network String
- Optional, the network to be used for mgmt
- poser
Password String - If
type==pppoe - pppoe
Auth String - if
type==pppoe. enum:chap,none,pap - pppoe
Username String - If
type==pppoe - type String
- enum:
dhcp,pppoe,static
- dns string[]
- Except for out-of_band interface (vme/em0/fxp0)
- dns
Suffixes string[] - Except for out-of_band interface (vme/em0/fxp0)
- gateway string
- Except for out-of_band interface (vme/em0/fxp0). Interface Default Gateway IP Address (i.e. "192.168.1.1") or a Variable (i.e. "{{myvar}}")
- ip string
- Interface IP Address (i.e. "192.168.1.8") or a Variable (i.e. "{{myvar}}")
- netmask string
- Used only if
subnetis not specified innetworks. Interface Netmask (i.e. "/24") or a Variable (i.e. "{{myvar}}") - network string
- Optional, the network to be used for mgmt
- poser
Password string - If
type==pppoe - pppoe
Auth string - if
type==pppoe. enum:chap,none,pap - pppoe
Username string - If
type==pppoe - type string
- enum:
dhcp,pppoe,static
- dns Sequence[str]
- Except for out-of_band interface (vme/em0/fxp0)
- dns_
suffixes Sequence[str] - Except for out-of_band interface (vme/em0/fxp0)
- gateway str
- Except for out-of_band interface (vme/em0/fxp0). Interface Default Gateway IP Address (i.e. "192.168.1.1") or a Variable (i.e. "{{myvar}}")
- ip str
- Interface IP Address (i.e. "192.168.1.8") or a Variable (i.e. "{{myvar}}")
- netmask str
- Used only if
subnetis not specified innetworks. Interface Netmask (i.e. "/24") or a Variable (i.e. "{{myvar}}") - network str
- Optional, the network to be used for mgmt
- poser_
password str - If
type==pppoe - pppoe_
auth str - if
type==pppoe. enum:chap,none,pap - pppoe_
username str - If
type==pppoe - type str
- enum:
dhcp,pppoe,static
- dns List<String>
- Except for out-of_band interface (vme/em0/fxp0)
- dns
Suffixes List<String> - Except for out-of_band interface (vme/em0/fxp0)
- gateway String
- Except for out-of_band interface (vme/em0/fxp0). Interface Default Gateway IP Address (i.e. "192.168.1.1") or a Variable (i.e. "{{myvar}}")
- ip String
- Interface IP Address (i.e. "192.168.1.8") or a Variable (i.e. "{{myvar}}")
- netmask String
- Used only if
subnetis not specified innetworks. Interface Netmask (i.e. "/24") or a Variable (i.e. "{{myvar}}") - network String
- Optional, the network to be used for mgmt
- poser
Password String - If
type==pppoe - pppoe
Auth String - if
type==pppoe. enum:chap,none,pap - pppoe
Username String - If
type==pppoe - type String
- enum:
dhcp,pppoe,static
GatewaytemplatePortConfigTrafficShaping, GatewaytemplatePortConfigTrafficShapingArgs
- Class
Percentages List<int> - percentages for differet class of traffic: high / medium / low / best-effort. Sum must be equal to 100
- Enabled bool
- Max
Tx intKbps - Interface Transmit Cap in kbps
- Class
Percentages []int - percentages for differet class of traffic: high / medium / low / best-effort. Sum must be equal to 100
- Enabled bool
- Max
Tx intKbps - Interface Transmit Cap in kbps
- class
Percentages List<Integer> - percentages for differet class of traffic: high / medium / low / best-effort. Sum must be equal to 100
- enabled Boolean
- max
Tx IntegerKbps - Interface Transmit Cap in kbps
- class
Percentages number[] - percentages for differet class of traffic: high / medium / low / best-effort. Sum must be equal to 100
- enabled boolean
- max
Tx numberKbps - Interface Transmit Cap in kbps
- class_
percentages Sequence[int] - percentages for differet class of traffic: high / medium / low / best-effort. Sum must be equal to 100
- enabled bool
- max_
tx_ intkbps - Interface Transmit Cap in kbps
- class
Percentages List<Number> - percentages for differet class of traffic: high / medium / low / best-effort. Sum must be equal to 100
- enabled Boolean
- max
Tx NumberKbps - Interface Transmit Cap in kbps
GatewaytemplatePortConfigVpnPaths, GatewaytemplatePortConfigVpnPathsArgs
- Bfd
Profile string - Only if the VPN
type==hub_spoke. enum:broadband,lte - Bfd
Use boolTunnel Mode - Only if the VPN
type==hub_spoke. Whether to use tunnel mode. SSR only - Link
Name string - Only if the VPN
type==mesh - Preference int
- Only if the VPN
type==hub_spoke. For a given VPN, whenpath_selection.strategy==simple, the preference for a path (lower is preferred) - Role string
- Only if the VPN
type==hub_spoke. enum:hub,spoke - Traffic
Shaping Pulumi.Juniper Mist. Org. Inputs. Gatewaytemplate Port Config Vpn Paths Traffic Shaping
- Bfd
Profile string - Only if the VPN
type==hub_spoke. enum:broadband,lte - Bfd
Use boolTunnel Mode - Only if the VPN
type==hub_spoke. Whether to use tunnel mode. SSR only - Link
Name string - Only if the VPN
type==mesh - Preference int
- Only if the VPN
type==hub_spoke. For a given VPN, whenpath_selection.strategy==simple, the preference for a path (lower is preferred) - Role string
- Only if the VPN
type==hub_spoke. enum:hub,spoke - Traffic
Shaping GatewaytemplatePort Config Vpn Paths Traffic Shaping
- bfd
Profile String - Only if the VPN
type==hub_spoke. enum:broadband,lte - bfd
Use BooleanTunnel Mode - Only if the VPN
type==hub_spoke. Whether to use tunnel mode. SSR only - link
Name String - Only if the VPN
type==mesh - preference Integer
- Only if the VPN
type==hub_spoke. For a given VPN, whenpath_selection.strategy==simple, the preference for a path (lower is preferred) - role String
- Only if the VPN
type==hub_spoke. enum:hub,spoke - traffic
Shaping GatewaytemplatePort Config Vpn Paths Traffic Shaping
- bfd
Profile string - Only if the VPN
type==hub_spoke. enum:broadband,lte - bfd
Use booleanTunnel Mode - Only if the VPN
type==hub_spoke. Whether to use tunnel mode. SSR only - link
Name string - Only if the VPN
type==mesh - preference number
- Only if the VPN
type==hub_spoke. For a given VPN, whenpath_selection.strategy==simple, the preference for a path (lower is preferred) - role string
- Only if the VPN
type==hub_spoke. enum:hub,spoke - traffic
Shaping GatewaytemplatePort Config Vpn Paths Traffic Shaping
- bfd_
profile str - Only if the VPN
type==hub_spoke. enum:broadband,lte - bfd_
use_ booltunnel_ mode - Only if the VPN
type==hub_spoke. Whether to use tunnel mode. SSR only - link_
name str - Only if the VPN
type==mesh - preference int
- Only if the VPN
type==hub_spoke. For a given VPN, whenpath_selection.strategy==simple, the preference for a path (lower is preferred) - role str
- Only if the VPN
type==hub_spoke. enum:hub,spoke - traffic_
shaping GatewaytemplatePort Config Vpn Paths Traffic Shaping
- bfd
Profile String - Only if the VPN
type==hub_spoke. enum:broadband,lte - bfd
Use BooleanTunnel Mode - Only if the VPN
type==hub_spoke. Whether to use tunnel mode. SSR only - link
Name String - Only if the VPN
type==mesh - preference Number
- Only if the VPN
type==hub_spoke. For a given VPN, whenpath_selection.strategy==simple, the preference for a path (lower is preferred) - role String
- Only if the VPN
type==hub_spoke. enum:hub,spoke - traffic
Shaping Property Map
GatewaytemplatePortConfigVpnPathsTrafficShaping, GatewaytemplatePortConfigVpnPathsTrafficShapingArgs
- Class
Percentages List<int> - percentages for differet class of traffic: high / medium / low / best-effort. Sum must be equal to 100
- Enabled bool
- Max
Tx intKbps - Interface Transmit Cap in kbps
- Class
Percentages []int - percentages for differet class of traffic: high / medium / low / best-effort. Sum must be equal to 100
- Enabled bool
- Max
Tx intKbps - Interface Transmit Cap in kbps
- class
Percentages List<Integer> - percentages for differet class of traffic: high / medium / low / best-effort. Sum must be equal to 100
- enabled Boolean
- max
Tx IntegerKbps - Interface Transmit Cap in kbps
- class
Percentages number[] - percentages for differet class of traffic: high / medium / low / best-effort. Sum must be equal to 100
- enabled boolean
- max
Tx numberKbps - Interface Transmit Cap in kbps
- class_
percentages Sequence[int] - percentages for differet class of traffic: high / medium / low / best-effort. Sum must be equal to 100
- enabled bool
- max_
tx_ intkbps - Interface Transmit Cap in kbps
- class
Percentages List<Number> - percentages for differet class of traffic: high / medium / low / best-effort. Sum must be equal to 100
- enabled Boolean
- max
Tx NumberKbps - Interface Transmit Cap in kbps
GatewaytemplatePortConfigWanExtraRoutes, GatewaytemplatePortConfigWanExtraRoutesArgs
- Via string
- Via string
- via String
- via string
- via str
- via String
GatewaytemplatePortConfigWanProbeOverride, GatewaytemplatePortConfigWanProbeOverrideArgs
- Ips List<string>
- Probe
Profile string - enum:
broadband,lte
- Ips []string
- Probe
Profile string - enum:
broadband,lte
- ips List<String>
- probe
Profile String - enum:
broadband,lte
- ips string[]
- probe
Profile string - enum:
broadband,lte
- ips Sequence[str]
- probe_
profile str - enum:
broadband,lte
- ips List<String>
- probe
Profile String - enum:
broadband,lte
GatewaytemplatePortConfigWanSourceNat, GatewaytemplatePortConfigWanSourceNatArgs
GatewaytemplateRoutingPolicies, GatewaytemplateRoutingPoliciesArgs
- Terms
List<Pulumi.
Juniper Mist. Org. Inputs. Gatewaytemplate Routing Policies Term> - zero or more criteria/filter can be specified to match the term, all criteria have to be met
- Terms
[]Gatewaytemplate
Routing Policies Term - zero or more criteria/filter can be specified to match the term, all criteria have to be met
- terms
List<Gatewaytemplate
Routing Policies Term> - zero or more criteria/filter can be specified to match the term, all criteria have to be met
- terms
Gatewaytemplate
Routing Policies Term[] - zero or more criteria/filter can be specified to match the term, all criteria have to be met
- terms
Sequence[Gatewaytemplate
Routing Policies Term] - zero or more criteria/filter can be specified to match the term, all criteria have to be met
- terms List<Property Map>
- zero or more criteria/filter can be specified to match the term, all criteria have to be met
GatewaytemplateRoutingPoliciesTerm, GatewaytemplateRoutingPoliciesTermArgs
- Action
Pulumi.
Juniper Mist. Org. Inputs. Gatewaytemplate Routing Policies Term Action - When used as import policy
- Matching
Pulumi.
Juniper Mist. Org. Inputs. Gatewaytemplate Routing Policies Term Matching - zero or more criteria/filter can be specified to match the term, all criteria have to be met
- Action
Gatewaytemplate
Routing Policies Term Action - When used as import policy
- Matching
Gatewaytemplate
Routing Policies Term Matching - zero or more criteria/filter can be specified to match the term, all criteria have to be met
- action
Gatewaytemplate
Routing Policies Term Action - When used as import policy
- matching
Gatewaytemplate
Routing Policies Term Matching - zero or more criteria/filter can be specified to match the term, all criteria have to be met
- action
Gatewaytemplate
Routing Policies Term Action - When used as import policy
- matching
Gatewaytemplate
Routing Policies Term Matching - zero or more criteria/filter can be specified to match the term, all criteria have to be met
- action
Gatewaytemplate
Routing Policies Term Action - When used as import policy
- matching
Gatewaytemplate
Routing Policies Term Matching - zero or more criteria/filter can be specified to match the term, all criteria have to be met
- action Property Map
- When used as import policy
- matching Property Map
- zero or more criteria/filter can be specified to match the term, all criteria have to be met
GatewaytemplateRoutingPoliciesTermAction, GatewaytemplateRoutingPoliciesTermActionArgs
- Accept bool
- Add
Communities List<string> - Add
Target List<string>Vrfs - For SSR, hub decides how VRF routes are leaked on spoke
- Aggregates List<string>
- route aggregation
- Communities List<string>
- When used as export policy, optional
- Exclude
As List<string>Paths - When used as export policy, optional. To exclude certain AS
- Exclude
Communities List<string> - Export
Communitites List<string> - When used as export policy, optional
- Local
Preference string - Optional, for an import policy, local_preference can be changed
- Prepend
As List<string>Paths - When used as export policy, optional. By default, the local AS will be prepended, to change it
- Accept bool
- Add
Communities []string - Add
Target []stringVrfs - For SSR, hub decides how VRF routes are leaked on spoke
- Aggregates []string
- route aggregation
- Communities []string
- When used as export policy, optional
- Exclude
As []stringPaths - When used as export policy, optional. To exclude certain AS
- Exclude
Communities []string - Export
Communitites []string - When used as export policy, optional
- Local
Preference string - Optional, for an import policy, local_preference can be changed
- Prepend
As []stringPaths - When used as export policy, optional. By default, the local AS will be prepended, to change it
- accept Boolean
- add
Communities List<String> - add
Target List<String>Vrfs - For SSR, hub decides how VRF routes are leaked on spoke
- aggregates List<String>
- route aggregation
- communities List<String>
- When used as export policy, optional
- exclude
As List<String>Paths - When used as export policy, optional. To exclude certain AS
- exclude
Communities List<String> - export
Communitites List<String> - When used as export policy, optional
- local
Preference String - Optional, for an import policy, local_preference can be changed
- prepend
As List<String>Paths - When used as export policy, optional. By default, the local AS will be prepended, to change it
- accept boolean
- add
Communities string[] - add
Target string[]Vrfs - For SSR, hub decides how VRF routes are leaked on spoke
- aggregates string[]
- route aggregation
- communities string[]
- When used as export policy, optional
- exclude
As string[]Paths - When used as export policy, optional. To exclude certain AS
- exclude
Communities string[] - export
Communitites string[] - When used as export policy, optional
- local
Preference string - Optional, for an import policy, local_preference can be changed
- prepend
As string[]Paths - When used as export policy, optional. By default, the local AS will be prepended, to change it
- accept bool
- add_
communities Sequence[str] - add_
target_ Sequence[str]vrfs - For SSR, hub decides how VRF routes are leaked on spoke
- aggregates Sequence[str]
- route aggregation
- communities Sequence[str]
- When used as export policy, optional
- exclude_
as_ Sequence[str]paths - When used as export policy, optional. To exclude certain AS
- exclude_
communities Sequence[str] - export_
communitites Sequence[str] - When used as export policy, optional
- local_
preference str - Optional, for an import policy, local_preference can be changed
- prepend_
as_ Sequence[str]paths - When used as export policy, optional. By default, the local AS will be prepended, to change it
- accept Boolean
- add
Communities List<String> - add
Target List<String>Vrfs - For SSR, hub decides how VRF routes are leaked on spoke
- aggregates List<String>
- route aggregation
- communities List<String>
- When used as export policy, optional
- exclude
As List<String>Paths - When used as export policy, optional. To exclude certain AS
- exclude
Communities List<String> - export
Communitites List<String> - When used as export policy, optional
- local
Preference String - Optional, for an import policy, local_preference can be changed
- prepend
As List<String>Paths - When used as export policy, optional. By default, the local AS will be prepended, to change it
GatewaytemplateRoutingPoliciesTermMatching, GatewaytemplateRoutingPoliciesTermMatchingArgs
- As
Paths List<string> - takes regular expression
- Communities List<string>
- Networks List<string>
- Prefixes List<string>
- zero or more criteria/filter can be specified to match the term, all criteria have to be met
- Protocols List<string>
direct,bgp,osp, ...- Route
Exists Pulumi.Juniper Mist. Org. Inputs. Gatewaytemplate Routing Policies Term Matching Route Exists - Vpn
Neighbor List<string>Macs - overlay-facing criteria (used for bgp_config where via=vpn)
- Vpn
Path Pulumi.Sla Juniper Mist. Org. Inputs. Gatewaytemplate Routing Policies Term Matching Vpn Path Sla - Vpn
Paths List<string> - overlay-facing criteria (used for bgp_config where via=vpn). ordered-
- As
Paths []string - takes regular expression
- Communities []string
- Networks []string
- Prefixes []string
- zero or more criteria/filter can be specified to match the term, all criteria have to be met
- Protocols []string
direct,bgp,osp, ...- Route
Exists GatewaytemplateRouting Policies Term Matching Route Exists - Vpn
Neighbor []stringMacs - overlay-facing criteria (used for bgp_config where via=vpn)
- Vpn
Path GatewaytemplateSla Routing Policies Term Matching Vpn Path Sla - Vpn
Paths []string - overlay-facing criteria (used for bgp_config where via=vpn). ordered-
- as
Paths List<String> - takes regular expression
- communities List<String>
- networks List<String>
- prefixes List<String>
- zero or more criteria/filter can be specified to match the term, all criteria have to be met
- protocols List<String>
direct,bgp,osp, ...- route
Exists GatewaytemplateRouting Policies Term Matching Route Exists - vpn
Neighbor List<String>Macs - overlay-facing criteria (used for bgp_config where via=vpn)
- vpn
Path GatewaytemplateSla Routing Policies Term Matching Vpn Path Sla - vpn
Paths List<String> - overlay-facing criteria (used for bgp_config where via=vpn). ordered-
- as
Paths string[] - takes regular expression
- communities string[]
- networks string[]
- prefixes string[]
- zero or more criteria/filter can be specified to match the term, all criteria have to be met
- protocols string[]
direct,bgp,osp, ...- route
Exists GatewaytemplateRouting Policies Term Matching Route Exists - vpn
Neighbor string[]Macs - overlay-facing criteria (used for bgp_config where via=vpn)
- vpn
Path GatewaytemplateSla Routing Policies Term Matching Vpn Path Sla - vpn
Paths string[] - overlay-facing criteria (used for bgp_config where via=vpn). ordered-
- as_
paths Sequence[str] - takes regular expression
- communities Sequence[str]
- networks Sequence[str]
- prefixes Sequence[str]
- zero or more criteria/filter can be specified to match the term, all criteria have to be met
- protocols Sequence[str]
direct,bgp,osp, ...- route_
exists GatewaytemplateRouting Policies Term Matching Route Exists - vpn_
neighbor_ Sequence[str]macs - overlay-facing criteria (used for bgp_config where via=vpn)
- vpn_
path_ Gatewaytemplatesla Routing Policies Term Matching Vpn Path Sla - vpn_
paths Sequence[str] - overlay-facing criteria (used for bgp_config where via=vpn). ordered-
- as
Paths List<String> - takes regular expression
- communities List<String>
- networks List<String>
- prefixes List<String>
- zero or more criteria/filter can be specified to match the term, all criteria have to be met
- protocols List<String>
direct,bgp,osp, ...- route
Exists Property Map - vpn
Neighbor List<String>Macs - overlay-facing criteria (used for bgp_config where via=vpn)
- vpn
Path Property MapSla - vpn
Paths List<String> - overlay-facing criteria (used for bgp_config where via=vpn). ordered-
GatewaytemplateRoutingPoliciesTermMatchingRouteExists, GatewaytemplateRoutingPoliciesTermMatchingRouteExistsArgs
GatewaytemplateRoutingPoliciesTermMatchingVpnPathSla, GatewaytemplateRoutingPoliciesTermMatchingVpnPathSlaArgs
- Max
Jitter int - Max
Latency int - Max
Loss int
- Max
Jitter int - Max
Latency int - Max
Loss int
- max
Jitter Integer - max
Latency Integer - max
Loss Integer
- max
Jitter number - max
Latency number - max
Loss number
- max_
jitter int - max_
latency int - max_
loss int
- max
Jitter Number - max
Latency Number - max
Loss Number
GatewaytemplateServicePolicy, GatewaytemplateServicePolicyArgs
- Action string
- Required when
servicepolicy_idis not defined, optional otherwise (override the servicepolicy action). enum:allow,deny - Antivirus
Pulumi.
Juniper Mist. Org. Inputs. Gatewaytemplate Service Policy Antivirus - For SRX-only
- Appqoe
Pulumi.
Juniper Mist. Org. Inputs. Gatewaytemplate Service Policy Appqoe - For SRX Only
- Ewfs
List<Pulumi.
Juniper Mist. Org. Inputs. Gatewaytemplate Service Policy Ewf> - Idp
Pulumi.
Juniper Mist. Org. Inputs. Gatewaytemplate Service Policy Idp - Local
Routing bool - access within the same VRF
- Name string
- Required when
servicepolicy_idis not defined, optional otherwise (override the servicepolicy name) - Path
Preference string - By default, we derive all paths available and use them. Optionally, you can customize by using
path_preference - Servicepolicy
Id string - Used to link servicepolicy defined at org level and overwrite some attributes
- Services List<string>
- Required when
servicepolicy_idis not defined. List of Applications / Desctinations - Ssl
Proxy Pulumi.Juniper Mist. Org. Inputs. Gatewaytemplate Service Policy Ssl Proxy - For SRX-only
- Tenants List<string>
- Required when
servicepolicy_idis not defined. List of Networks / Users
- Action string
- Required when
servicepolicy_idis not defined, optional otherwise (override the servicepolicy action). enum:allow,deny - Antivirus
Gatewaytemplate
Service Policy Antivirus - For SRX-only
- Appqoe
Gatewaytemplate
Service Policy Appqoe - For SRX Only
- Ewfs
[]Gatewaytemplate
Service Policy Ewf - Idp
Gatewaytemplate
Service Policy Idp - Local
Routing bool - access within the same VRF
- Name string
- Required when
servicepolicy_idis not defined, optional otherwise (override the servicepolicy name) - Path
Preference string - By default, we derive all paths available and use them. Optionally, you can customize by using
path_preference - Servicepolicy
Id string - Used to link servicepolicy defined at org level and overwrite some attributes
- Services []string
- Required when
servicepolicy_idis not defined. List of Applications / Desctinations - Ssl
Proxy GatewaytemplateService Policy Ssl Proxy - For SRX-only
- Tenants []string
- Required when
servicepolicy_idis not defined. List of Networks / Users
- action String
- Required when
servicepolicy_idis not defined, optional otherwise (override the servicepolicy action). enum:allow,deny - antivirus
Gatewaytemplate
Service Policy Antivirus - For SRX-only
- appqoe
Gatewaytemplate
Service Policy Appqoe - For SRX Only
- ewfs
List<Gatewaytemplate
Service Policy Ewf> - idp
Gatewaytemplate
Service Policy Idp - local
Routing Boolean - access within the same VRF
- name String
- Required when
servicepolicy_idis not defined, optional otherwise (override the servicepolicy name) - path
Preference String - By default, we derive all paths available and use them. Optionally, you can customize by using
path_preference - servicepolicy
Id String - Used to link servicepolicy defined at org level and overwrite some attributes
- services List<String>
- Required when
servicepolicy_idis not defined. List of Applications / Desctinations - ssl
Proxy GatewaytemplateService Policy Ssl Proxy - For SRX-only
- tenants List<String>
- Required when
servicepolicy_idis not defined. List of Networks / Users
- action string
- Required when
servicepolicy_idis not defined, optional otherwise (override the servicepolicy action). enum:allow,deny - antivirus
Gatewaytemplate
Service Policy Antivirus - For SRX-only
- appqoe
Gatewaytemplate
Service Policy Appqoe - For SRX Only
- ewfs
Gatewaytemplate
Service Policy Ewf[] - idp
Gatewaytemplate
Service Policy Idp - local
Routing boolean - access within the same VRF
- name string
- Required when
servicepolicy_idis not defined, optional otherwise (override the servicepolicy name) - path
Preference string - By default, we derive all paths available and use them. Optionally, you can customize by using
path_preference - servicepolicy
Id string - Used to link servicepolicy defined at org level and overwrite some attributes
- services string[]
- Required when
servicepolicy_idis not defined. List of Applications / Desctinations - ssl
Proxy GatewaytemplateService Policy Ssl Proxy - For SRX-only
- tenants string[]
- Required when
servicepolicy_idis not defined. List of Networks / Users
- action str
- Required when
servicepolicy_idis not defined, optional otherwise (override the servicepolicy action). enum:allow,deny - antivirus
Gatewaytemplate
Service Policy Antivirus - For SRX-only
- appqoe
Gatewaytemplate
Service Policy Appqoe - For SRX Only
- ewfs
Sequence[Gatewaytemplate
Service Policy Ewf] - idp
Gatewaytemplate
Service Policy Idp - local_
routing bool - access within the same VRF
- name str
- Required when
servicepolicy_idis not defined, optional otherwise (override the servicepolicy name) - path_
preference str - By default, we derive all paths available and use them. Optionally, you can customize by using
path_preference - servicepolicy_
id str - Used to link servicepolicy defined at org level and overwrite some attributes
- services Sequence[str]
- Required when
servicepolicy_idis not defined. List of Applications / Desctinations - ssl_
proxy GatewaytemplateService Policy Ssl Proxy - For SRX-only
- tenants Sequence[str]
- Required when
servicepolicy_idis not defined. List of Networks / Users
- action String
- Required when
servicepolicy_idis not defined, optional otherwise (override the servicepolicy action). enum:allow,deny - antivirus Property Map
- For SRX-only
- appqoe Property Map
- For SRX Only
- ewfs List<Property Map>
- idp Property Map
- local
Routing Boolean - access within the same VRF
- name String
- Required when
servicepolicy_idis not defined, optional otherwise (override the servicepolicy name) - path
Preference String - By default, we derive all paths available and use them. Optionally, you can customize by using
path_preference - servicepolicy
Id String - Used to link servicepolicy defined at org level and overwrite some attributes
- services List<String>
- Required when
servicepolicy_idis not defined. List of Applications / Desctinations - ssl
Proxy Property Map - For SRX-only
- tenants List<String>
- Required when
servicepolicy_idis not defined. List of Networks / Users
GatewaytemplateServicePolicyAntivirus, GatewaytemplateServicePolicyAntivirusArgs
- Avprofile
Id string - org-level AV Profile can be used, this takes precendence over 'profile'
- Enabled bool
- Profile string
- Default / noftp / httponly / or keys from av_profiles
- Avprofile
Id string - org-level AV Profile can be used, this takes precendence over 'profile'
- Enabled bool
- Profile string
- Default / noftp / httponly / or keys from av_profiles
- avprofile
Id String - org-level AV Profile can be used, this takes precendence over 'profile'
- enabled Boolean
- profile String
- Default / noftp / httponly / or keys from av_profiles
- avprofile
Id string - org-level AV Profile can be used, this takes precendence over 'profile'
- enabled boolean
- profile string
- Default / noftp / httponly / or keys from av_profiles
- avprofile_
id str - org-level AV Profile can be used, this takes precendence over 'profile'
- enabled bool
- profile str
- Default / noftp / httponly / or keys from av_profiles
- avprofile
Id String - org-level AV Profile can be used, this takes precendence over 'profile'
- enabled Boolean
- profile String
- Default / noftp / httponly / or keys from av_profiles
GatewaytemplateServicePolicyAppqoe, GatewaytemplateServicePolicyAppqoeArgs
- Enabled bool
- Enabled bool
- enabled Boolean
- enabled boolean
- enabled bool
- enabled Boolean
GatewaytemplateServicePolicyEwf, GatewaytemplateServicePolicyEwfArgs
- Alert
Only bool - Block
Message string - Enabled bool
- Profile string
- enum:
critical,standard,strict
- Alert
Only bool - Block
Message string - Enabled bool
- Profile string
- enum:
critical,standard,strict
- alert
Only Boolean - block
Message String - enabled Boolean
- profile String
- enum:
critical,standard,strict
- alert
Only boolean - block
Message string - enabled boolean
- profile string
- enum:
critical,standard,strict
- alert_
only bool - block_
message str - enabled bool
- profile str
- enum:
critical,standard,strict
- alert
Only Boolean - block
Message String - enabled Boolean
- profile String
- enum:
critical,standard,strict
GatewaytemplateServicePolicyIdp, GatewaytemplateServicePolicyIdpArgs
- Alert
Only bool - Enabled bool
- Idpprofile
Id string - org_level IDP Profile can be used, this takes precedence over
profile - Profile string
- enum:
Custom,strict(default),standardor keys from idp_profiles
- Alert
Only bool - Enabled bool
- Idpprofile
Id string - org_level IDP Profile can be used, this takes precedence over
profile - Profile string
- enum:
Custom,strict(default),standardor keys from idp_profiles
- alert
Only Boolean - enabled Boolean
- idpprofile
Id String - org_level IDP Profile can be used, this takes precedence over
profile - profile String
- enum:
Custom,strict(default),standardor keys from idp_profiles
- alert
Only boolean - enabled boolean
- idpprofile
Id string - org_level IDP Profile can be used, this takes precedence over
profile - profile string
- enum:
Custom,strict(default),standardor keys from idp_profiles
- alert_
only bool - enabled bool
- idpprofile_
id str - org_level IDP Profile can be used, this takes precedence over
profile - profile str
- enum:
Custom,strict(default),standardor keys from idp_profiles
- alert
Only Boolean - enabled Boolean
- idpprofile
Id String - org_level IDP Profile can be used, this takes precedence over
profile - profile String
- enum:
Custom,strict(default),standardor keys from idp_profiles
GatewaytemplateServicePolicySslProxy, GatewaytemplateServicePolicySslProxyArgs
- Ciphers
Category string - enum:
medium,strong,weak - Enabled bool
- Ciphers
Category string - enum:
medium,strong,weak - Enabled bool
- ciphers
Category String - enum:
medium,strong,weak - enabled Boolean
- ciphers
Category string - enum:
medium,strong,weak - enabled boolean
- ciphers_
category str - enum:
medium,strong,weak - enabled bool
- ciphers
Category String - enum:
medium,strong,weak - enabled Boolean
GatewaytemplateTunnelConfigs, GatewaytemplateTunnelConfigsArgs
- Auto
Provision Pulumi.Juniper Mist. Org. Inputs. Gatewaytemplate Tunnel Configs Auto Provision - Ike
Lifetime int - Only if
provider==custom-ipsec. Must be between 180 and 86400 - Ike
Mode string - Only if
provider==custom-ipsec. enum:aggressive,main - Ike
Proposals List<Pulumi.Juniper Mist. Org. Inputs. Gatewaytemplate Tunnel Configs Ike Proposal> - If
provider==custom-ipsec - Ipsec
Lifetime int - Only if
provider==custom-ipsec. Must be between 180 and 86400 - Ipsec
Proposals List<Pulumi.Juniper Mist. Org. Inputs. Gatewaytemplate Tunnel Configs Ipsec Proposal> - Only if
provider==custom-ipsec - Local
Id string - Required if
provider==zscaler-ipsec,provider==jse-ipsecorprovider==custom-ipsec - Mode string
- Required if
provider==zscaler-gre,provider==jse-ipsec. enum:active-active,active-standby - Networks List<string>
- If
provider==custom-ipsec, networks reachable via this tunnel - Primary
Pulumi.
Juniper Mist. Org. Inputs. Gatewaytemplate Tunnel Configs Primary - Only if
provider==zscaler-ipsec,provider==jse-ipsecorprovider==custom-ipsec - Probe
Pulumi.
Juniper Mist. Org. Inputs. Gatewaytemplate Tunnel Configs Probe - Only if
provider==custom-ipsec - Protocol string
- Only if
provider==custom-ipsec. enum:gre,ipsec - Provider string
- Only if
auto_provision.enabled==false. enum:custom-ipsec,customer-gre,jse-ipsec,zscaler-gre,zscaler-ipsec - Psk string
- Required if
provider==zscaler-ipsec,provider==jse-ipsecorprovider==custom-ipsec - Secondary
Pulumi.
Juniper Mist. Org. Inputs. Gatewaytemplate Tunnel Configs Secondary - Only if
provider==zscaler-ipsec,provider==jse-ipsecorprovider==custom-ipsec - Version string
- Only if
provider==custom-greorprovider==custom-ipsec. enum:1,2
- Auto
Provision GatewaytemplateTunnel Configs Auto Provision - Ike
Lifetime int - Only if
provider==custom-ipsec. Must be between 180 and 86400 - Ike
Mode string - Only if
provider==custom-ipsec. enum:aggressive,main - Ike
Proposals []GatewaytemplateTunnel Configs Ike Proposal - If
provider==custom-ipsec - Ipsec
Lifetime int - Only if
provider==custom-ipsec. Must be between 180 and 86400 - Ipsec
Proposals []GatewaytemplateTunnel Configs Ipsec Proposal - Only if
provider==custom-ipsec - Local
Id string - Required if
provider==zscaler-ipsec,provider==jse-ipsecorprovider==custom-ipsec - Mode string
- Required if
provider==zscaler-gre,provider==jse-ipsec. enum:active-active,active-standby - Networks []string
- If
provider==custom-ipsec, networks reachable via this tunnel - Primary
Gatewaytemplate
Tunnel Configs Primary - Only if
provider==zscaler-ipsec,provider==jse-ipsecorprovider==custom-ipsec - Probe
Gatewaytemplate
Tunnel Configs Probe - Only if
provider==custom-ipsec - Protocol string
- Only if
provider==custom-ipsec. enum:gre,ipsec - Provider string
- Only if
auto_provision.enabled==false. enum:custom-ipsec,customer-gre,jse-ipsec,zscaler-gre,zscaler-ipsec - Psk string
- Required if
provider==zscaler-ipsec,provider==jse-ipsecorprovider==custom-ipsec - Secondary
Gatewaytemplate
Tunnel Configs Secondary - Only if
provider==zscaler-ipsec,provider==jse-ipsecorprovider==custom-ipsec - Version string
- Only if
provider==custom-greorprovider==custom-ipsec. enum:1,2
- auto
Provision GatewaytemplateTunnel Configs Auto Provision - ike
Lifetime Integer - Only if
provider==custom-ipsec. Must be between 180 and 86400 - ike
Mode String - Only if
provider==custom-ipsec. enum:aggressive,main - ike
Proposals List<GatewaytemplateTunnel Configs Ike Proposal> - If
provider==custom-ipsec - ipsec
Lifetime Integer - Only if
provider==custom-ipsec. Must be between 180 and 86400 - ipsec
Proposals List<GatewaytemplateTunnel Configs Ipsec Proposal> - Only if
provider==custom-ipsec - local
Id String - Required if
provider==zscaler-ipsec,provider==jse-ipsecorprovider==custom-ipsec - mode String
- Required if
provider==zscaler-gre,provider==jse-ipsec. enum:active-active,active-standby - networks List<String>
- If
provider==custom-ipsec, networks reachable via this tunnel - primary
Gatewaytemplate
Tunnel Configs Primary - Only if
provider==zscaler-ipsec,provider==jse-ipsecorprovider==custom-ipsec - probe
Gatewaytemplate
Tunnel Configs Probe - Only if
provider==custom-ipsec - protocol String
- Only if
provider==custom-ipsec. enum:gre,ipsec - provider String
- Only if
auto_provision.enabled==false. enum:custom-ipsec,customer-gre,jse-ipsec,zscaler-gre,zscaler-ipsec - psk String
- Required if
provider==zscaler-ipsec,provider==jse-ipsecorprovider==custom-ipsec - secondary
Gatewaytemplate
Tunnel Configs Secondary - Only if
provider==zscaler-ipsec,provider==jse-ipsecorprovider==custom-ipsec - version String
- Only if
provider==custom-greorprovider==custom-ipsec. enum:1,2
- auto
Provision GatewaytemplateTunnel Configs Auto Provision - ike
Lifetime number - Only if
provider==custom-ipsec. Must be between 180 and 86400 - ike
Mode string - Only if
provider==custom-ipsec. enum:aggressive,main - ike
Proposals GatewaytemplateTunnel Configs Ike Proposal[] - If
provider==custom-ipsec - ipsec
Lifetime number - Only if
provider==custom-ipsec. Must be between 180 and 86400 - ipsec
Proposals GatewaytemplateTunnel Configs Ipsec Proposal[] - Only if
provider==custom-ipsec - local
Id string - Required if
provider==zscaler-ipsec,provider==jse-ipsecorprovider==custom-ipsec - mode string
- Required if
provider==zscaler-gre,provider==jse-ipsec. enum:active-active,active-standby - networks string[]
- If
provider==custom-ipsec, networks reachable via this tunnel - primary
Gatewaytemplate
Tunnel Configs Primary - Only if
provider==zscaler-ipsec,provider==jse-ipsecorprovider==custom-ipsec - probe
Gatewaytemplate
Tunnel Configs Probe - Only if
provider==custom-ipsec - protocol string
- Only if
provider==custom-ipsec. enum:gre,ipsec - provider string
- Only if
auto_provision.enabled==false. enum:custom-ipsec,customer-gre,jse-ipsec,zscaler-gre,zscaler-ipsec - psk string
- Required if
provider==zscaler-ipsec,provider==jse-ipsecorprovider==custom-ipsec - secondary
Gatewaytemplate
Tunnel Configs Secondary - Only if
provider==zscaler-ipsec,provider==jse-ipsecorprovider==custom-ipsec - version string
- Only if
provider==custom-greorprovider==custom-ipsec. enum:1,2
- auto_
provision GatewaytemplateTunnel Configs Auto Provision - ike_
lifetime int - Only if
provider==custom-ipsec. Must be between 180 and 86400 - ike_
mode str - Only if
provider==custom-ipsec. enum:aggressive,main - ike_
proposals Sequence[GatewaytemplateTunnel Configs Ike Proposal] - If
provider==custom-ipsec - ipsec_
lifetime int - Only if
provider==custom-ipsec. Must be between 180 and 86400 - ipsec_
proposals Sequence[GatewaytemplateTunnel Configs Ipsec Proposal] - Only if
provider==custom-ipsec - local_
id str - Required if
provider==zscaler-ipsec,provider==jse-ipsecorprovider==custom-ipsec - mode str
- Required if
provider==zscaler-gre,provider==jse-ipsec. enum:active-active,active-standby - networks Sequence[str]
- If
provider==custom-ipsec, networks reachable via this tunnel - primary
Gatewaytemplate
Tunnel Configs Primary - Only if
provider==zscaler-ipsec,provider==jse-ipsecorprovider==custom-ipsec - probe
Gatewaytemplate
Tunnel Configs Probe - Only if
provider==custom-ipsec - protocol str
- Only if
provider==custom-ipsec. enum:gre,ipsec - provider str
- Only if
auto_provision.enabled==false. enum:custom-ipsec,customer-gre,jse-ipsec,zscaler-gre,zscaler-ipsec - psk str
- Required if
provider==zscaler-ipsec,provider==jse-ipsecorprovider==custom-ipsec - secondary
Gatewaytemplate
Tunnel Configs Secondary - Only if
provider==zscaler-ipsec,provider==jse-ipsecorprovider==custom-ipsec - version str
- Only if
provider==custom-greorprovider==custom-ipsec. enum:1,2
- auto
Provision Property Map - ike
Lifetime Number - Only if
provider==custom-ipsec. Must be between 180 and 86400 - ike
Mode String - Only if
provider==custom-ipsec. enum:aggressive,main - ike
Proposals List<Property Map> - If
provider==custom-ipsec - ipsec
Lifetime Number - Only if
provider==custom-ipsec. Must be between 180 and 86400 - ipsec
Proposals List<Property Map> - Only if
provider==custom-ipsec - local
Id String - Required if
provider==zscaler-ipsec,provider==jse-ipsecorprovider==custom-ipsec - mode String
- Required if
provider==zscaler-gre,provider==jse-ipsec. enum:active-active,active-standby - networks List<String>
- If
provider==custom-ipsec, networks reachable via this tunnel - primary Property Map
- Only if
provider==zscaler-ipsec,provider==jse-ipsecorprovider==custom-ipsec - probe Property Map
- Only if
provider==custom-ipsec - protocol String
- Only if
provider==custom-ipsec. enum:gre,ipsec - provider String
- Only if
auto_provision.enabled==false. enum:custom-ipsec,customer-gre,jse-ipsec,zscaler-gre,zscaler-ipsec - psk String
- Required if
provider==zscaler-ipsec,provider==jse-ipsecorprovider==custom-ipsec - secondary Property Map
- Only if
provider==zscaler-ipsec,provider==jse-ipsecorprovider==custom-ipsec - version String
- Only if
provider==custom-greorprovider==custom-ipsec. enum:1,2
GatewaytemplateTunnelConfigsAutoProvision, GatewaytemplateTunnelConfigsAutoProvisionArgs
- Provider string
- enum:
jse-ipsec,zscaler-ipsec - Enable bool
- Latlng
Pulumi.
Juniper Mist. Org. Inputs. Gatewaytemplate Tunnel Configs Auto Provision Latlng - API override for POP selection
- Primary
Pulumi.
Juniper Mist. Org. Inputs. Gatewaytemplate Tunnel Configs Auto Provision Primary - Region string
- API override for POP selection
- Secondary
Pulumi.
Juniper Mist. Org. Inputs. Gatewaytemplate Tunnel Configs Auto Provision Secondary
- Provider string
- enum:
jse-ipsec,zscaler-ipsec - Enable bool
- Latlng
Gatewaytemplate
Tunnel Configs Auto Provision Latlng - API override for POP selection
- Primary
Gatewaytemplate
Tunnel Configs Auto Provision Primary - Region string
- API override for POP selection
- Secondary
Gatewaytemplate
Tunnel Configs Auto Provision Secondary
- provider String
- enum:
jse-ipsec,zscaler-ipsec - enable Boolean
- latlng
Gatewaytemplate
Tunnel Configs Auto Provision Latlng - API override for POP selection
- primary
Gatewaytemplate
Tunnel Configs Auto Provision Primary - region String
- API override for POP selection
- secondary
Gatewaytemplate
Tunnel Configs Auto Provision Secondary
- provider string
- enum:
jse-ipsec,zscaler-ipsec - enable boolean
- latlng
Gatewaytemplate
Tunnel Configs Auto Provision Latlng - API override for POP selection
- primary
Gatewaytemplate
Tunnel Configs Auto Provision Primary - region string
- API override for POP selection
- secondary
Gatewaytemplate
Tunnel Configs Auto Provision Secondary
- provider str
- enum:
jse-ipsec,zscaler-ipsec - enable bool
- latlng
Gatewaytemplate
Tunnel Configs Auto Provision Latlng - API override for POP selection
- primary
Gatewaytemplate
Tunnel Configs Auto Provision Primary - region str
- API override for POP selection
- secondary
Gatewaytemplate
Tunnel Configs Auto Provision Secondary
- provider String
- enum:
jse-ipsec,zscaler-ipsec - enable Boolean
- latlng Property Map
- API override for POP selection
- primary Property Map
- region String
- API override for POP selection
- secondary Property Map
GatewaytemplateTunnelConfigsAutoProvisionLatlng, GatewaytemplateTunnelConfigsAutoProvisionLatlngArgs
GatewaytemplateTunnelConfigsAutoProvisionPrimary, GatewaytemplateTunnelConfigsAutoProvisionPrimaryArgs
GatewaytemplateTunnelConfigsAutoProvisionSecondary, GatewaytemplateTunnelConfigsAutoProvisionSecondaryArgs
GatewaytemplateTunnelConfigsIkeProposal, GatewaytemplateTunnelConfigsIkeProposalArgs
GatewaytemplateTunnelConfigsIpsecProposal, GatewaytemplateTunnelConfigsIpsecProposalArgs
GatewaytemplateTunnelConfigsPrimary, GatewaytemplateTunnelConfigsPrimaryArgs
- Hosts List<string>
- Wan
Names List<string> - Internal
Ips List<string> - Only if
provider==zscaler-gre,provider==jse-ipsec,provider==custom-ipsecorprovider==custom-gre - Probe
Ips List<string> - Remote
Ids List<string> - Only if
provider==jse-ipsecorprovider==custom-ipsec
- Hosts []string
- Wan
Names []string - Internal
Ips []string - Only if
provider==zscaler-gre,provider==jse-ipsec,provider==custom-ipsecorprovider==custom-gre - Probe
Ips []string - Remote
Ids []string - Only if
provider==jse-ipsecorprovider==custom-ipsec
- hosts List<String>
- wan
Names List<String> - internal
Ips List<String> - Only if
provider==zscaler-gre,provider==jse-ipsec,provider==custom-ipsecorprovider==custom-gre - probe
Ips List<String> - remote
Ids List<String> - Only if
provider==jse-ipsecorprovider==custom-ipsec
- hosts string[]
- wan
Names string[] - internal
Ips string[] - Only if
provider==zscaler-gre,provider==jse-ipsec,provider==custom-ipsecorprovider==custom-gre - probe
Ips string[] - remote
Ids string[] - Only if
provider==jse-ipsecorprovider==custom-ipsec
- hosts Sequence[str]
- wan_
names Sequence[str] - internal_
ips Sequence[str] - Only if
provider==zscaler-gre,provider==jse-ipsec,provider==custom-ipsecorprovider==custom-gre - probe_
ips Sequence[str] - remote_
ids Sequence[str] - Only if
provider==jse-ipsecorprovider==custom-ipsec
- hosts List<String>
- wan
Names List<String> - internal
Ips List<String> - Only if
provider==zscaler-gre,provider==jse-ipsec,provider==custom-ipsecorprovider==custom-gre - probe
Ips List<String> - remote
Ids List<String> - Only if
provider==jse-ipsecorprovider==custom-ipsec
GatewaytemplateTunnelConfigsProbe, GatewaytemplateTunnelConfigsProbeArgs
GatewaytemplateTunnelConfigsSecondary, GatewaytemplateTunnelConfigsSecondaryArgs
- Hosts List<string>
- Wan
Names List<string> - Internal
Ips List<string> - Only if
provider==zscaler-gre,provider==jse-ipsec,provider==custom-ipsecorprovider==custom-gre - Probe
Ips List<string> - Remote
Ids List<string> - Only if
provider==jse-ipsecorprovider==custom-ipsec
- Hosts []string
- Wan
Names []string - Internal
Ips []string - Only if
provider==zscaler-gre,provider==jse-ipsec,provider==custom-ipsecorprovider==custom-gre - Probe
Ips []string - Remote
Ids []string - Only if
provider==jse-ipsecorprovider==custom-ipsec
- hosts List<String>
- wan
Names List<String> - internal
Ips List<String> - Only if
provider==zscaler-gre,provider==jse-ipsec,provider==custom-ipsecorprovider==custom-gre - probe
Ips List<String> - remote
Ids List<String> - Only if
provider==jse-ipsecorprovider==custom-ipsec
- hosts string[]
- wan
Names string[] - internal
Ips string[] - Only if
provider==zscaler-gre,provider==jse-ipsec,provider==custom-ipsecorprovider==custom-gre - probe
Ips string[] - remote
Ids string[] - Only if
provider==jse-ipsecorprovider==custom-ipsec
- hosts Sequence[str]
- wan_
names Sequence[str] - internal_
ips Sequence[str] - Only if
provider==zscaler-gre,provider==jse-ipsec,provider==custom-ipsecorprovider==custom-gre - probe_
ips Sequence[str] - remote_
ids Sequence[str] - Only if
provider==jse-ipsecorprovider==custom-ipsec
- hosts List<String>
- wan
Names List<String> - internal
Ips List<String> - Only if
provider==zscaler-gre,provider==jse-ipsec,provider==custom-ipsecorprovider==custom-gre - probe
Ips List<String> - remote
Ids List<String> - Only if
provider==jse-ipsecorprovider==custom-ipsec
GatewaytemplateTunnelProviderOptions, GatewaytemplateTunnelProviderOptionsArgs
- Jse
Pulumi.
Juniper Mist. Org. Inputs. Gatewaytemplate Tunnel Provider Options Jse - For jse-ipsec, this allows provisioning of adequate resource on JSE. Make sure adequate licenses are added
- Zscaler
Pulumi.
Juniper Mist. Org. Inputs. Gatewaytemplate Tunnel Provider Options Zscaler - For zscaler-ipsec and zscaler-gre
- Jse
Gatewaytemplate
Tunnel Provider Options Jse - For jse-ipsec, this allows provisioning of adequate resource on JSE. Make sure adequate licenses are added
- Zscaler
Gatewaytemplate
Tunnel Provider Options Zscaler - For zscaler-ipsec and zscaler-gre
- jse
Gatewaytemplate
Tunnel Provider Options Jse - For jse-ipsec, this allows provisioning of adequate resource on JSE. Make sure adequate licenses are added
- zscaler
Gatewaytemplate
Tunnel Provider Options Zscaler - For zscaler-ipsec and zscaler-gre
- jse
Gatewaytemplate
Tunnel Provider Options Jse - For jse-ipsec, this allows provisioning of adequate resource on JSE. Make sure adequate licenses are added
- zscaler
Gatewaytemplate
Tunnel Provider Options Zscaler - For zscaler-ipsec and zscaler-gre
- jse
Gatewaytemplate
Tunnel Provider Options Jse - For jse-ipsec, this allows provisioning of adequate resource on JSE. Make sure adequate licenses are added
- zscaler
Gatewaytemplate
Tunnel Provider Options Zscaler - For zscaler-ipsec and zscaler-gre
- jse Property Map
- For jse-ipsec, this allows provisioning of adequate resource on JSE. Make sure adequate licenses are added
- zscaler Property Map
- For zscaler-ipsec and zscaler-gre
GatewaytemplateTunnelProviderOptionsJse, GatewaytemplateTunnelProviderOptionsJseArgs
GatewaytemplateTunnelProviderOptionsZscaler, GatewaytemplateTunnelProviderOptionsZscalerArgs
- Aup
Block boolInternet Until Accepted - Aup
Enabled bool - Can only be
truewhenauth_required==false, display Acceptable Use Policy (AUP) - Aup
Force boolSsl Inspection - Proxy HTTPs traffic, requiring Zscaler cert to be installed in browser
- Aup
Timeout intIn Days - Required if
aup_enabled==true. Days before AUP is requested again - Auth
Required bool - Enable this option to enforce user authentication
- Caution
Enabled bool - Can only be
truewhenauth_required==false, display caution notification for non-authenticated users - Dn
Bandwidth double - Download bandwidth cap of the link, in Mbps. Disabled if not set
- Idle
Time intIn Minutes - Required if
surrogate_IP==true, idle Time to Disassociation - Ofw
Enabled bool - If
true, enable the firewall control option - Sub
Locations List<Pulumi.Juniper Mist. Org. Inputs. Gatewaytemplate Tunnel Provider Options Zscaler Sub Location> sub-locationscan be used for specific uses cases to define different configuration based on the user network- Surrogate
Ip bool - Can only be
truewhenauth_required==true. Map a user to a private IP address so it applies the user's policies, instead of the location's policies - Surrogate
Ip boolEnforced For Known Browsers - Can only be
truewhensurrogate_IP==true, enforce surrogate IP for known browsers - Surrogate
Refresh intTime In Minutes - Required if
surrogate_IP_enforced_for_known_browsers==true, must be lower or equal thanidle_time_in_minutes, refresh Time for re-validation of Surrogacy - Up
Bandwidth double - Download bandwidth cap of the link, in Mbps. Disabled if not set
- Xff
Forward boolEnabled - Location uses proxy chaining to forward traffic
- Aup
Block boolInternet Until Accepted - Aup
Enabled bool - Can only be
truewhenauth_required==false, display Acceptable Use Policy (AUP) - Aup
Force boolSsl Inspection - Proxy HTTPs traffic, requiring Zscaler cert to be installed in browser
- Aup
Timeout intIn Days - Required if
aup_enabled==true. Days before AUP is requested again - Auth
Required bool - Enable this option to enforce user authentication
- Caution
Enabled bool - Can only be
truewhenauth_required==false, display caution notification for non-authenticated users - Dn
Bandwidth float64 - Download bandwidth cap of the link, in Mbps. Disabled if not set
- Idle
Time intIn Minutes - Required if
surrogate_IP==true, idle Time to Disassociation - Ofw
Enabled bool - If
true, enable the firewall control option - Sub
Locations []GatewaytemplateTunnel Provider Options Zscaler Sub Location sub-locationscan be used for specific uses cases to define different configuration based on the user network- Surrogate
Ip bool - Can only be
truewhenauth_required==true. Map a user to a private IP address so it applies the user's policies, instead of the location's policies - Surrogate
Ip boolEnforced For Known Browsers - Can only be
truewhensurrogate_IP==true, enforce surrogate IP for known browsers - Surrogate
Refresh intTime In Minutes - Required if
surrogate_IP_enforced_for_known_browsers==true, must be lower or equal thanidle_time_in_minutes, refresh Time for re-validation of Surrogacy - Up
Bandwidth float64 - Download bandwidth cap of the link, in Mbps. Disabled if not set
- Xff
Forward boolEnabled - Location uses proxy chaining to forward traffic
- aup
Block BooleanInternet Until Accepted - aup
Enabled Boolean - Can only be
truewhenauth_required==false, display Acceptable Use Policy (AUP) - aup
Force BooleanSsl Inspection - Proxy HTTPs traffic, requiring Zscaler cert to be installed in browser
- aup
Timeout IntegerIn Days - Required if
aup_enabled==true. Days before AUP is requested again - auth
Required Boolean - Enable this option to enforce user authentication
- caution
Enabled Boolean - Can only be
truewhenauth_required==false, display caution notification for non-authenticated users - dn
Bandwidth Double - Download bandwidth cap of the link, in Mbps. Disabled if not set
- idle
Time IntegerIn Minutes - Required if
surrogate_IP==true, idle Time to Disassociation - ofw
Enabled Boolean - If
true, enable the firewall control option - sub
Locations List<GatewaytemplateTunnel Provider Options Zscaler Sub Location> sub-locationscan be used for specific uses cases to define different configuration based on the user network- surrogate
Ip Boolean - Can only be
truewhenauth_required==true. Map a user to a private IP address so it applies the user's policies, instead of the location's policies - surrogate
Ip BooleanEnforced For Known Browsers - Can only be
truewhensurrogate_IP==true, enforce surrogate IP for known browsers - surrogate
Refresh IntegerTime In Minutes - Required if
surrogate_IP_enforced_for_known_browsers==true, must be lower or equal thanidle_time_in_minutes, refresh Time for re-validation of Surrogacy - up
Bandwidth Double - Download bandwidth cap of the link, in Mbps. Disabled if not set
- xff
Forward BooleanEnabled - Location uses proxy chaining to forward traffic
- aup
Block booleanInternet Until Accepted - aup
Enabled boolean - Can only be
truewhenauth_required==false, display Acceptable Use Policy (AUP) - aup
Force booleanSsl Inspection - Proxy HTTPs traffic, requiring Zscaler cert to be installed in browser
- aup
Timeout numberIn Days - Required if
aup_enabled==true. Days before AUP is requested again - auth
Required boolean - Enable this option to enforce user authentication
- caution
Enabled boolean - Can only be
truewhenauth_required==false, display caution notification for non-authenticated users - dn
Bandwidth number - Download bandwidth cap of the link, in Mbps. Disabled if not set
- idle
Time numberIn Minutes - Required if
surrogate_IP==true, idle Time to Disassociation - ofw
Enabled boolean - If
true, enable the firewall control option - sub
Locations GatewaytemplateTunnel Provider Options Zscaler Sub Location[] sub-locationscan be used for specific uses cases to define different configuration based on the user network- surrogate
Ip boolean - Can only be
truewhenauth_required==true. Map a user to a private IP address so it applies the user's policies, instead of the location's policies - surrogate
Ip booleanEnforced For Known Browsers - Can only be
truewhensurrogate_IP==true, enforce surrogate IP for known browsers - surrogate
Refresh numberTime In Minutes - Required if
surrogate_IP_enforced_for_known_browsers==true, must be lower or equal thanidle_time_in_minutes, refresh Time for re-validation of Surrogacy - up
Bandwidth number - Download bandwidth cap of the link, in Mbps. Disabled if not set
- xff
Forward booleanEnabled - Location uses proxy chaining to forward traffic
- aup_
block_ boolinternet_ until_ accepted - aup_
enabled bool - Can only be
truewhenauth_required==false, display Acceptable Use Policy (AUP) - aup_
force_ boolssl_ inspection - Proxy HTTPs traffic, requiring Zscaler cert to be installed in browser
- aup_
timeout_ intin_ days - Required if
aup_enabled==true. Days before AUP is requested again - auth_
required bool - Enable this option to enforce user authentication
- caution_
enabled bool - Can only be
truewhenauth_required==false, display caution notification for non-authenticated users - dn_
bandwidth float - Download bandwidth cap of the link, in Mbps. Disabled if not set
- idle_
time_ intin_ minutes - Required if
surrogate_IP==true, idle Time to Disassociation - ofw_
enabled bool - If
true, enable the firewall control option - sub_
locations Sequence[GatewaytemplateTunnel Provider Options Zscaler Sub Location] sub-locationscan be used for specific uses cases to define different configuration based on the user network- surrogate_
ip bool - Can only be
truewhenauth_required==true. Map a user to a private IP address so it applies the user's policies, instead of the location's policies - surrogate_
ip_ boolenforced_ for_ known_ browsers - Can only be
truewhensurrogate_IP==true, enforce surrogate IP for known browsers - surrogate_
refresh_ inttime_ in_ minutes - Required if
surrogate_IP_enforced_for_known_browsers==true, must be lower or equal thanidle_time_in_minutes, refresh Time for re-validation of Surrogacy - up_
bandwidth float - Download bandwidth cap of the link, in Mbps. Disabled if not set
- xff_
forward_ boolenabled - Location uses proxy chaining to forward traffic
- aup
Block BooleanInternet Until Accepted - aup
Enabled Boolean - Can only be
truewhenauth_required==false, display Acceptable Use Policy (AUP) - aup
Force BooleanSsl Inspection - Proxy HTTPs traffic, requiring Zscaler cert to be installed in browser
- aup
Timeout NumberIn Days - Required if
aup_enabled==true. Days before AUP is requested again - auth
Required Boolean - Enable this option to enforce user authentication
- caution
Enabled Boolean - Can only be
truewhenauth_required==false, display caution notification for non-authenticated users - dn
Bandwidth Number - Download bandwidth cap of the link, in Mbps. Disabled if not set
- idle
Time NumberIn Minutes - Required if
surrogate_IP==true, idle Time to Disassociation - ofw
Enabled Boolean - If
true, enable the firewall control option - sub
Locations List<Property Map> sub-locationscan be used for specific uses cases to define different configuration based on the user network- surrogate
Ip Boolean - Can only be
truewhenauth_required==true. Map a user to a private IP address so it applies the user's policies, instead of the location's policies - surrogate
Ip BooleanEnforced For Known Browsers - Can only be
truewhensurrogate_IP==true, enforce surrogate IP for known browsers - surrogate
Refresh NumberTime In Minutes - Required if
surrogate_IP_enforced_for_known_browsers==true, must be lower or equal thanidle_time_in_minutes, refresh Time for re-validation of Surrogacy - up
Bandwidth Number - Download bandwidth cap of the link, in Mbps. Disabled if not set
- xff
Forward BooleanEnabled - Location uses proxy chaining to forward traffic
GatewaytemplateTunnelProviderOptionsZscalerSubLocation, GatewaytemplateTunnelProviderOptionsZscalerSubLocationArgs
- Aup
Block boolInternet Until Accepted - Aup
Enabled bool - Can only be
truewhenauth_required==false, display Acceptable Use Policy (AUP) - Aup
Force boolSsl Inspection - Proxy HTTPs traffic, requiring Zscaler cert to be installed in browser
- Aup
Timeout intIn Days - Required if
aup_enabled==true. Days before AUP is requested again - Auth
Required bool - Enable this option to authenticate users
- Caution
Enabled bool - Can only be
truewhenauth_required==false, display caution notification for non-authenticated users - Dn
Bandwidth double - Download bandwidth cap of the link, in Mbps. Disabled if not set
- Idle
Time intIn Minutes - Required if
surrogate_IP==true, idle Time to Disassociation - Name string
- Network name
- Ofw
Enabled bool - If
true, enable the firewall control option - Surrogate
Ip bool - Can only be
truewhenauth_required==true. Map a user to a private IP address so it applies the user's policies, instead of the location's policies - Surrogate
Ip boolEnforced For Known Browsers - Can only be
truewhensurrogate_IP==true, enforce surrogate IP for known browsers - Surrogate
Refresh intTime In Minutes - Required if
surrogate_IP_enforced_for_known_browsers==true, must be lower or equal thanidle_time_in_minutes, refresh Time for re-validation of Surrogacy - Up
Bandwidth double - Download bandwidth cap of the link, in Mbps. Disabled if not set
- Aup
Block boolInternet Until Accepted - Aup
Enabled bool - Can only be
truewhenauth_required==false, display Acceptable Use Policy (AUP) - Aup
Force boolSsl Inspection - Proxy HTTPs traffic, requiring Zscaler cert to be installed in browser
- Aup
Timeout intIn Days - Required if
aup_enabled==true. Days before AUP is requested again - Auth
Required bool - Enable this option to authenticate users
- Caution
Enabled bool - Can only be
truewhenauth_required==false, display caution notification for non-authenticated users - Dn
Bandwidth float64 - Download bandwidth cap of the link, in Mbps. Disabled if not set
- Idle
Time intIn Minutes - Required if
surrogate_IP==true, idle Time to Disassociation - Name string
- Network name
- Ofw
Enabled bool - If
true, enable the firewall control option - Surrogate
Ip bool - Can only be
truewhenauth_required==true. Map a user to a private IP address so it applies the user's policies, instead of the location's policies - Surrogate
Ip boolEnforced For Known Browsers - Can only be
truewhensurrogate_IP==true, enforce surrogate IP for known browsers - Surrogate
Refresh intTime In Minutes - Required if
surrogate_IP_enforced_for_known_browsers==true, must be lower or equal thanidle_time_in_minutes, refresh Time for re-validation of Surrogacy - Up
Bandwidth float64 - Download bandwidth cap of the link, in Mbps. Disabled if not set
- aup
Block BooleanInternet Until Accepted - aup
Enabled Boolean - Can only be
truewhenauth_required==false, display Acceptable Use Policy (AUP) - aup
Force BooleanSsl Inspection - Proxy HTTPs traffic, requiring Zscaler cert to be installed in browser
- aup
Timeout IntegerIn Days - Required if
aup_enabled==true. Days before AUP is requested again - auth
Required Boolean - Enable this option to authenticate users
- caution
Enabled Boolean - Can only be
truewhenauth_required==false, display caution notification for non-authenticated users - dn
Bandwidth Double - Download bandwidth cap of the link, in Mbps. Disabled if not set
- idle
Time IntegerIn Minutes - Required if
surrogate_IP==true, idle Time to Disassociation - name String
- Network name
- ofw
Enabled Boolean - If
true, enable the firewall control option - surrogate
Ip Boolean - Can only be
truewhenauth_required==true. Map a user to a private IP address so it applies the user's policies, instead of the location's policies - surrogate
Ip BooleanEnforced For Known Browsers - Can only be
truewhensurrogate_IP==true, enforce surrogate IP for known browsers - surrogate
Refresh IntegerTime In Minutes - Required if
surrogate_IP_enforced_for_known_browsers==true, must be lower or equal thanidle_time_in_minutes, refresh Time for re-validation of Surrogacy - up
Bandwidth Double - Download bandwidth cap of the link, in Mbps. Disabled if not set
- aup
Block booleanInternet Until Accepted - aup
Enabled boolean - Can only be
truewhenauth_required==false, display Acceptable Use Policy (AUP) - aup
Force booleanSsl Inspection - Proxy HTTPs traffic, requiring Zscaler cert to be installed in browser
- aup
Timeout numberIn Days - Required if
aup_enabled==true. Days before AUP is requested again - auth
Required boolean - Enable this option to authenticate users
- caution
Enabled boolean - Can only be
truewhenauth_required==false, display caution notification for non-authenticated users - dn
Bandwidth number - Download bandwidth cap of the link, in Mbps. Disabled if not set
- idle
Time numberIn Minutes - Required if
surrogate_IP==true, idle Time to Disassociation - name string
- Network name
- ofw
Enabled boolean - If
true, enable the firewall control option - surrogate
Ip boolean - Can only be
truewhenauth_required==true. Map a user to a private IP address so it applies the user's policies, instead of the location's policies - surrogate
Ip booleanEnforced For Known Browsers - Can only be
truewhensurrogate_IP==true, enforce surrogate IP for known browsers - surrogate
Refresh numberTime In Minutes - Required if
surrogate_IP_enforced_for_known_browsers==true, must be lower or equal thanidle_time_in_minutes, refresh Time for re-validation of Surrogacy - up
Bandwidth number - Download bandwidth cap of the link, in Mbps. Disabled if not set
- aup_
block_ boolinternet_ until_ accepted - aup_
enabled bool - Can only be
truewhenauth_required==false, display Acceptable Use Policy (AUP) - aup_
force_ boolssl_ inspection - Proxy HTTPs traffic, requiring Zscaler cert to be installed in browser
- aup_
timeout_ intin_ days - Required if
aup_enabled==true. Days before AUP is requested again - auth_
required bool - Enable this option to authenticate users
- caution_
enabled bool - Can only be
truewhenauth_required==false, display caution notification for non-authenticated users - dn_
bandwidth float - Download bandwidth cap of the link, in Mbps. Disabled if not set
- idle_
time_ intin_ minutes - Required if
surrogate_IP==true, idle Time to Disassociation - name str
- Network name
- ofw_
enabled bool - If
true, enable the firewall control option - surrogate_
ip bool - Can only be
truewhenauth_required==true. Map a user to a private IP address so it applies the user's policies, instead of the location's policies - surrogate_
ip_ boolenforced_ for_ known_ browsers - Can only be
truewhensurrogate_IP==true, enforce surrogate IP for known browsers - surrogate_
refresh_ inttime_ in_ minutes - Required if
surrogate_IP_enforced_for_known_browsers==true, must be lower or equal thanidle_time_in_minutes, refresh Time for re-validation of Surrogacy - up_
bandwidth float - Download bandwidth cap of the link, in Mbps. Disabled if not set
- aup
Block BooleanInternet Until Accepted - aup
Enabled Boolean - Can only be
truewhenauth_required==false, display Acceptable Use Policy (AUP) - aup
Force BooleanSsl Inspection - Proxy HTTPs traffic, requiring Zscaler cert to be installed in browser
- aup
Timeout NumberIn Days - Required if
aup_enabled==true. Days before AUP is requested again - auth
Required Boolean - Enable this option to authenticate users
- caution
Enabled Boolean - Can only be
truewhenauth_required==false, display caution notification for non-authenticated users - dn
Bandwidth Number - Download bandwidth cap of the link, in Mbps. Disabled if not set
- idle
Time NumberIn Minutes - Required if
surrogate_IP==true, idle Time to Disassociation - name String
- Network name
- ofw
Enabled Boolean - If
true, enable the firewall control option - surrogate
Ip Boolean - Can only be
truewhenauth_required==true. Map a user to a private IP address so it applies the user's policies, instead of the location's policies - surrogate
Ip BooleanEnforced For Known Browsers - Can only be
truewhensurrogate_IP==true, enforce surrogate IP for known browsers - surrogate
Refresh NumberTime In Minutes - Required if
surrogate_IP_enforced_for_known_browsers==true, must be lower or equal thanidle_time_in_minutes, refresh Time for re-validation of Surrogacy - up
Bandwidth Number - Download bandwidth cap of the link, in Mbps. Disabled if not set
GatewaytemplateVrfConfig, GatewaytemplateVrfConfigArgs
- Enabled bool
- Whether to enable VRF (when supported on the device)
- Enabled bool
- Whether to enable VRF (when supported on the device)
- enabled Boolean
- Whether to enable VRF (when supported on the device)
- enabled boolean
- Whether to enable VRF (when supported on the device)
- enabled bool
- Whether to enable VRF (when supported on the device)
- enabled Boolean
- Whether to enable VRF (when supported on the device)
GatewaytemplateVrfInstances, GatewaytemplateVrfInstancesArgs
- Networks List<string>
- Networks []string
- networks List<String>
- networks string[]
- networks Sequence[str]
- networks List<String>
Import
Using pulumi import, import mist_org_gatewaytemplate with:
Gateway Template can be imported by specifying the org_id and the gatewaytemplate_id
$ pulumi import junipermist:org/gatewaytemplate:Gatewaytemplate gatewaytemplate_one 17b46405-3a6d-4715-8bb4-6bb6d06f316a.d3c42998-9012-4859-9743-6b9bee475309
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- junipermist pulumi/pulumi-junipermist
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
mistTerraform Provider.