Updating an IPSec Tunnel
Edit the settings for an IPSec tunnel in an IPSec connection.
You can't create an IPSec tunnel without creating an IPSec connection.
When you change tunnel attributes such as the routing type (BGP dynamic routing, static routing, or policy-based) here are a few things to consider:
-
If you change the tunnel's routing type or BGP session configuration, the tunnel goes down while it's reprovisioned.
-
If you switch the tunnel's
routing
fromSTATIC
toBGP
, ensure that the tunnel's BGP session configuration attributes have been set. -
If you switch the tunnel's
routing
fromBGP
toSTATIC
, ensure that the IPSec connection already has at least one valid CIDR static route.
Use the network ip-sec-tunnel update command and required parameters to update the settings for an IPSec tunnel:
oci network ip-sec-tunnel update --ipsc-id ipsec-ocid --tunnel-id tunnel-ocid ... [OPTIONS]
Use the network ip-sec-psk update command and required parameters to update the shared secret (pre-shared key) for the specified tunnel:
oci network ip-sec-psk update --ipsc-id ipsec-ocid --tunnel-id tunnel-ocid ... [OPTIONS]
For a complete list of parameters and values for CLI commands, see the CLI Command Reference.
Run the UpdateIPSecConnectionTunnel operation to update the settings for an IPSec tunnel.
Run the UpdateIPSecConnectionTunnelSharedSecret operation to update the shared secret (pre-shared key) for a specified tunnel.