Docs Home
Juniper Mist v0.2.4 published on Saturday, Mar 1, 2025 by Pulumi
junipermist.device.Gateway
Explore with Pulumi AI
This resource manages the Gateway configuration.
It can be used to define specific configuration at the device level or to override Org Gateway template settings.
WARNING For adopted devices, make sure to set
managed=trueto allow Mist to manage the gateway
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as junipermist from "@pulumi/juniper-mist";
const gatewayOne = new junipermist.device.Gateway("gateway_one", {
name: "gateway_one",
deviceId: clusterOne.deviceId,
siteId: clusterOne.siteId,
oobIpConfig: {
type: "dhcp",
},
dnsServers: ["8.8.8.8"],
additionalConfigCmds: [
"annotate system \" -- custom-main -- Template level --\"",
"delete apply-groups custom-main",
"delete groups custom-main",
"set groups custom-main",
"set groups custom-main system services ssh root-login allow",
"set apply-groups custom-main",
],
});
import pulumi
import pulumi_juniper_mist as junipermist
gateway_one = junipermist.device.Gateway("gateway_one",
name="gateway_one",
device_id=cluster_one["deviceId"],
site_id=cluster_one["siteId"],
oob_ip_config={
"type": "dhcp",
},
dns_servers=["8.8.8.8"],
additional_config_cmds=[
"annotate system \" -- custom-main -- Template level --\"",
"delete apply-groups custom-main",
"delete groups custom-main",
"set groups custom-main",
"set groups custom-main system services ssh root-login allow",
"set apply-groups custom-main",
])
package main
import (
"github.com/pulumi/pulumi-junipermist/sdk/go/junipermist/device"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := device.NewGateway(ctx, "gateway_one", &device.GatewayArgs{
Name: pulumi.String("gateway_one"),
DeviceId: pulumi.Any(clusterOne.DeviceId),
SiteId: pulumi.Any(clusterOne.SiteId),
OobIpConfig: &device.GatewayOobIpConfigArgs{
Type: pulumi.String("dhcp"),
},
DnsServers: pulumi.StringArray{
pulumi.String("8.8.8.8"),
},
AdditionalConfigCmds: pulumi.StringArray{
pulumi.String("annotate system \" -- custom-main -- Template level --\""),
pulumi.String("delete apply-groups custom-main"),
pulumi.String("delete groups custom-main"),
pulumi.String("set groups custom-main"),
pulumi.String("set groups custom-main system services ssh root-login allow"),
pulumi.String("set apply-groups custom-main"),
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using JuniperMist = Pulumi.JuniperMist;
return await Deployment.RunAsync(() =>
{
var gatewayOne = new JuniperMist.Device.Gateway("gateway_one", new()
{
Name = "gateway_one",
DeviceId = clusterOne.DeviceId,
SiteId = clusterOne.SiteId,
OobIpConfig = new JuniperMist.Device.Inputs.GatewayOobIpConfigArgs
{
Type = "dhcp",
},
DnsServers = new[]
{
"8.8.8.8",
},
AdditionalConfigCmds = new[]
{
"annotate system \" -- custom-main -- Template level --\"",
"delete apply-groups custom-main",
"delete groups custom-main",
"set groups custom-main",
"set groups custom-main system services ssh root-login allow",
"set apply-groups custom-main",
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.junipermist.device.Gateway;
import com.pulumi.junipermist.device.GatewayArgs;
import com.pulumi.junipermist.device.inputs.GatewayOobIpConfigArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var gatewayOne = new Gateway("gatewayOne", GatewayArgs.builder()
.name("gateway_one")
.deviceId(clusterOne.deviceId())
.siteId(clusterOne.siteId())
.oobIpConfig(GatewayOobIpConfigArgs.builder()
.type("dhcp")
.build())
.dnsServers("8.8.8.8")
.additionalConfigCmds(
"annotate system \" -- custom-main -- Template level --\"",
"delete apply-groups custom-main",
"delete groups custom-main",
"set groups custom-main",
"set groups custom-main system services ssh root-login allow",
"set apply-groups custom-main")
.build());
}
}
resources:
gatewayOne:
type: junipermist:device:Gateway
name: gateway_one
properties:
name: gateway_one
deviceId: ${clusterOne.deviceId}
siteId: ${clusterOne.siteId}
oobIpConfig:
type: dhcp
dnsServers:
- 8.8.8.8
additionalConfigCmds:
- annotate system " -- custom-main -- Template level --"
- delete apply-groups custom-main
- delete groups custom-main
- set groups custom-main
- set groups custom-main system services ssh root-login allow
- set apply-groups custom-main
Create Gateway Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new Gateway(name: string, args: GatewayArgs, opts?: CustomResourceOptions);@overload
def Gateway(resource_name: str,
args: GatewayArgs,
opts: Optional[ResourceOptions] = None)
@overload
def Gateway(resource_name: str,
opts: Optional[ResourceOptions] = None,
device_id: Optional[str] = None,
site_id: Optional[str] = None,
idp_profiles: Optional[Mapping[str, GatewayIdpProfilesArgs]] = None,
dns_servers: Optional[Sequence[str]] = None,
oob_ip_config: Optional[GatewayOobIpConfigArgs] = None,
dns_suffixes: Optional[Sequence[str]] = None,
extra_routes: Optional[Mapping[str, GatewayExtraRoutesArgs]] = None,
extra_routes6: Optional[Mapping[str, GatewayExtraRoutes6Args]] = None,
additional_config_cmds: Optional[Sequence[str]] = None,
ip_configs: Optional[Mapping[str, GatewayIpConfigsArgs]] = None,
managed: Optional[bool] = None,
map_id: Optional[str] = None,
msp_id: Optional[str] = None,
name: Optional[str] = None,
networks: Optional[Sequence[GatewayNetworkArgs]] = None,
notes: Optional[str] = None,
y: Optional[float] = None,
dhcpd_config: Optional[GatewayDhcpdConfigArgs] = None,
path_preferences: Optional[Mapping[str, GatewayPathPreferencesArgs]] = None,
port_config: Optional[Mapping[str, GatewayPortConfigArgs]] = None,
port_mirroring: Optional[GatewayPortMirroringArgs] = None,
router_id: Optional[str] = None,
routing_policies: Optional[Mapping[str, GatewayRoutingPoliciesArgs]] = None,
service_policies: Optional[Sequence[GatewayServicePolicyArgs]] = None,
bgp_config: Optional[Mapping[str, GatewayBgpConfigArgs]] = None,
tunnel_configs: Optional[Mapping[str, GatewayTunnelConfigsArgs]] = None,
tunnel_provider_options: Optional[GatewayTunnelProviderOptionsArgs] = None,
vars: Optional[Mapping[str, str]] = None,
vrf_config: Optional[GatewayVrfConfigArgs] = None,
vrf_instances: Optional[Mapping[str, GatewayVrfInstancesArgs]] = None,
x: Optional[float] = None,
ntp_servers: Optional[Sequence[str]] = None)func NewGateway(ctx *Context, name string, args GatewayArgs, opts ...ResourceOption) (*Gateway, error)public Gateway(string name, GatewayArgs args, CustomResourceOptions? opts = null)
public Gateway(String name, GatewayArgs args)
public Gateway(String name, GatewayArgs args, CustomResourceOptions options)
type: junipermist:device:Gateway
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args GatewayArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args GatewayArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args GatewayArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args GatewayArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args GatewayArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var gatewayResource = new JuniperMist.Device.Gateway("gatewayResource", new()
{
DeviceId = "string",
SiteId = "string",
IdpProfiles =
{
{ "string", new JuniperMist.Device.Inputs.GatewayIdpProfilesArgs
{
BaseProfile = "string",
Id = "string",
Name = "string",
OrgId = "string",
Overwrites = new[]
{
new JuniperMist.Device.Inputs.GatewayIdpProfilesOverwriteArgs
{
Action = "string",
Matching = new JuniperMist.Device.Inputs.GatewayIdpProfilesOverwriteMatchingArgs
{
AttackNames = new[]
{
"string",
},
DstSubnets = new[]
{
"string",
},
Severities = new[]
{
"string",
},
},
Name = "string",
},
},
} },
},
DnsServers = new[]
{
"string",
},
OobIpConfig = new JuniperMist.Device.Inputs.GatewayOobIpConfigArgs
{
Gateway = "string",
Ip = "string",
Netmask = "string",
Node1 = new JuniperMist.Device.Inputs.GatewayOobIpConfigNode1Args
{
Gateway = "string",
Ip = "string",
Netmask = "string",
Type = "string",
UseMgmtVrf = false,
UseMgmtVrfForHostOut = false,
VlanId = "string",
},
Type = "string",
UseMgmtVrf = false,
UseMgmtVrfForHostOut = false,
VlanId = "string",
},
DnsSuffixes = new[]
{
"string",
},
ExtraRoutes =
{
{ "string", new JuniperMist.Device.Inputs.GatewayExtraRoutesArgs
{
Via = "string",
} },
},
ExtraRoutes6 =
{
{ "string", new JuniperMist.Device.Inputs.GatewayExtraRoutes6Args
{
Via = "string",
} },
},
AdditionalConfigCmds = new[]
{
"string",
},
IpConfigs =
{
{ "string", new JuniperMist.Device.Inputs.GatewayIpConfigsArgs
{
Ip = "string",
Netmask = "string",
SecondaryIps = new[]
{
"string",
},
Type = "string",
} },
},
Managed = false,
MapId = "string",
MspId = "string",
Name = "string",
Networks = new[]
{
new JuniperMist.Device.Inputs.GatewayNetworkArgs
{
Name = "string",
Subnet = "string",
InternalAccess = new JuniperMist.Device.Inputs.GatewayNetworkInternalAccessArgs
{
Enabled = false,
},
DisallowMistServices = false,
InternetAccess = new JuniperMist.Device.Inputs.GatewayNetworkInternetAccessArgs
{
CreateSimpleServicePolicy = false,
DestinationNat =
{
{ "string", new JuniperMist.Device.Inputs.GatewayNetworkInternetAccessDestinationNatArgs
{
InternalIp = "string",
Name = "string",
Port = "string",
WanName = "string",
} },
},
Enabled = false,
Restricted = false,
StaticNat =
{
{ "string", new JuniperMist.Device.Inputs.GatewayNetworkInternetAccessStaticNatArgs
{
InternalIp = "string",
Name = "string",
WanName = "string",
} },
},
},
Isolation = false,
Multicast = new JuniperMist.Device.Inputs.GatewayNetworkMulticastArgs
{
DisableIgmp = false,
Enabled = false,
Groups =
{
{ "string", new JuniperMist.Device.Inputs.GatewayNetworkMulticastGroupsArgs
{
RpIp = "string",
} },
},
},
Gateway6 = "string",
RoutedForNetworks = new[]
{
"string",
},
Gateway = "string",
Subnet6 = "string",
Tenants =
{
{ "string", new JuniperMist.Device.Inputs.GatewayNetworkTenantsArgs
{
Addresses = new[]
{
"string",
},
} },
},
VlanId = "string",
VpnAccess =
{
{ "string", new JuniperMist.Device.Inputs.GatewayNetworkVpnAccessArgs
{
AdvertisedSubnet = "string",
AllowPing = false,
DestinationNat =
{
{ "string", new JuniperMist.Device.Inputs.GatewayNetworkVpnAccessDestinationNatArgs
{
InternalIp = "string",
Name = "string",
Port = "string",
} },
},
NatPool = "string",
NoReadvertiseToLanBgp = false,
NoReadvertiseToLanOspf = false,
NoReadvertiseToOverlay = false,
OtherVrfs = new[]
{
"string",
},
Routed = false,
SourceNat = new JuniperMist.Device.Inputs.GatewayNetworkVpnAccessSourceNatArgs
{
ExternalIp = "string",
},
StaticNat =
{
{ "string", new JuniperMist.Device.Inputs.GatewayNetworkVpnAccessStaticNatArgs
{
InternalIp = "string",
Name = "string",
} },
},
SummarizedSubnet = "string",
SummarizedSubnetToLanBgp = "string",
SummarizedSubnetToLanOspf = "string",
} },
},
},
},
Notes = "string",
Y = 0,
DhcpdConfig = new JuniperMist.Device.Inputs.GatewayDhcpdConfigArgs
{
Config =
{
{ "string", new JuniperMist.Device.Inputs.GatewayDhcpdConfigConfigArgs
{
DnsServers = new[]
{
"string",
},
DnsSuffixes = new[]
{
"string",
},
FixedBindings =
{
{ "string", new JuniperMist.Device.Inputs.GatewayDhcpdConfigConfigFixedBindingsArgs
{
Ip = "string",
Name = "string",
} },
},
Gateway = "string",
IpEnd = "string",
IpEnd6 = "string",
IpStart = "string",
IpStart6 = "string",
LeaseTime = 0,
Options =
{
{ "string", new JuniperMist.Device.Inputs.GatewayDhcpdConfigConfigOptionsArgs
{
Type = "string",
Value = "string",
} },
},
ServerIdOverride = false,
Servers = new[]
{
"string",
},
Servers6s = new[]
{
"string",
},
Type = "string",
Type6 = "string",
VendorEncapsulated =
{
{ "string", new JuniperMist.Device.Inputs.GatewayDhcpdConfigConfigVendorEncapsulatedArgs
{
Type = "string",
Value = "string",
} },
},
} },
},
Enabled = false,
},
PathPreferences =
{
{ "string", new JuniperMist.Device.Inputs.GatewayPathPreferencesArgs
{
Paths = new[]
{
new JuniperMist.Device.Inputs.GatewayPathPreferencesPathArgs
{
Cost = 0,
Disabled = false,
GatewayIp = "string",
InternetAccess = false,
Name = "string",
Networks = new[]
{
"string",
},
TargetIps = new[]
{
"string",
},
Type = "string",
WanName = "string",
},
},
Strategy = "string",
} },
},
PortConfig =
{
{ "string", new JuniperMist.Device.Inputs.GatewayPortConfigArgs
{
Usage = "string",
Networks = new[]
{
"string",
},
DslType = "string",
PortNetwork = "string",
Critical = false,
Description = "string",
DisableAutoneg = false,
Disabled = false,
PoeDisabled = false,
DslVci = 0,
DslVpi = 0,
Duplex = "string",
IpConfig = new JuniperMist.Device.Inputs.GatewayPortConfigIpConfigArgs
{
Dns = new[]
{
"string",
},
DnsSuffixes = new[]
{
"string",
},
Gateway = "string",
Ip = "string",
Netmask = "string",
Network = "string",
PoserPassword = "string",
PppoeAuth = "string",
PppoeUsername = "string",
Type = "string",
},
OuterVlanId = 0,
LteAuth = "string",
LteBackup = false,
LtePassword = "string",
LteUsername = "string",
Mtu = 0,
Name = "string",
AeDisableLacp = false,
LteApn = "string",
AeLacpForceUp = false,
Aggregated = false,
PreserveDscp = false,
Redundant = false,
RethIdx = 0,
RethNode = "string",
RethNodes = new[]
{
"string",
},
Speed = "string",
SsrNoVirtualMac = false,
SvrPortRange = "string",
TrafficShaping = new JuniperMist.Device.Inputs.GatewayPortConfigTrafficShapingArgs
{
ClassPercentages = new[]
{
0,
},
Enabled = false,
MaxTxKbps = 0,
},
AeIdx = "string",
VlanId = "string",
VpnPaths =
{
{ "string", new JuniperMist.Device.Inputs.GatewayPortConfigVpnPathsArgs
{
BfdProfile = "string",
BfdUseTunnelMode = false,
LinkName = "string",
Preference = 0,
Role = "string",
TrafficShaping = new JuniperMist.Device.Inputs.GatewayPortConfigVpnPathsTrafficShapingArgs
{
ClassPercentages = new[]
{
0,
},
Enabled = false,
MaxTxKbps = 0,
},
} },
},
WanArpPolicer = "string",
WanExtIp = "string",
WanExtraRoutes =
{
{ "string", new JuniperMist.Device.Inputs.GatewayPortConfigWanExtraRoutesArgs
{
Via = "string",
} },
},
WanNetworks = new[]
{
"string",
},
WanProbeOverride = new JuniperMist.Device.Inputs.GatewayPortConfigWanProbeOverrideArgs
{
Ips = new[]
{
"string",
},
ProbeProfile = "string",
},
WanSourceNat = new JuniperMist.Device.Inputs.GatewayPortConfigWanSourceNatArgs
{
Disabled = false,
NatPool = "string",
},
WanType = "string",
} },
},
PortMirroring = new JuniperMist.Device.Inputs.GatewayPortMirroringArgs
{
PortMirror = new JuniperMist.Device.Inputs.GatewayPortMirroringPortMirrorArgs
{
FamilyType = "string",
IngressPortIds = new[]
{
"string",
},
OutputPortId = "string",
Rate = 0,
RunLength = 0,
},
},
RouterId = "string",
RoutingPolicies =
{
{ "string", new JuniperMist.Device.Inputs.GatewayRoutingPoliciesArgs
{
Terms = new[]
{
new JuniperMist.Device.Inputs.GatewayRoutingPoliciesTermArgs
{
Action = new JuniperMist.Device.Inputs.GatewayRoutingPoliciesTermActionArgs
{
Accept = false,
AddCommunities = new[]
{
"string",
},
AddTargetVrfs = new[]
{
"string",
},
Aggregates = new[]
{
"string",
},
Communities = new[]
{
"string",
},
ExcludeAsPaths = new[]
{
"string",
},
ExcludeCommunities = new[]
{
"string",
},
ExportCommunitites = new[]
{
"string",
},
LocalPreference = "string",
PrependAsPaths = new[]
{
"string",
},
},
Matching = new JuniperMist.Device.Inputs.GatewayRoutingPoliciesTermMatchingArgs
{
AsPaths = new[]
{
"string",
},
Communities = new[]
{
"string",
},
Networks = new[]
{
"string",
},
Prefixes = new[]
{
"string",
},
Protocols = new[]
{
"string",
},
RouteExists = new JuniperMist.Device.Inputs.GatewayRoutingPoliciesTermMatchingRouteExistsArgs
{
Route = "string",
VrfName = "string",
},
VpnNeighborMacs = new[]
{
"string",
},
VpnPathSla = new JuniperMist.Device.Inputs.GatewayRoutingPoliciesTermMatchingVpnPathSlaArgs
{
MaxJitter = 0,
MaxLatency = 0,
MaxLoss = 0,
},
VpnPaths = new[]
{
"string",
},
},
},
},
} },
},
ServicePolicies = new[]
{
new JuniperMist.Device.Inputs.GatewayServicePolicyArgs
{
Action = "string",
Antivirus = new JuniperMist.Device.Inputs.GatewayServicePolicyAntivirusArgs
{
AvprofileId = "string",
Enabled = false,
Profile = "string",
},
Appqoe = new JuniperMist.Device.Inputs.GatewayServicePolicyAppqoeArgs
{
Enabled = false,
},
Ewfs = new[]
{
new JuniperMist.Device.Inputs.GatewayServicePolicyEwfArgs
{
AlertOnly = false,
BlockMessage = "string",
Enabled = false,
Profile = "string",
},
},
Idp = new JuniperMist.Device.Inputs.GatewayServicePolicyIdpArgs
{
AlertOnly = false,
Enabled = false,
IdpprofileId = "string",
Profile = "string",
},
LocalRouting = false,
Name = "string",
PathPreference = "string",
ServicepolicyId = "string",
Services = new[]
{
"string",
},
SslProxy = new JuniperMist.Device.Inputs.GatewayServicePolicySslProxyArgs
{
CiphersCategory = "string",
Enabled = false,
},
Tenants = new[]
{
"string",
},
},
},
BgpConfig =
{
{ "string", new JuniperMist.Device.Inputs.GatewayBgpConfigArgs
{
AuthKey = "string",
BfdMinimumInterval = 0,
BfdMultiplier = 0,
DisableBfd = false,
Export = "string",
ExportPolicy = "string",
ExtendedV4Nexthop = false,
GracefulRestartTime = 0,
HoldTime = 0,
Import = "string",
ImportPolicy = "string",
LocalAs = 0,
NeighborAs = 0,
Neighbors =
{
{ "string", new JuniperMist.Device.Inputs.GatewayBgpConfigNeighborsArgs
{
Disabled = false,
ExportPolicy = "string",
HoldTime = 0,
ImportPolicy = "string",
MultihopTtl = 0,
NeighborAs = 0,
} },
},
Networks = new[]
{
"string",
},
NoReadvertiseToOverlay = false,
TunnelName = "string",
Type = "string",
Via = "string",
VpnName = "string",
WanName = "string",
} },
},
TunnelConfigs =
{
{ "string", new JuniperMist.Device.Inputs.GatewayTunnelConfigsArgs
{
AutoProvision = new JuniperMist.Device.Inputs.GatewayTunnelConfigsAutoProvisionArgs
{
Provider = "string",
Enable = false,
Latlng = new JuniperMist.Device.Inputs.GatewayTunnelConfigsAutoProvisionLatlngArgs
{
Lat = 0,
Lng = 0,
},
Primary = new JuniperMist.Device.Inputs.GatewayTunnelConfigsAutoProvisionPrimaryArgs
{
ProbeIps = new[]
{
"string",
},
WanNames = new[]
{
"string",
},
},
Region = "string",
Secondary = new JuniperMist.Device.Inputs.GatewayTunnelConfigsAutoProvisionSecondaryArgs
{
ProbeIps = new[]
{
"string",
},
WanNames = new[]
{
"string",
},
},
},
IkeLifetime = 0,
IkeMode = "string",
IkeProposals = new[]
{
new JuniperMist.Device.Inputs.GatewayTunnelConfigsIkeProposalArgs
{
AuthAlgo = "string",
DhGroup = "string",
EncAlgo = "string",
},
},
IpsecLifetime = 0,
IpsecProposals = new[]
{
new JuniperMist.Device.Inputs.GatewayTunnelConfigsIpsecProposalArgs
{
AuthAlgo = "string",
DhGroup = "string",
EncAlgo = "string",
},
},
LocalId = "string",
Mode = "string",
Networks = new[]
{
"string",
},
Primary = new JuniperMist.Device.Inputs.GatewayTunnelConfigsPrimaryArgs
{
Hosts = new[]
{
"string",
},
WanNames = new[]
{
"string",
},
InternalIps = new[]
{
"string",
},
ProbeIps = new[]
{
"string",
},
RemoteIds = new[]
{
"string",
},
},
Probe = new JuniperMist.Device.Inputs.GatewayTunnelConfigsProbeArgs
{
Interval = 0,
Threshold = 0,
Timeout = 0,
Type = "string",
},
Protocol = "string",
Provider = "string",
Psk = "string",
Secondary = new JuniperMist.Device.Inputs.GatewayTunnelConfigsSecondaryArgs
{
Hosts = new[]
{
"string",
},
WanNames = new[]
{
"string",
},
InternalIps = new[]
{
"string",
},
ProbeIps = new[]
{
"string",
},
RemoteIds = new[]
{
"string",
},
},
Version = "string",
} },
},
TunnelProviderOptions = new JuniperMist.Device.Inputs.GatewayTunnelProviderOptionsArgs
{
Jse = new JuniperMist.Device.Inputs.GatewayTunnelProviderOptionsJseArgs
{
NumUsers = 0,
OrgName = "string",
},
Zscaler = new JuniperMist.Device.Inputs.GatewayTunnelProviderOptionsZscalerArgs
{
AupBlockInternetUntilAccepted = false,
AupEnabled = false,
AupForceSslInspection = false,
AupTimeoutInDays = 0,
AuthRequired = false,
CautionEnabled = false,
DnBandwidth = 0,
IdleTimeInMinutes = 0,
OfwEnabled = false,
SubLocations = new[]
{
new JuniperMist.Device.Inputs.GatewayTunnelProviderOptionsZscalerSubLocationArgs
{
AupBlockInternetUntilAccepted = false,
AupEnabled = false,
AupForceSslInspection = false,
AupTimeoutInDays = 0,
AuthRequired = false,
CautionEnabled = false,
DnBandwidth = 0,
IdleTimeInMinutes = 0,
Name = "string",
OfwEnabled = false,
SurrogateIp = false,
SurrogateIpEnforcedForKnownBrowsers = false,
SurrogateRefreshTimeInMinutes = 0,
UpBandwidth = 0,
},
},
SurrogateIp = false,
SurrogateIpEnforcedForKnownBrowsers = false,
SurrogateRefreshTimeInMinutes = 0,
UpBandwidth = 0,
XffForwardEnabled = false,
},
},
Vars =
{
{ "string", "string" },
},
VrfConfig = new JuniperMist.Device.Inputs.GatewayVrfConfigArgs
{
Enabled = false,
},
VrfInstances =
{
{ "string", new JuniperMist.Device.Inputs.GatewayVrfInstancesArgs
{
Networks = new[]
{
"string",
},
} },
},
X = 0,
NtpServers = new[]
{
"string",
},
});
example, err := device.NewGateway(ctx, "gatewayResource", &device.GatewayArgs{
DeviceId: pulumi.String("string"),
SiteId: pulumi.String("string"),
IdpProfiles: device.GatewayIdpProfilesMap{
"string": &device.GatewayIdpProfilesArgs{
BaseProfile: pulumi.String("string"),
Id: pulumi.String("string"),
Name: pulumi.String("string"),
OrgId: pulumi.String("string"),
Overwrites: device.GatewayIdpProfilesOverwriteArray{
&device.GatewayIdpProfilesOverwriteArgs{
Action: pulumi.String("string"),
Matching: &device.GatewayIdpProfilesOverwriteMatchingArgs{
AttackNames: pulumi.StringArray{
pulumi.String("string"),
},
DstSubnets: pulumi.StringArray{
pulumi.String("string"),
},
Severities: pulumi.StringArray{
pulumi.String("string"),
},
},
Name: pulumi.String("string"),
},
},
},
},
DnsServers: pulumi.StringArray{
pulumi.String("string"),
},
OobIpConfig: &device.GatewayOobIpConfigArgs{
Gateway: pulumi.String("string"),
Ip: pulumi.String("string"),
Netmask: pulumi.String("string"),
Node1: &device.GatewayOobIpConfigNode1Args{
Gateway: pulumi.String("string"),
Ip: pulumi.String("string"),
Netmask: pulumi.String("string"),
Type: pulumi.String("string"),
UseMgmtVrf: pulumi.Bool(false),
UseMgmtVrfForHostOut: pulumi.Bool(false),
VlanId: pulumi.String("string"),
},
Type: pulumi.String("string"),
UseMgmtVrf: pulumi.Bool(false),
UseMgmtVrfForHostOut: pulumi.Bool(false),
VlanId: pulumi.String("string"),
},
DnsSuffixes: pulumi.StringArray{
pulumi.String("string"),
},
ExtraRoutes: device.GatewayExtraRoutesMap{
"string": &device.GatewayExtraRoutesArgs{
Via: pulumi.String("string"),
},
},
ExtraRoutes6: device.GatewayExtraRoutes6Map{
"string": &device.GatewayExtraRoutes6Args{
Via: pulumi.String("string"),
},
},
AdditionalConfigCmds: pulumi.StringArray{
pulumi.String("string"),
},
IpConfigs: device.GatewayIpConfigsMap{
"string": &device.GatewayIpConfigsArgs{
Ip: pulumi.String("string"),
Netmask: pulumi.String("string"),
SecondaryIps: pulumi.StringArray{
pulumi.String("string"),
},
Type: pulumi.String("string"),
},
},
Managed: pulumi.Bool(false),
MapId: pulumi.String("string"),
MspId: pulumi.String("string"),
Name: pulumi.String("string"),
Networks: device.GatewayNetworkArray{
&device.GatewayNetworkArgs{
Name: pulumi.String("string"),
Subnet: pulumi.String("string"),
InternalAccess: &device.GatewayNetworkInternalAccessArgs{
Enabled: pulumi.Bool(false),
},
DisallowMistServices: pulumi.Bool(false),
InternetAccess: &device.GatewayNetworkInternetAccessArgs{
CreateSimpleServicePolicy: pulumi.Bool(false),
DestinationNat: device.GatewayNetworkInternetAccessDestinationNatMap{
"string": &device.GatewayNetworkInternetAccessDestinationNatArgs{
InternalIp: pulumi.String("string"),
Name: pulumi.String("string"),
Port: pulumi.String("string"),
WanName: pulumi.String("string"),
},
},
Enabled: pulumi.Bool(false),
Restricted: pulumi.Bool(false),
StaticNat: device.GatewayNetworkInternetAccessStaticNatMap{
"string": &device.GatewayNetworkInternetAccessStaticNatArgs{
InternalIp: pulumi.String("string"),
Name: pulumi.String("string"),
WanName: pulumi.String("string"),
},
},
},
Isolation: pulumi.Bool(false),
Multicast: &device.GatewayNetworkMulticastArgs{
DisableIgmp: pulumi.Bool(false),
Enabled: pulumi.Bool(false),
Groups: device.GatewayNetworkMulticastGroupsMap{
"string": &device.GatewayNetworkMulticastGroupsArgs{
RpIp: pulumi.String("string"),
},
},
},
Gateway6: pulumi.String("string"),
RoutedForNetworks: pulumi.StringArray{
pulumi.String("string"),
},
Gateway: pulumi.String("string"),
Subnet6: pulumi.String("string"),
Tenants: device.GatewayNetworkTenantsMap{
"string": &device.GatewayNetworkTenantsArgs{
Addresses: pulumi.StringArray{
pulumi.String("string"),
},
},
},
VlanId: pulumi.String("string"),
VpnAccess: device.GatewayNetworkVpnAccessMap{
"string": &device.GatewayNetworkVpnAccessArgs{
AdvertisedSubnet: pulumi.String("string"),
AllowPing: pulumi.Bool(false),
DestinationNat: device.GatewayNetworkVpnAccessDestinationNatMap{
"string": &device.GatewayNetworkVpnAccessDestinationNatArgs{
InternalIp: pulumi.String("string"),
Name: pulumi.String("string"),
Port: pulumi.String("string"),
},
},
NatPool: pulumi.String("string"),
NoReadvertiseToLanBgp: pulumi.Bool(false),
NoReadvertiseToLanOspf: pulumi.Bool(false),
NoReadvertiseToOverlay: pulumi.Bool(false),
OtherVrfs: pulumi.StringArray{
pulumi.String("string"),
},
Routed: pulumi.Bool(false),
SourceNat: &device.GatewayNetworkVpnAccessSourceNatArgs{
ExternalIp: pulumi.String("string"),
},
StaticNat: device.GatewayNetworkVpnAccessStaticNatMap{
"string": &device.GatewayNetworkVpnAccessStaticNatArgs{
InternalIp: pulumi.String("string"),
Name: pulumi.String("string"),
},
},
SummarizedSubnet: pulumi.String("string"),
SummarizedSubnetToLanBgp: pulumi.String("string"),
SummarizedSubnetToLanOspf: pulumi.String("string"),
},
},
},
},
Notes: pulumi.String("string"),
Y: pulumi.Float64(0),
DhcpdConfig: &device.GatewayDhcpdConfigArgs{
Config: device.GatewayDhcpdConfigConfigMap{
"string": &device.GatewayDhcpdConfigConfigArgs{
DnsServers: pulumi.StringArray{
pulumi.String("string"),
},
DnsSuffixes: pulumi.StringArray{
pulumi.String("string"),
},
FixedBindings: device.GatewayDhcpdConfigConfigFixedBindingsMap{
"string": &device.GatewayDhcpdConfigConfigFixedBindingsArgs{
Ip: pulumi.String("string"),
Name: pulumi.String("string"),
},
},
Gateway: pulumi.String("string"),
IpEnd: pulumi.String("string"),
IpEnd6: pulumi.String("string"),
IpStart: pulumi.String("string"),
IpStart6: pulumi.String("string"),
LeaseTime: pulumi.Int(0),
Options: device.GatewayDhcpdConfigConfigOptionsMap{
"string": &device.GatewayDhcpdConfigConfigOptionsArgs{
Type: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
ServerIdOverride: pulumi.Bool(false),
Servers: pulumi.StringArray{
pulumi.String("string"),
},
Servers6s: pulumi.StringArray{
pulumi.String("string"),
},
Type: pulumi.String("string"),
Type6: pulumi.String("string"),
VendorEncapsulated: device.GatewayDhcpdConfigConfigVendorEncapsulatedMap{
"string": &device.GatewayDhcpdConfigConfigVendorEncapsulatedArgs{
Type: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
},
},
Enabled: pulumi.Bool(false),
},
PathPreferences: device.GatewayPathPreferencesMap{
"string": &device.GatewayPathPreferencesArgs{
Paths: device.GatewayPathPreferencesPathArray{
&device.GatewayPathPreferencesPathArgs{
Cost: pulumi.Int(0),
Disabled: pulumi.Bool(false),
GatewayIp: pulumi.String("string"),
InternetAccess: pulumi.Bool(false),
Name: pulumi.String("string"),
Networks: pulumi.StringArray{
pulumi.String("string"),
},
TargetIps: pulumi.StringArray{
pulumi.String("string"),
},
Type: pulumi.String("string"),
WanName: pulumi.String("string"),
},
},
Strategy: pulumi.String("string"),
},
},
PortConfig: device.GatewayPortConfigMap{
"string": &device.GatewayPortConfigArgs{
Usage: pulumi.String("string"),
Networks: pulumi.StringArray{
pulumi.String("string"),
},
DslType: pulumi.String("string"),
PortNetwork: pulumi.String("string"),
Critical: pulumi.Bool(false),
Description: pulumi.String("string"),
DisableAutoneg: pulumi.Bool(false),
Disabled: pulumi.Bool(false),
PoeDisabled: pulumi.Bool(false),
DslVci: pulumi.Int(0),
DslVpi: pulumi.Int(0),
Duplex: pulumi.String("string"),
IpConfig: &device.GatewayPortConfigIpConfigArgs{
Dns: pulumi.StringArray{
pulumi.String("string"),
},
DnsSuffixes: pulumi.StringArray{
pulumi.String("string"),
},
Gateway: pulumi.String("string"),
Ip: pulumi.String("string"),
Netmask: pulumi.String("string"),
Network: pulumi.String("string"),
PoserPassword: pulumi.String("string"),
PppoeAuth: pulumi.String("string"),
PppoeUsername: pulumi.String("string"),
Type: pulumi.String("string"),
},
OuterVlanId: pulumi.Int(0),
LteAuth: pulumi.String("string"),
LteBackup: pulumi.Bool(false),
LtePassword: pulumi.String("string"),
LteUsername: pulumi.String("string"),
Mtu: pulumi.Int(0),
Name: pulumi.String("string"),
AeDisableLacp: pulumi.Bool(false),
LteApn: pulumi.String("string"),
AeLacpForceUp: pulumi.Bool(false),
Aggregated: pulumi.Bool(false),
PreserveDscp: pulumi.Bool(false),
Redundant: pulumi.Bool(false),
RethIdx: pulumi.Int(0),
RethNode: pulumi.String("string"),
RethNodes: pulumi.StringArray{
pulumi.String("string"),
},
Speed: pulumi.String("string"),
SsrNoVirtualMac: pulumi.Bool(false),
SvrPortRange: pulumi.String("string"),
TrafficShaping: &device.GatewayPortConfigTrafficShapingArgs{
ClassPercentages: pulumi.IntArray{
pulumi.Int(0),
},
Enabled: pulumi.Bool(false),
MaxTxKbps: pulumi.Int(0),
},
AeIdx: pulumi.String("string"),
VlanId: pulumi.String("string"),
VpnPaths: device.GatewayPortConfigVpnPathsMap{
"string": &device.GatewayPortConfigVpnPathsArgs{
BfdProfile: pulumi.String("string"),
BfdUseTunnelMode: pulumi.Bool(false),
LinkName: pulumi.String("string"),
Preference: pulumi.Int(0),
Role: pulumi.String("string"),
TrafficShaping: &device.GatewayPortConfigVpnPathsTrafficShapingArgs{
ClassPercentages: pulumi.IntArray{
pulumi.Int(0),
},
Enabled: pulumi.Bool(false),
MaxTxKbps: pulumi.Int(0),
},
},
},
WanArpPolicer: pulumi.String("string"),
WanExtIp: pulumi.String("string"),
WanExtraRoutes: device.GatewayPortConfigWanExtraRoutesMap{
"string": &device.GatewayPortConfigWanExtraRoutesArgs{
Via: pulumi.String("string"),
},
},
WanNetworks: pulumi.StringArray{
pulumi.String("string"),
},
WanProbeOverride: &device.GatewayPortConfigWanProbeOverrideArgs{
Ips: pulumi.StringArray{
pulumi.String("string"),
},
ProbeProfile: pulumi.String("string"),
},
WanSourceNat: &device.GatewayPortConfigWanSourceNatArgs{
Disabled: pulumi.Bool(false),
NatPool: pulumi.String("string"),
},
WanType: pulumi.String("string"),
},
},
PortMirroring: &device.GatewayPortMirroringArgs{
PortMirror: &device.GatewayPortMirroringPortMirrorArgs{
FamilyType: pulumi.String("string"),
IngressPortIds: pulumi.StringArray{
pulumi.String("string"),
},
OutputPortId: pulumi.String("string"),
Rate: pulumi.Int(0),
RunLength: pulumi.Int(0),
},
},
RouterId: pulumi.String("string"),
RoutingPolicies: device.GatewayRoutingPoliciesMap{
"string": &device.GatewayRoutingPoliciesArgs{
Terms: device.GatewayRoutingPoliciesTermArray{
&device.GatewayRoutingPoliciesTermArgs{
Action: &device.GatewayRoutingPoliciesTermActionArgs{
Accept: pulumi.Bool(false),
AddCommunities: pulumi.StringArray{
pulumi.String("string"),
},
AddTargetVrfs: pulumi.StringArray{
pulumi.String("string"),
},
Aggregates: pulumi.StringArray{
pulumi.String("string"),
},
Communities: pulumi.StringArray{
pulumi.String("string"),
},
ExcludeAsPaths: pulumi.StringArray{
pulumi.String("string"),
},
ExcludeCommunities: pulumi.StringArray{
pulumi.String("string"),
},
ExportCommunitites: pulumi.StringArray{
pulumi.String("string"),
},
LocalPreference: pulumi.String("string"),
PrependAsPaths: pulumi.StringArray{
pulumi.String("string"),
},
},
Matching: &device.GatewayRoutingPoliciesTermMatchingArgs{
AsPaths: pulumi.StringArray{
pulumi.String("string"),
},
Communities: pulumi.StringArray{
pulumi.String("string"),
},
Networks: pulumi.StringArray{
pulumi.String("string"),
},
Prefixes: pulumi.StringArray{
pulumi.String("string"),
},
Protocols: pulumi.StringArray{
pulumi.String("string"),
},
RouteExists: &device.GatewayRoutingPoliciesTermMatchingRouteExistsArgs{
Route: pulumi.String("string"),
VrfName: pulumi.String("string"),
},
VpnNeighborMacs: pulumi.StringArray{
pulumi.String("string"),
},
VpnPathSla: &device.GatewayRoutingPoliciesTermMatchingVpnPathSlaArgs{
MaxJitter: pulumi.Int(0),
MaxLatency: pulumi.Int(0),
MaxLoss: pulumi.Int(0),
},
VpnPaths: pulumi.StringArray{
pulumi.String("string"),
},
},
},
},
},
},
ServicePolicies: device.GatewayServicePolicyArray{
&device.GatewayServicePolicyArgs{
Action: pulumi.String("string"),
Antivirus: &device.GatewayServicePolicyAntivirusArgs{
AvprofileId: pulumi.String("string"),
Enabled: pulumi.Bool(false),
Profile: pulumi.String("string"),
},
Appqoe: &device.GatewayServicePolicyAppqoeArgs{
Enabled: pulumi.Bool(false),
},
Ewfs: device.GatewayServicePolicyEwfArray{
&device.GatewayServicePolicyEwfArgs{
AlertOnly: pulumi.Bool(false),
BlockMessage: pulumi.String("string"),
Enabled: pulumi.Bool(false),
Profile: pulumi.String("string"),
},
},
Idp: &device.GatewayServicePolicyIdpArgs{
AlertOnly: pulumi.Bool(false),
Enabled: pulumi.Bool(false),
IdpprofileId: pulumi.String("string"),
Profile: pulumi.String("string"),
},
LocalRouting: pulumi.Bool(false),
Name: pulumi.String("string"),
PathPreference: pulumi.String("string"),
ServicepolicyId: pulumi.String("string"),
Services: pulumi.StringArray{
pulumi.String("string"),
},
SslProxy: &device.GatewayServicePolicySslProxyArgs{
CiphersCategory: pulumi.String("string"),
Enabled: pulumi.Bool(false),
},
Tenants: pulumi.StringArray{
pulumi.String("string"),
},
},
},
BgpConfig: device.GatewayBgpConfigMap{
"string": &device.GatewayBgpConfigArgs{
AuthKey: pulumi.String("string"),
BfdMinimumInterval: pulumi.Int(0),
BfdMultiplier: pulumi.Int(0),
DisableBfd: pulumi.Bool(false),
Export: pulumi.String("string"),
ExportPolicy: pulumi.String("string"),
ExtendedV4Nexthop: pulumi.Bool(false),
GracefulRestartTime: pulumi.Int(0),
HoldTime: pulumi.Int(0),
Import: pulumi.String("string"),
ImportPolicy: pulumi.String("string"),
LocalAs: pulumi.Int(0),
NeighborAs: pulumi.Int(0),
Neighbors: device.GatewayBgpConfigNeighborsMap{
"string": &device.GatewayBgpConfigNeighborsArgs{
Disabled: pulumi.Bool(false),
ExportPolicy: pulumi.String("string"),
HoldTime: pulumi.Int(0),
ImportPolicy: pulumi.String("string"),
MultihopTtl: pulumi.Int(0),
NeighborAs: pulumi.Int(0),
},
},
Networks: pulumi.StringArray{
pulumi.String("string"),
},
NoReadvertiseToOverlay: pulumi.Bool(false),
TunnelName: pulumi.String("string"),
Type: pulumi.String("string"),
Via: pulumi.String("string"),
VpnName: pulumi.String("string"),
WanName: pulumi.String("string"),
},
},
TunnelConfigs: device.GatewayTunnelConfigsMap{
"string": &device.GatewayTunnelConfigsArgs{
AutoProvision: &device.GatewayTunnelConfigsAutoProvisionArgs{
Provider: pulumi.String("string"),
Enable: pulumi.Bool(false),
Latlng: &device.GatewayTunnelConfigsAutoProvisionLatlngArgs{
Lat: pulumi.Float64(0),
Lng: pulumi.Float64(0),
},
Primary: &device.GatewayTunnelConfigsAutoProvisionPrimaryArgs{
ProbeIps: pulumi.StringArray{
pulumi.String("string"),
},
WanNames: pulumi.StringArray{
pulumi.String("string"),
},
},
Region: pulumi.String("string"),
Secondary: &device.GatewayTunnelConfigsAutoProvisionSecondaryArgs{
ProbeIps: pulumi.StringArray{
pulumi.String("string"),
},
WanNames: pulumi.StringArray{
pulumi.String("string"),
},
},
},
IkeLifetime: pulumi.Int(0),
IkeMode: pulumi.String("string"),
IkeProposals: device.GatewayTunnelConfigsIkeProposalArray{
&device.GatewayTunnelConfigsIkeProposalArgs{
AuthAlgo: pulumi.String("string"),
DhGroup: pulumi.String("string"),
EncAlgo: pulumi.String("string"),
},
},
IpsecLifetime: pulumi.Int(0),
IpsecProposals: device.GatewayTunnelConfigsIpsecProposalArray{
&device.GatewayTunnelConfigsIpsecProposalArgs{
AuthAlgo: pulumi.String("string"),
DhGroup: pulumi.String("string"),
EncAlgo: pulumi.String("string"),
},
},
LocalId: pulumi.String("string"),
Mode: pulumi.String("string"),
Networks: pulumi.StringArray{
pulumi.String("string"),
},
Primary: &device.GatewayTunnelConfigsPrimaryArgs{
Hosts: pulumi.StringArray{
pulumi.String("string"),
},
WanNames: pulumi.StringArray{
pulumi.String("string"),
},
InternalIps: pulumi.StringArray{
pulumi.String("string"),
},
ProbeIps: pulumi.StringArray{
pulumi.String("string"),
},
RemoteIds: pulumi.StringArray{
pulumi.String("string"),
},
},
Probe: &device.GatewayTunnelConfigsProbeArgs{
Interval: pulumi.Int(0),
Threshold: pulumi.Int(0),
Timeout: pulumi.Int(0),
Type: pulumi.String("string"),
},
Protocol: pulumi.String("string"),
Provider: pulumi.String("string"),
Psk: pulumi.String("string"),
Secondary: &device.GatewayTunnelConfigsSecondaryArgs{
Hosts: pulumi.StringArray{
pulumi.String("string"),
},
WanNames: pulumi.StringArray{
pulumi.String("string"),
},
InternalIps: pulumi.StringArray{
pulumi.String("string"),
},
ProbeIps: pulumi.StringArray{
pulumi.String("string"),
},
RemoteIds: pulumi.StringArray{
pulumi.String("string"),
},
},
Version: pulumi.String("string"),
},
},
TunnelProviderOptions: &device.GatewayTunnelProviderOptionsArgs{
Jse: &device.GatewayTunnelProviderOptionsJseArgs{
NumUsers: pulumi.Int(0),
OrgName: pulumi.String("string"),
},
Zscaler: &device.GatewayTunnelProviderOptionsZscalerArgs{
AupBlockInternetUntilAccepted: pulumi.Bool(false),
AupEnabled: pulumi.Bool(false),
AupForceSslInspection: pulumi.Bool(false),
AupTimeoutInDays: pulumi.Int(0),
AuthRequired: pulumi.Bool(false),
CautionEnabled: pulumi.Bool(false),
DnBandwidth: pulumi.Float64(0),
IdleTimeInMinutes: pulumi.Int(0),
OfwEnabled: pulumi.Bool(false),
SubLocations: device.GatewayTunnelProviderOptionsZscalerSubLocationArray{
&device.GatewayTunnelProviderOptionsZscalerSubLocationArgs{
AupBlockInternetUntilAccepted: pulumi.Bool(false),
AupEnabled: pulumi.Bool(false),
AupForceSslInspection: pulumi.Bool(false),
AupTimeoutInDays: pulumi.Int(0),
AuthRequired: pulumi.Bool(false),
CautionEnabled: pulumi.Bool(false),
DnBandwidth: pulumi.Float64(0),
IdleTimeInMinutes: pulumi.Int(0),
Name: pulumi.String("string"),
OfwEnabled: pulumi.Bool(false),
SurrogateIp: pulumi.Bool(false),
SurrogateIpEnforcedForKnownBrowsers: pulumi.Bool(false),
SurrogateRefreshTimeInMinutes: pulumi.Int(0),
UpBandwidth: pulumi.Float64(0),
},
},
SurrogateIp: pulumi.Bool(false),
SurrogateIpEnforcedForKnownBrowsers: pulumi.Bool(false),
SurrogateRefreshTimeInMinutes: pulumi.Int(0),
UpBandwidth: pulumi.Float64(0),
XffForwardEnabled: pulumi.Bool(false),
},
},
Vars: pulumi.StringMap{
"string": pulumi.String("string"),
},
VrfConfig: &device.GatewayVrfConfigArgs{
Enabled: pulumi.Bool(false),
},
VrfInstances: device.GatewayVrfInstancesMap{
"string": &device.GatewayVrfInstancesArgs{
Networks: pulumi.StringArray{
pulumi.String("string"),
},
},
},
X: pulumi.Float64(0),
NtpServers: pulumi.StringArray{
pulumi.String("string"),
},
})
var gatewayResource = new Gateway("gatewayResource", GatewayArgs.builder()
.deviceId("string")
.siteId("string")
.idpProfiles(Map.of("string", Map.ofEntries(
Map.entry("baseProfile", "string"),
Map.entry("id", "string"),
Map.entry("name", "string"),
Map.entry("orgId", "string"),
Map.entry("overwrites", Map.ofEntries(
Map.entry("action", "string"),
Map.entry("matching", Map.ofEntries(
Map.entry("attackNames", "string"),
Map.entry("dstSubnets", "string"),
Map.entry("severities", "string")
)),
Map.entry("name", "string")
))
)))
.dnsServers("string")
.oobIpConfig(GatewayOobIpConfigArgs.builder()
.gateway("string")
.ip("string")
.netmask("string")
.node1(GatewayOobIpConfigNode1Args.builder()
.gateway("string")
.ip("string")
.netmask("string")
.type("string")
.useMgmtVrf(false)
.useMgmtVrfForHostOut(false)
.vlanId("string")
.build())
.type("string")
.useMgmtVrf(false)
.useMgmtVrfForHostOut(false)
.vlanId("string")
.build())
.dnsSuffixes("string")
.extraRoutes(Map.of("string", Map.of("via", "string")))
.extraRoutes6(Map.of("string", Map.of("via", "string")))
.additionalConfigCmds("string")
.ipConfigs(Map.of("string", Map.ofEntries(
Map.entry("ip", "string"),
Map.entry("netmask", "string"),
Map.entry("secondaryIps", "string"),
Map.entry("type", "string")
)))
.managed(false)
.mapId("string")
.mspId("string")
.name("string")
.networks(GatewayNetworkArgs.builder()
.name("string")
.subnet("string")
.internalAccess(GatewayNetworkInternalAccessArgs.builder()
.enabled(false)
.build())
.disallowMistServices(false)
.internetAccess(GatewayNetworkInternetAccessArgs.builder()
.createSimpleServicePolicy(false)
.destinationNat(Map.of("string", Map.ofEntries(
Map.entry("internalIp", "string"),
Map.entry("name", "string"),
Map.entry("port", "string"),
Map.entry("wanName", "string")
)))
.enabled(false)
.restricted(false)
.staticNat(Map.of("string", Map.ofEntries(
Map.entry("internalIp", "string"),
Map.entry("name", "string"),
Map.entry("wanName", "string")
)))
.build())
.isolation(false)
.multicast(GatewayNetworkMulticastArgs.builder()
.disableIgmp(false)
.enabled(false)
.groups(Map.of("string", Map.of("rpIp", "string")))
.build())
.gateway6("string")
.routedForNetworks("string")
.gateway("string")
.subnet6("string")
.tenants(Map.of("string", Map.of("addresses", "string")))
.vlanId("string")
.vpnAccess(Map.of("string", Map.ofEntries(
Map.entry("advertisedSubnet", "string"),
Map.entry("allowPing", false),
Map.entry("destinationNat", Map.of("string", Map.ofEntries(
Map.entry("internalIp", "string"),
Map.entry("name", "string"),
Map.entry("port", "string")
))),
Map.entry("natPool", "string"),
Map.entry("noReadvertiseToLanBgp", false),
Map.entry("noReadvertiseToLanOspf", false),
Map.entry("noReadvertiseToOverlay", false),
Map.entry("otherVrfs", "string"),
Map.entry("routed", false),
Map.entry("sourceNat", Map.of("externalIp", "string")),
Map.entry("staticNat", Map.of("string", Map.ofEntries(
Map.entry("internalIp", "string"),
Map.entry("name", "string")
))),
Map.entry("summarizedSubnet", "string"),
Map.entry("summarizedSubnetToLanBgp", "string"),
Map.entry("summarizedSubnetToLanOspf", "string")
)))
.build())
.notes("string")
.y(0)
.dhcpdConfig(GatewayDhcpdConfigArgs.builder()
.config(Map.of("string", Map.ofEntries(
Map.entry("dnsServers", "string"),
Map.entry("dnsSuffixes", "string"),
Map.entry("fixedBindings", Map.of("string", Map.ofEntries(
Map.entry("ip", "string"),
Map.entry("name", "string")
))),
Map.entry("gateway", "string"),
Map.entry("ipEnd", "string"),
Map.entry("ipEnd6", "string"),
Map.entry("ipStart", "string"),
Map.entry("ipStart6", "string"),
Map.entry("leaseTime", 0),
Map.entry("options", Map.of("string", Map.ofEntries(
Map.entry("type", "string"),
Map.entry("value", "string")
))),
Map.entry("serverIdOverride", false),
Map.entry("servers", "string"),
Map.entry("servers6s", "string"),
Map.entry("type", "string"),
Map.entry("type6", "string"),
Map.entry("vendorEncapsulated", Map.of("string", Map.ofEntries(
Map.entry("type", "string"),
Map.entry("value", "string")
)))
)))
.enabled(false)
.build())
.pathPreferences(Map.of("string", Map.ofEntries(
Map.entry("paths", Map.ofEntries(
Map.entry("cost", 0),
Map.entry("disabled", false),
Map.entry("gatewayIp", "string"),
Map.entry("internetAccess", false),
Map.entry("name", "string"),
Map.entry("networks", "string"),
Map.entry("targetIps", "string"),
Map.entry("type", "string"),
Map.entry("wanName", "string")
)),
Map.entry("strategy", "string")
)))
.portConfig(Map.of("string", Map.ofEntries(
Map.entry("usage", "string"),
Map.entry("networks", "string"),
Map.entry("dslType", "string"),
Map.entry("portNetwork", "string"),
Map.entry("critical", false),
Map.entry("description", "string"),
Map.entry("disableAutoneg", false),
Map.entry("disabled", false),
Map.entry("poeDisabled", false),
Map.entry("dslVci", 0),
Map.entry("dslVpi", 0),
Map.entry("duplex", "string"),
Map.entry("ipConfig", Map.ofEntries(
Map.entry("dns", "string"),
Map.entry("dnsSuffixes", "string"),
Map.entry("gateway", "string"),
Map.entry("ip", "string"),
Map.entry("netmask", "string"),
Map.entry("network", "string"),
Map.entry("poserPassword", "string"),
Map.entry("pppoeAuth", "string"),
Map.entry("pppoeUsername", "string"),
Map.entry("type", "string")
)),
Map.entry("outerVlanId", 0),
Map.entry("lteAuth", "string"),
Map.entry("lteBackup", false),
Map.entry("ltePassword", "string"),
Map.entry("lteUsername", "string"),
Map.entry("mtu", 0),
Map.entry("name", "string"),
Map.entry("aeDisableLacp", false),
Map.entry("lteApn", "string"),
Map.entry("aeLacpForceUp", false),
Map.entry("aggregated", false),
Map.entry("preserveDscp", false),
Map.entry("redundant", false),
Map.entry("rethIdx", 0),
Map.entry("rethNode", "string"),
Map.entry("rethNodes", "string"),
Map.entry("speed", "string"),
Map.entry("ssrNoVirtualMac", false),
Map.entry("svrPortRange", "string"),
Map.entry("trafficShaping", Map.ofEntries(
Map.entry("classPercentages", 0),
Map.entry("enabled", false),
Map.entry("maxTxKbps", 0)
)),
Map.entry("aeIdx", "string"),
Map.entry("vlanId", "string"),
Map.entry("vpnPaths", Map.of("string", Map.ofEntries(
Map.entry("bfdProfile", "string"),
Map.entry("bfdUseTunnelMode", false),
Map.entry("linkName", "string"),
Map.entry("preference", 0),
Map.entry("role", "string"),
Map.entry("trafficShaping", Map.ofEntries(
Map.entry("classPercentages", 0),
Map.entry("enabled", false),
Map.entry("maxTxKbps", 0)
))
))),
Map.entry("wanArpPolicer", "string"),
Map.entry("wanExtIp", "string"),
Map.entry("wanExtraRoutes", Map.of("string", Map.of("via", "string"))),
Map.entry("wanNetworks", "string"),
Map.entry("wanProbeOverride", Map.ofEntries(
Map.entry("ips", "string"),
Map.entry("probeProfile", "string")
)),
Map.entry("wanSourceNat", Map.ofEntries(
Map.entry("disabled", false),
Map.entry("natPool", "string")
)),
Map.entry("wanType", "string")
)))
.portMirroring(GatewayPortMirroringArgs.builder()
.portMirror(GatewayPortMirroringPortMirrorArgs.builder()
.familyType("string")
.ingressPortIds("string")
.outputPortId("string")
.rate(0)
.runLength(0)
.build())
.build())
.routerId("string")
.routingPolicies(Map.of("string", Map.of("terms", Map.ofEntries(
Map.entry("action", Map.ofEntries(
Map.entry("accept", false),
Map.entry("addCommunities", "string"),
Map.entry("addTargetVrfs", "string"),
Map.entry("aggregates", "string"),
Map.entry("communities", "string"),
Map.entry("excludeAsPaths", "string"),
Map.entry("excludeCommunities", "string"),
Map.entry("exportCommunitites", "string"),
Map.entry("localPreference", "string"),
Map.entry("prependAsPaths", "string")
)),
Map.entry("matching", Map.ofEntries(
Map.entry("asPaths", "string"),
Map.entry("communities", "string"),
Map.entry("networks", "string"),
Map.entry("prefixes", "string"),
Map.entry("protocols", "string"),
Map.entry("routeExists", Map.ofEntries(
Map.entry("route", "string"),
Map.entry("vrfName", "string")
)),
Map.entry("vpnNeighborMacs", "string"),
Map.entry("vpnPathSla", Map.ofEntries(
Map.entry("maxJitter", 0),
Map.entry("maxLatency", 0),
Map.entry("maxLoss", 0)
)),
Map.entry("vpnPaths", "string")
))
))))
.servicePolicies(GatewayServicePolicyArgs.builder()
.action("string")
.antivirus(GatewayServicePolicyAntivirusArgs.builder()
.avprofileId("string")
.enabled(false)
.profile("string")
.build())
.appqoe(GatewayServicePolicyAppqoeArgs.builder()
.enabled(false)
.build())
.ewfs(GatewayServicePolicyEwfArgs.builder()
.alertOnly(false)
.blockMessage("string")
.enabled(false)
.profile("string")
.build())
.idp(GatewayServicePolicyIdpArgs.builder()
.alertOnly(false)
.enabled(false)
.idpprofileId("string")
.profile("string")
.build())
.localRouting(false)
.name("string")
.pathPreference("string")
.servicepolicyId("string")
.services("string")
.sslProxy(GatewayServicePolicySslProxyArgs.builder()
.ciphersCategory("string")
.enabled(false)
.build())
.tenants("string")
.build())
.bgpConfig(Map.of("string", Map.ofEntries(
Map.entry("authKey", "string"),
Map.entry("bfdMinimumInterval", 0),
Map.entry("bfdMultiplier", 0),
Map.entry("disableBfd", false),
Map.entry("export", "string"),
Map.entry("exportPolicy", "string"),
Map.entry("extendedV4Nexthop", false),
Map.entry("gracefulRestartTime", 0),
Map.entry("holdTime", 0),
Map.entry("import", "string"),
Map.entry("importPolicy", "string"),
Map.entry("localAs", 0),
Map.entry("neighborAs", 0),
Map.entry("neighbors", Map.of("string", Map.ofEntries(
Map.entry("disabled", false),
Map.entry("exportPolicy", "string"),
Map.entry("holdTime", 0),
Map.entry("importPolicy", "string"),
Map.entry("multihopTtl", 0),
Map.entry("neighborAs", 0)
))),
Map.entry("networks", "string"),
Map.entry("noReadvertiseToOverlay", false),
Map.entry("tunnelName", "string"),
Map.entry("type", "string"),
Map.entry("via", "string"),
Map.entry("vpnName", "string"),
Map.entry("wanName", "string")
)))
.tunnelConfigs(Map.of("string", Map.ofEntries(
Map.entry("autoProvision", Map.ofEntries(
Map.entry("provider", "string"),
Map.entry("enable", false),
Map.entry("latlng", Map.ofEntries(
Map.entry("lat", 0),
Map.entry("lng", 0)
)),
Map.entry("primary", Map.ofEntries(
Map.entry("probeIps", "string"),
Map.entry("wanNames", "string")
)),
Map.entry("region", "string"),
Map.entry("secondary", Map.ofEntries(
Map.entry("probeIps", "string"),
Map.entry("wanNames", "string")
))
)),
Map.entry("ikeLifetime", 0),
Map.entry("ikeMode", "string"),
Map.entry("ikeProposals", Map.ofEntries(
Map.entry("authAlgo", "string"),
Map.entry("dhGroup", "string"),
Map.entry("encAlgo", "string")
)),
Map.entry("ipsecLifetime", 0),
Map.entry("ipsecProposals", Map.ofEntries(
Map.entry("authAlgo", "string"),
Map.entry("dhGroup", "string"),
Map.entry("encAlgo", "string")
)),
Map.entry("localId", "string"),
Map.entry("mode", "string"),
Map.entry("networks", "string"),
Map.entry("primary", Map.ofEntries(
Map.entry("hosts", "string"),
Map.entry("wanNames", "string"),
Map.entry("internalIps", "string"),
Map.entry("probeIps", "string"),
Map.entry("remoteIds", "string")
)),
Map.entry("probe", Map.ofEntries(
Map.entry("interval", 0),
Map.entry("threshold", 0),
Map.entry("timeout", 0),
Map.entry("type", "string")
)),
Map.entry("protocol", "string"),
Map.entry("provider", "string"),
Map.entry("psk", "string"),
Map.entry("secondary", Map.ofEntries(
Map.entry("hosts", "string"),
Map.entry("wanNames", "string"),
Map.entry("internalIps", "string"),
Map.entry("probeIps", "string"),
Map.entry("remoteIds", "string")
)),
Map.entry("version", "string")
)))
.tunnelProviderOptions(GatewayTunnelProviderOptionsArgs.builder()
.jse(GatewayTunnelProviderOptionsJseArgs.builder()
.numUsers(0)
.orgName("string")
.build())
.zscaler(GatewayTunnelProviderOptionsZscalerArgs.builder()
.aupBlockInternetUntilAccepted(false)
.aupEnabled(false)
.aupForceSslInspection(false)
.aupTimeoutInDays(0)
.authRequired(false)
.cautionEnabled(false)
.dnBandwidth(0)
.idleTimeInMinutes(0)
.ofwEnabled(false)
.subLocations(GatewayTunnelProviderOptionsZscalerSubLocationArgs.builder()
.aupBlockInternetUntilAccepted(false)
.aupEnabled(false)
.aupForceSslInspection(false)
.aupTimeoutInDays(0)
.authRequired(false)
.cautionEnabled(false)
.dnBandwidth(0)
.idleTimeInMinutes(0)
.name("string")
.ofwEnabled(false)
.surrogateIp(false)
.surrogateIpEnforcedForKnownBrowsers(false)
.surrogateRefreshTimeInMinutes(0)
.upBandwidth(0)
.build())
.surrogateIp(false)
.surrogateIpEnforcedForKnownBrowsers(false)
.surrogateRefreshTimeInMinutes(0)
.upBandwidth(0)
.xffForwardEnabled(false)
.build())
.build())
.vars(Map.of("string", "string"))
.vrfConfig(GatewayVrfConfigArgs.builder()
.enabled(false)
.build())
.vrfInstances(Map.of("string", Map.of("networks", "string")))
.x(0)
.ntpServers("string")
.build());
gateway_resource = junipermist.device.Gateway("gatewayResource",
device_id="string",
site_id="string",
idp_profiles={
"string": {
"base_profile": "string",
"id": "string",
"name": "string",
"org_id": "string",
"overwrites": [{
"action": "string",
"matching": {
"attack_names": ["string"],
"dst_subnets": ["string"],
"severities": ["string"],
},
"name": "string",
}],
},
},
dns_servers=["string"],
oob_ip_config={
"gateway": "string",
"ip": "string",
"netmask": "string",
"node1": {
"gateway": "string",
"ip": "string",
"netmask": "string",
"type": "string",
"use_mgmt_vrf": False,
"use_mgmt_vrf_for_host_out": False,
"vlan_id": "string",
},
"type": "string",
"use_mgmt_vrf": False,
"use_mgmt_vrf_for_host_out": False,
"vlan_id": "string",
},
dns_suffixes=["string"],
extra_routes={
"string": {
"via": "string",
},
},
extra_routes6={
"string": {
"via": "string",
},
},
additional_config_cmds=["string"],
ip_configs={
"string": {
"ip": "string",
"netmask": "string",
"secondary_ips": ["string"],
"type": "string",
},
},
managed=False,
map_id="string",
msp_id="string",
name="string",
networks=[{
"name": "string",
"subnet": "string",
"internal_access": {
"enabled": False,
},
"disallow_mist_services": False,
"internet_access": {
"create_simple_service_policy": False,
"destination_nat": {
"string": {
"internal_ip": "string",
"name": "string",
"port": "string",
"wan_name": "string",
},
},
"enabled": False,
"restricted": False,
"static_nat": {
"string": {
"internal_ip": "string",
"name": "string",
"wan_name": "string",
},
},
},
"isolation": False,
"multicast": {
"disable_igmp": False,
"enabled": False,
"groups": {
"string": {
"rp_ip": "string",
},
},
},
"gateway6": "string",
"routed_for_networks": ["string"],
"gateway": "string",
"subnet6": "string",
"tenants": {
"string": {
"addresses": ["string"],
},
},
"vlan_id": "string",
"vpn_access": {
"string": {
"advertised_subnet": "string",
"allow_ping": False,
"destination_nat": {
"string": {
"internal_ip": "string",
"name": "string",
"port": "string",
},
},
"nat_pool": "string",
"no_readvertise_to_lan_bgp": False,
"no_readvertise_to_lan_ospf": False,
"no_readvertise_to_overlay": False,
"other_vrfs": ["string"],
"routed": False,
"source_nat": {
"external_ip": "string",
},
"static_nat": {
"string": {
"internal_ip": "string",
"name": "string",
},
},
"summarized_subnet": "string",
"summarized_subnet_to_lan_bgp": "string",
"summarized_subnet_to_lan_ospf": "string",
},
},
}],
notes="string",
y=0,
dhcpd_config={
"config": {
"string": {
"dns_servers": ["string"],
"dns_suffixes": ["string"],
"fixed_bindings": {
"string": {
"ip": "string",
"name": "string",
},
},
"gateway": "string",
"ip_end": "string",
"ip_end6": "string",
"ip_start": "string",
"ip_start6": "string",
"lease_time": 0,
"options": {
"string": {
"type": "string",
"value": "string",
},
},
"server_id_override": False,
"servers": ["string"],
"servers6s": ["string"],
"type": "string",
"type6": "string",
"vendor_encapsulated": {
"string": {
"type": "string",
"value": "string",
},
},
},
},
"enabled": False,
},
path_preferences={
"string": {
"paths": [{
"cost": 0,
"disabled": False,
"gateway_ip": "string",
"internet_access": False,
"name": "string",
"networks": ["string"],
"target_ips": ["string"],
"type": "string",
"wan_name": "string",
}],
"strategy": "string",
},
},
port_config={
"string": {
"usage": "string",
"networks": ["string"],
"dsl_type": "string",
"port_network": "string",
"critical": False,
"description": "string",
"disable_autoneg": False,
"disabled": False,
"poe_disabled": False,
"dsl_vci": 0,
"dsl_vpi": 0,
"duplex": "string",
"ip_config": {
"dns": ["string"],
"dns_suffixes": ["string"],
"gateway": "string",
"ip": "string",
"netmask": "string",
"network": "string",
"poser_password": "string",
"pppoe_auth": "string",
"pppoe_username": "string",
"type": "string",
},
"outer_vlan_id": 0,
"lte_auth": "string",
"lte_backup": False,
"lte_password": "string",
"lte_username": "string",
"mtu": 0,
"name": "string",
"ae_disable_lacp": False,
"lte_apn": "string",
"ae_lacp_force_up": False,
"aggregated": False,
"preserve_dscp": False,
"redundant": False,
"reth_idx": 0,
"reth_node": "string",
"reth_nodes": ["string"],
"speed": "string",
"ssr_no_virtual_mac": False,
"svr_port_range": "string",
"traffic_shaping": {
"class_percentages": [0],
"enabled": False,
"max_tx_kbps": 0,
},
"ae_idx": "string",
"vlan_id": "string",
"vpn_paths": {
"string": {
"bfd_profile": "string",
"bfd_use_tunnel_mode": False,
"link_name": "string",
"preference": 0,
"role": "string",
"traffic_shaping": {
"class_percentages": [0],
"enabled": False,
"max_tx_kbps": 0,
},
},
},
"wan_arp_policer": "string",
"wan_ext_ip": "string",
"wan_extra_routes": {
"string": {
"via": "string",
},
},
"wan_networks": ["string"],
"wan_probe_override": {
"ips": ["string"],
"probe_profile": "string",
},
"wan_source_nat": {
"disabled": False,
"nat_pool": "string",
},
"wan_type": "string",
},
},
port_mirroring={
"port_mirror": {
"family_type": "string",
"ingress_port_ids": ["string"],
"output_port_id": "string",
"rate": 0,
"run_length": 0,
},
},
router_id="string",
routing_policies={
"string": {
"terms": [{
"action": {
"accept": False,
"add_communities": ["string"],
"add_target_vrfs": ["string"],
"aggregates": ["string"],
"communities": ["string"],
"exclude_as_paths": ["string"],
"exclude_communities": ["string"],
"export_communitites": ["string"],
"local_preference": "string",
"prepend_as_paths": ["string"],
},
"matching": {
"as_paths": ["string"],
"communities": ["string"],
"networks": ["string"],
"prefixes": ["string"],
"protocols": ["string"],
"route_exists": {
"route": "string",
"vrf_name": "string",
},
"vpn_neighbor_macs": ["string"],
"vpn_path_sla": {
"max_jitter": 0,
"max_latency": 0,
"max_loss": 0,
},
"vpn_paths": ["string"],
},
}],
},
},
service_policies=[{
"action": "string",
"antivirus": {
"avprofile_id": "string",
"enabled": False,
"profile": "string",
},
"appqoe": {
"enabled": False,
},
"ewfs": [{
"alert_only": False,
"block_message": "string",
"enabled": False,
"profile": "string",
}],
"idp": {
"alert_only": False,
"enabled": False,
"idpprofile_id": "string",
"profile": "string",
},
"local_routing": False,
"name": "string",
"path_preference": "string",
"servicepolicy_id": "string",
"services": ["string"],
"ssl_proxy": {
"ciphers_category": "string",
"enabled": False,
},
"tenants": ["string"],
}],
bgp_config={
"string": {
"auth_key": "string",
"bfd_minimum_interval": 0,
"bfd_multiplier": 0,
"disable_bfd": False,
"export": "string",
"export_policy": "string",
"extended_v4_nexthop": False,
"graceful_restart_time": 0,
"hold_time": 0,
"import_": "string",
"import_policy": "string",
"local_as": 0,
"neighbor_as": 0,
"neighbors": {
"string": {
"disabled": False,
"export_policy": "string",
"hold_time": 0,
"import_policy": "string",
"multihop_ttl": 0,
"neighbor_as": 0,
},
},
"networks": ["string"],
"no_readvertise_to_overlay": False,
"tunnel_name": "string",
"type": "string",
"via": "string",
"vpn_name": "string",
"wan_name": "string",
},
},
tunnel_configs={
"string": {
"auto_provision": {
"provider": "string",
"enable": False,
"latlng": {
"lat": 0,
"lng": 0,
},
"primary": {
"probe_ips": ["string"],
"wan_names": ["string"],
},
"region": "string",
"secondary": {
"probe_ips": ["string"],
"wan_names": ["string"],
},
},
"ike_lifetime": 0,
"ike_mode": "string",
"ike_proposals": [{
"auth_algo": "string",
"dh_group": "string",
"enc_algo": "string",
}],
"ipsec_lifetime": 0,
"ipsec_proposals": [{
"auth_algo": "string",
"dh_group": "string",
"enc_algo": "string",
}],
"local_id": "string",
"mode": "string",
"networks": ["string"],
"primary": {
"hosts": ["string"],
"wan_names": ["string"],
"internal_ips": ["string"],
"probe_ips": ["string"],
"remote_ids": ["string"],
},
"probe": {
"interval": 0,
"threshold": 0,
"timeout": 0,
"type": "string",
},
"protocol": "string",
"provider": "string",
"psk": "string",
"secondary": {
"hosts": ["string"],
"wan_names": ["string"],
"internal_ips": ["string"],
"probe_ips": ["string"],
"remote_ids": ["string"],
},
"version": "string",
},
},
tunnel_provider_options={
"jse": {
"num_users": 0,
"org_name": "string",
},
"zscaler": {
"aup_block_internet_until_accepted": False,
"aup_enabled": False,
"aup_force_ssl_inspection": False,
"aup_timeout_in_days": 0,
"auth_required": False,
"caution_enabled": False,
"dn_bandwidth": 0,
"idle_time_in_minutes": 0,
"ofw_enabled": False,
"sub_locations": [{
"aup_block_internet_until_accepted": False,
"aup_enabled": False,
"aup_force_ssl_inspection": False,
"aup_timeout_in_days": 0,
"auth_required": False,
"caution_enabled": False,
"dn_bandwidth": 0,
"idle_time_in_minutes": 0,
"name": "string",
"ofw_enabled": False,
"surrogate_ip": False,
"surrogate_ip_enforced_for_known_browsers": False,
"surrogate_refresh_time_in_minutes": 0,
"up_bandwidth": 0,
}],
"surrogate_ip": False,
"surrogate_ip_enforced_for_known_browsers": False,
"surrogate_refresh_time_in_minutes": 0,
"up_bandwidth": 0,
"xff_forward_enabled": False,
},
},
vars={
"string": "string",
},
vrf_config={
"enabled": False,
},
vrf_instances={
"string": {
"networks": ["string"],
},
},
x=0,
ntp_servers=["string"])
const gatewayResource = new junipermist.device.Gateway("gatewayResource", {
deviceId: "string",
siteId: "string",
idpProfiles: {
string: {
baseProfile: "string",
id: "string",
name: "string",
orgId: "string",
overwrites: [{
action: "string",
matching: {
attackNames: ["string"],
dstSubnets: ["string"],
severities: ["string"],
},
name: "string",
}],
},
},
dnsServers: ["string"],
oobIpConfig: {
gateway: "string",
ip: "string",
netmask: "string",
node1: {
gateway: "string",
ip: "string",
netmask: "string",
type: "string",
useMgmtVrf: false,
useMgmtVrfForHostOut: false,
vlanId: "string",
},
type: "string",
useMgmtVrf: false,
useMgmtVrfForHostOut: false,
vlanId: "string",
},
dnsSuffixes: ["string"],
extraRoutes: {
string: {
via: "string",
},
},
extraRoutes6: {
string: {
via: "string",
},
},
additionalConfigCmds: ["string"],
ipConfigs: {
string: {
ip: "string",
netmask: "string",
secondaryIps: ["string"],
type: "string",
},
},
managed: false,
mapId: "string",
mspId: "string",
name: "string",
networks: [{
name: "string",
subnet: "string",
internalAccess: {
enabled: false,
},
disallowMistServices: false,
internetAccess: {
createSimpleServicePolicy: false,
destinationNat: {
string: {
internalIp: "string",
name: "string",
port: "string",
wanName: "string",
},
},
enabled: false,
restricted: false,
staticNat: {
string: {
internalIp: "string",
name: "string",
wanName: "string",
},
},
},
isolation: false,
multicast: {
disableIgmp: false,
enabled: false,
groups: {
string: {
rpIp: "string",
},
},
},
gateway6: "string",
routedForNetworks: ["string"],
gateway: "string",
subnet6: "string",
tenants: {
string: {
addresses: ["string"],
},
},
vlanId: "string",
vpnAccess: {
string: {
advertisedSubnet: "string",
allowPing: false,
destinationNat: {
string: {
internalIp: "string",
name: "string",
port: "string",
},
},
natPool: "string",
noReadvertiseToLanBgp: false,
noReadvertiseToLanOspf: false,
noReadvertiseToOverlay: false,
otherVrfs: ["string"],
routed: false,
sourceNat: {
externalIp: "string",
},
staticNat: {
string: {
internalIp: "string",
name: "string",
},
},
summarizedSubnet: "string",
summarizedSubnetToLanBgp: "string",
summarizedSubnetToLanOspf: "string",
},
},
}],
notes: "string",
y: 0,
dhcpdConfig: {
config: {
string: {
dnsServers: ["string"],
dnsSuffixes: ["string"],
fixedBindings: {
string: {
ip: "string",
name: "string",
},
},
gateway: "string",
ipEnd: "string",
ipEnd6: "string",
ipStart: "string",
ipStart6: "string",
leaseTime: 0,
options: {
string: {
type: "string",
value: "string",
},
},
serverIdOverride: false,
servers: ["string"],
servers6s: ["string"],
type: "string",
type6: "string",
vendorEncapsulated: {
string: {
type: "string",
value: "string",
},
},
},
},
enabled: false,
},
pathPreferences: {
string: {
paths: [{
cost: 0,
disabled: false,
gatewayIp: "string",
internetAccess: false,
name: "string",
networks: ["string"],
targetIps: ["string"],
type: "string",
wanName: "string",
}],
strategy: "string",
},
},
portConfig: {
string: {
usage: "string",
networks: ["string"],
dslType: "string",
portNetwork: "string",
critical: false,
description: "string",
disableAutoneg: false,
disabled: false,
poeDisabled: false,
dslVci: 0,
dslVpi: 0,
duplex: "string",
ipConfig: {
dns: ["string"],
dnsSuffixes: ["string"],
gateway: "string",
ip: "string",
netmask: "string",
network: "string",
poserPassword: "string",
pppoeAuth: "string",
pppoeUsername: "string",
type: "string",
},
outerVlanId: 0,
lteAuth: "string",
lteBackup: false,
ltePassword: "string",
lteUsername: "string",
mtu: 0,
name: "string",
aeDisableLacp: false,
lteApn: "string",
aeLacpForceUp: false,
aggregated: false,
preserveDscp: false,
redundant: false,
rethIdx: 0,
rethNode: "string",
rethNodes: ["string"],
speed: "string",
ssrNoVirtualMac: false,
svrPortRange: "string",
trafficShaping: {
classPercentages: [0],
enabled: false,
maxTxKbps: 0,
},
aeIdx: "string",
vlanId: "string",
vpnPaths: {
string: {
bfdProfile: "string",
bfdUseTunnelMode: false,
linkName: "string",
preference: 0,
role: "string",
trafficShaping: {
classPercentages: [0],
enabled: false,
maxTxKbps: 0,
},
},
},
wanArpPolicer: "string",
wanExtIp: "string",
wanExtraRoutes: {
string: {
via: "string",
},
},
wanNetworks: ["string"],
wanProbeOverride: {
ips: ["string"],
probeProfile: "string",
},
wanSourceNat: {
disabled: false,
natPool: "string",
},
wanType: "string",
},
},
portMirroring: {
portMirror: {
familyType: "string",
ingressPortIds: ["string"],
outputPortId: "string",
rate: 0,
runLength: 0,
},
},
routerId: "string",
routingPolicies: {
string: {
terms: [{
action: {
accept: false,
addCommunities: ["string"],
addTargetVrfs: ["string"],
aggregates: ["string"],
communities: ["string"],
excludeAsPaths: ["string"],
excludeCommunities: ["string"],
exportCommunitites: ["string"],
localPreference: "string",
prependAsPaths: ["string"],
},
matching: {
asPaths: ["string"],
communities: ["string"],
networks: ["string"],
prefixes: ["string"],
protocols: ["string"],
routeExists: {
route: "string",
vrfName: "string",
},
vpnNeighborMacs: ["string"],
vpnPathSla: {
maxJitter: 0,
maxLatency: 0,
maxLoss: 0,
},
vpnPaths: ["string"],
},
}],
},
},
servicePolicies: [{
action: "string",
antivirus: {
avprofileId: "string",
enabled: false,
profile: "string",
},
appqoe: {
enabled: false,
},
ewfs: [{
alertOnly: false,
blockMessage: "string",
enabled: false,
profile: "string",
}],
idp: {
alertOnly: false,
enabled: false,
idpprofileId: "string",
profile: "string",
},
localRouting: false,
name: "string",
pathPreference: "string",
servicepolicyId: "string",
services: ["string"],
sslProxy: {
ciphersCategory: "string",
enabled: false,
},
tenants: ["string"],
}],
bgpConfig: {
string: {
authKey: "string",
bfdMinimumInterval: 0,
bfdMultiplier: 0,
disableBfd: false,
"export": "string",
exportPolicy: "string",
extendedV4Nexthop: false,
gracefulRestartTime: 0,
holdTime: 0,
"import": "string",
importPolicy: "string",
localAs: 0,
neighborAs: 0,
neighbors: {
string: {
disabled: false,
exportPolicy: "string",
holdTime: 0,
importPolicy: "string",
multihopTtl: 0,
neighborAs: 0,
},
},
networks: ["string"],
noReadvertiseToOverlay: false,
tunnelName: "string",
type: "string",
via: "string",
vpnName: "string",
wanName: "string",
},
},
tunnelConfigs: {
string: {
autoProvision: {
provider: "string",
enable: false,
latlng: {
lat: 0,
lng: 0,
},
primary: {
probeIps: ["string"],
wanNames: ["string"],
},
region: "string",
secondary: {
probeIps: ["string"],
wanNames: ["string"],
},
},
ikeLifetime: 0,
ikeMode: "string",
ikeProposals: [{
authAlgo: "string",
dhGroup: "string",
encAlgo: "string",
}],
ipsecLifetime: 0,
ipsecProposals: [{
authAlgo: "string",
dhGroup: "string",
encAlgo: "string",
}],
localId: "string",
mode: "string",
networks: ["string"],
primary: {
hosts: ["string"],
wanNames: ["string"],
internalIps: ["string"],
probeIps: ["string"],
remoteIds: ["string"],
},
probe: {
interval: 0,
threshold: 0,
timeout: 0,
type: "string",
},
protocol: "string",
provider: "string",
psk: "string",
secondary: {
hosts: ["string"],
wanNames: ["string"],
internalIps: ["string"],
probeIps: ["string"],
remoteIds: ["string"],
},
version: "string",
},
},
tunnelProviderOptions: {
jse: {
numUsers: 0,
orgName: "string",
},
zscaler: {
aupBlockInternetUntilAccepted: false,
aupEnabled: false,
aupForceSslInspection: false,
aupTimeoutInDays: 0,
authRequired: false,
cautionEnabled: false,
dnBandwidth: 0,
idleTimeInMinutes: 0,
ofwEnabled: false,
subLocations: [{
aupBlockInternetUntilAccepted: false,
aupEnabled: false,
aupForceSslInspection: false,
aupTimeoutInDays: 0,
authRequired: false,
cautionEnabled: false,
dnBandwidth: 0,
idleTimeInMinutes: 0,
name: "string",
ofwEnabled: false,
surrogateIp: false,
surrogateIpEnforcedForKnownBrowsers: false,
surrogateRefreshTimeInMinutes: 0,
upBandwidth: 0,
}],
surrogateIp: false,
surrogateIpEnforcedForKnownBrowsers: false,
surrogateRefreshTimeInMinutes: 0,
upBandwidth: 0,
xffForwardEnabled: false,
},
},
vars: {
string: "string",
},
vrfConfig: {
enabled: false,
},
vrfInstances: {
string: {
networks: ["string"],
},
},
x: 0,
ntpServers: ["string"],
});
type: junipermist:device:Gateway
properties:
additionalConfigCmds:
- string
bgpConfig:
string:
authKey: string
bfdMinimumInterval: 0
bfdMultiplier: 0
disableBfd: false
export: string
exportPolicy: string
extendedV4Nexthop: false
gracefulRestartTime: 0
holdTime: 0
import: string
importPolicy: string
localAs: 0
neighborAs: 0
neighbors:
string:
disabled: false
exportPolicy: string
holdTime: 0
importPolicy: string
multihopTtl: 0
neighborAs: 0
networks:
- string
noReadvertiseToOverlay: false
tunnelName: string
type: string
via: string
vpnName: string
wanName: string
deviceId: string
dhcpdConfig:
config:
string:
dnsServers:
- string
dnsSuffixes:
- string
fixedBindings:
string:
ip: string
name: string
gateway: string
ipEnd: string
ipEnd6: string
ipStart: string
ipStart6: string
leaseTime: 0
options:
string:
type: string
value: string
serverIdOverride: false
servers:
- string
servers6s:
- string
type: string
type6: string
vendorEncapsulated:
string:
type: string
value: string
enabled: false
dnsServers:
- string
dnsSuffixes:
- string
extraRoutes:
string:
via: string
extraRoutes6:
string:
via: string
idpProfiles:
string:
baseProfile: string
id: string
name: string
orgId: string
overwrites:
- action: string
matching:
attackNames:
- string
dstSubnets:
- string
severities:
- string
name: string
ipConfigs:
string:
ip: string
netmask: string
secondaryIps:
- string
type: string
managed: false
mapId: string
mspId: string
name: string
networks:
- disallowMistServices: false
gateway: string
gateway6: string
internalAccess:
enabled: false
internetAccess:
createSimpleServicePolicy: false
destinationNat:
string:
internalIp: string
name: string
port: string
wanName: string
enabled: false
restricted: false
staticNat:
string:
internalIp: string
name: string
wanName: string
isolation: false
multicast:
disableIgmp: false
enabled: false
groups:
string:
rpIp: string
name: string
routedForNetworks:
- string
subnet: string
subnet6: string
tenants:
string:
addresses:
- string
vlanId: string
vpnAccess:
string:
advertisedSubnet: string
allowPing: false
destinationNat:
string:
internalIp: string
name: string
port: string
natPool: string
noReadvertiseToLanBgp: false
noReadvertiseToLanOspf: false
noReadvertiseToOverlay: false
otherVrfs:
- string
routed: false
sourceNat:
externalIp: string
staticNat:
string:
internalIp: string
name: string
summarizedSubnet: string
summarizedSubnetToLanBgp: string
summarizedSubnetToLanOspf: string
notes: string
ntpServers:
- string
oobIpConfig:
gateway: string
ip: string
netmask: string
node1:
gateway: string
ip: string
netmask: string
type: string
useMgmtVrf: false
useMgmtVrfForHostOut: false
vlanId: string
type: string
useMgmtVrf: false
useMgmtVrfForHostOut: false
vlanId: string
pathPreferences:
string:
paths:
- cost: 0
disabled: false
gatewayIp: string
internetAccess: false
name: string
networks:
- string
targetIps:
- string
type: string
wanName: string
strategy: string
portConfig:
string:
aeDisableLacp: false
aeIdx: string
aeLacpForceUp: false
aggregated: false
critical: false
description: string
disableAutoneg: false
disabled: false
dslType: string
dslVci: 0
dslVpi: 0
duplex: string
ipConfig:
dns:
- string
dnsSuffixes:
- string
gateway: string
ip: string
netmask: string
network: string
poserPassword: string
pppoeAuth: string
pppoeUsername: string
type: string
lteApn: string
lteAuth: string
lteBackup: false
ltePassword: string
lteUsername: string
mtu: 0
name: string
networks:
- string
outerVlanId: 0
poeDisabled: false
portNetwork: string
preserveDscp: false
redundant: false
rethIdx: 0
rethNode: string
rethNodes:
- string
speed: string
ssrNoVirtualMac: false
svrPortRange: string
trafficShaping:
classPercentages:
- 0
enabled: false
maxTxKbps: 0
usage: string
vlanId: string
vpnPaths:
string:
bfdProfile: string
bfdUseTunnelMode: false
linkName: string
preference: 0
role: string
trafficShaping:
classPercentages:
- 0
enabled: false
maxTxKbps: 0
wanArpPolicer: string
wanExtIp: string
wanExtraRoutes:
string:
via: string
wanNetworks:
- string
wanProbeOverride:
ips:
- string
probeProfile: string
wanSourceNat:
disabled: false
natPool: string
wanType: string
portMirroring:
portMirror:
familyType: string
ingressPortIds:
- string
outputPortId: string
rate: 0
runLength: 0
routerId: string
routingPolicies:
string:
terms:
- action:
accept: false
addCommunities:
- string
addTargetVrfs:
- string
aggregates:
- string
communities:
- string
excludeAsPaths:
- string
excludeCommunities:
- string
exportCommunitites:
- string
localPreference: string
prependAsPaths:
- string
matching:
asPaths:
- string
communities:
- string
networks:
- string
prefixes:
- string
protocols:
- string
routeExists:
route: string
vrfName: string
vpnNeighborMacs:
- string
vpnPathSla:
maxJitter: 0
maxLatency: 0
maxLoss: 0
vpnPaths:
- string
servicePolicies:
- action: string
antivirus:
avprofileId: string
enabled: false
profile: string
appqoe:
enabled: false
ewfs:
- alertOnly: false
blockMessage: string
enabled: false
profile: string
idp:
alertOnly: false
enabled: false
idpprofileId: string
profile: string
localRouting: false
name: string
pathPreference: string
servicepolicyId: string
services:
- string
sslProxy:
ciphersCategory: string
enabled: false
tenants:
- string
siteId: string
tunnelConfigs:
string:
autoProvision:
enable: false
latlng:
lat: 0
lng: 0
primary:
probeIps:
- string
wanNames:
- string
provider: string
region: string
secondary:
probeIps:
- string
wanNames:
- string
ikeLifetime: 0
ikeMode: string
ikeProposals:
- authAlgo: string
dhGroup: string
encAlgo: string
ipsecLifetime: 0
ipsecProposals:
- authAlgo: string
dhGroup: string
encAlgo: string
localId: string
mode: string
networks:
- string
primary:
hosts:
- string
internalIps:
- string
probeIps:
- string
remoteIds:
- string
wanNames:
- string
probe:
interval: 0
threshold: 0
timeout: 0
type: string
protocol: string
provider: string
psk: string
secondary:
hosts:
- string
internalIps:
- string
probeIps:
- string
remoteIds:
- string
wanNames:
- string
version: string
tunnelProviderOptions:
jse:
numUsers: 0
orgName: string
zscaler:
aupBlockInternetUntilAccepted: false
aupEnabled: false
aupForceSslInspection: false
aupTimeoutInDays: 0
authRequired: false
cautionEnabled: false
dnBandwidth: 0
idleTimeInMinutes: 0
ofwEnabled: false
subLocations:
- aupBlockInternetUntilAccepted: false
aupEnabled: false
aupForceSslInspection: false
aupTimeoutInDays: 0
authRequired: false
cautionEnabled: false
dnBandwidth: 0
idleTimeInMinutes: 0
name: string
ofwEnabled: false
surrogateIp: false
surrogateIpEnforcedForKnownBrowsers: false
surrogateRefreshTimeInMinutes: 0
upBandwidth: 0
surrogateIp: false
surrogateIpEnforcedForKnownBrowsers: false
surrogateRefreshTimeInMinutes: 0
upBandwidth: 0
xffForwardEnabled: false
vars:
string: string
vrfConfig:
enabled: false
vrfInstances:
string:
networks:
- string
x: 0
"y": 0
Gateway Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The Gateway resource accepts the following input properties:
- Device
Id string - Site
Id string - Additional
Config List<string>Cmds - additional CLI commands to append to the generated Junos config. Note: no check is done
- Bgp
Config Dictionary<string, Pulumi.Juniper Mist. Device. Inputs. Gateway Bgp Config Args> - Dhcpd
Config Pulumi.Juniper Mist. Device. Inputs. Gateway Dhcpd Config - Dns
Servers List<string> - Global dns settings. To keep compatibility, dns settings in
ip_configandoob_ip_configwill overwrite this setting - Dns
Suffixes List<string> - Global dns settings. To keep compatibility, dns settings in
ip_configandoob_ip_configwill overwrite this setting - Extra
Routes Dictionary<string, Pulumi.Juniper Mist. Device. Inputs. Gateway Extra Routes Args> - Property key is the destination CIDR (e.g. "10.0.0.0/8")
- Extra
Routes6 Dictionary<string, Pulumi.Juniper Mist. Device. Inputs. Gateway Extra Routes6Args> - Property key is the destination CIDR (e.g. "2a02:1234:420a:10c9::/64")
- Idp
Profiles Dictionary<string, Pulumi.Juniper Mist. Device. Inputs. Gateway Idp Profiles Args> - Property key is the profile name
- Ip
Configs Dictionary<string, Pulumi.Juniper Mist. Device. Inputs. Gateway Ip Configs Args> - Property key is the network name
- Managed bool
- Map
Id string - Map where the device belongs to
- Msp
Id string - Name string
- Networks
List<Pulumi.
Juniper Mist. Device. Inputs. Gateway Network> - Notes string
- Ntp
Servers List<string> - Oob
Ip Pulumi.Config Juniper Mist. Device. Inputs. Gateway Oob Ip Config - Out-of-band (vme/em0/fxp0) IP config
- Path
Preferences Dictionary<string, Pulumi.Juniper Mist. Device. Inputs. Gateway Path Preferences Args> - Property key is the path name
- Port
Config Dictionary<string, Pulumi.Juniper Mist. Device. Inputs. Gateway Port Config Args> - Property key is the port name or range (e.g. "ge-0/0/0-10")
- Port
Mirroring Pulumi.Juniper Mist. Device. Inputs. Gateway Port Mirroring - Router
Id string - Auto assigned if not set
- Routing
Policies Dictionary<string, Pulumi.Juniper Mist. Device. Inputs. Gateway Routing Policies Args> - Property key is the routing policy name
- Service
Policies List<Pulumi.Juniper Mist. Device. Inputs. Gateway Service Policy> - Tunnel
Configs Dictionary<string, Pulumi.Juniper Mist. Device. Inputs. Gateway Tunnel Configs Args> - Property key is the tunnel name
- Tunnel
Provider Pulumi.Options Juniper Mist. Device. Inputs. Gateway Tunnel Provider Options - Vars Dictionary<string, string>
- Dictionary of name->value, the vars can then be used in Wlans. This can overwrite those from Site Vars
- Vrf
Config Pulumi.Juniper Mist. Device. Inputs. Gateway Vrf Config - Vrf
Instances Dictionary<string, Pulumi.Juniper Mist. Device. Inputs. Gateway Vrf Instances Args> - Property key is the network name
- X double
- X in pixel
- Y double
- Y in pixel
- Device
Id string - Site
Id string - Additional
Config []stringCmds - additional CLI commands to append to the generated Junos config. Note: no check is done
- Bgp
Config map[string]GatewayBgp Config Args - Dhcpd
Config GatewayDhcpd Config Args - Dns
Servers []string - Global dns settings. To keep compatibility, dns settings in
ip_configandoob_ip_configwill overwrite this setting - Dns
Suffixes []string - Global dns settings. To keep compatibility, dns settings in
ip_configandoob_ip_configwill overwrite this setting - Extra
Routes map[string]GatewayExtra Routes Args - Property key is the destination CIDR (e.g. "10.0.0.0/8")
- Extra
Routes6 map[string]GatewayExtra Routes6Args - Property key is the destination CIDR (e.g. "2a02:1234:420a:10c9::/64")
- Idp
Profiles map[string]GatewayIdp Profiles Args - Property key is the profile name
- Ip
Configs map[string]GatewayIp Configs Args - Property key is the network name
- Managed bool
- Map
Id string - Map where the device belongs to
- Msp
Id string - Name string
- Networks
[]Gateway
Network Args - Notes string
- Ntp
Servers []string - Oob
Ip GatewayConfig Oob Ip Config Args - Out-of-band (vme/em0/fxp0) IP config
- Path
Preferences map[string]GatewayPath Preferences Args - Property key is the path name
- Port
Config map[string]GatewayPort Config Args - Property key is the port name or range (e.g. "ge-0/0/0-10")
- Port
Mirroring GatewayPort Mirroring Args - Router
Id string - Auto assigned if not set
- Routing
Policies map[string]GatewayRouting Policies Args - Property key is the routing policy name
- Service
Policies []GatewayService Policy Args - Tunnel
Configs map[string]GatewayTunnel Configs Args - Property key is the tunnel name
- Tunnel
Provider GatewayOptions Tunnel Provider Options Args - Vars map[string]string
- Dictionary of name->value, the vars can then be used in Wlans. This can overwrite those from Site Vars
- Vrf
Config GatewayVrf Config Args - Vrf
Instances map[string]GatewayVrf Instances Args - Property key is the network name
- X float64
- X in pixel
- Y float64
- Y in pixel
- device
Id String - site
Id String - additional
Config List<String>Cmds - additional CLI commands to append to the generated Junos config. Note: no check is done
- bgp
Config Map<String,GatewayBgp Config Args> - dhcpd
Config GatewayDhcpd Config - dns
Servers List<String> - Global dns settings. To keep compatibility, dns settings in
ip_configandoob_ip_configwill overwrite this setting - dns
Suffixes List<String> - Global dns settings. To keep compatibility, dns settings in
ip_configandoob_ip_configwill overwrite this setting - extra
Routes Map<String,GatewayExtra Routes Args> - Property key is the destination CIDR (e.g. "10.0.0.0/8")
- extra
Routes6 Map<String,GatewayExtra Routes6Args> - Property key is the destination CIDR (e.g. "2a02:1234:420a:10c9::/64")
- idp
Profiles Map<String,GatewayIdp Profiles Args> - Property key is the profile name
- ip
Configs Map<String,GatewayIp Configs Args> - Property key is the network name
- managed Boolean
- map
Id String - Map where the device belongs to
- msp
Id String - name String
- networks
List<Gateway
Network> - notes String
- ntp
Servers List<String> - oob
Ip GatewayConfig Oob Ip Config - Out-of-band (vme/em0/fxp0) IP config
- path
Preferences Map<String,GatewayPath Preferences Args> - Property key is the path name
- port
Config Map<String,GatewayPort Config Args> - Property key is the port name or range (e.g. "ge-0/0/0-10")
- port
Mirroring GatewayPort Mirroring - router
Id String - Auto assigned if not set
- routing
Policies Map<String,GatewayRouting Policies Args> - Property key is the routing policy name
- service
Policies List<GatewayService Policy> - tunnel
Configs Map<String,GatewayTunnel Configs Args> - Property key is the tunnel name
- tunnel
Provider GatewayOptions Tunnel Provider Options - vars Map<String,String>
- Dictionary of name->value, the vars can then be used in Wlans. This can overwrite those from Site Vars
- vrf
Config GatewayVrf Config - vrf
Instances Map<String,GatewayVrf Instances Args> - Property key is the network name
- x Double
- X in pixel
- y Double
- Y in pixel
- device
Id string - site
Id string - additional
Config string[]Cmds - additional CLI commands to append to the generated Junos config. Note: no check is done
- bgp
Config {[key: string]: GatewayBgp Config Args} - dhcpd
Config GatewayDhcpd Config - dns
Servers string[] - Global dns settings. To keep compatibility, dns settings in
ip_configandoob_ip_configwill overwrite this setting - dns
Suffixes string[] - Global dns settings. To keep compatibility, dns settings in
ip_configandoob_ip_configwill overwrite this setting - extra
Routes {[key: string]: GatewayExtra Routes Args} - Property key is the destination CIDR (e.g. "10.0.0.0/8")
- extra
Routes6 {[key: string]: GatewayExtra Routes6Args} - Property key is the destination CIDR (e.g. "2a02:1234:420a:10c9::/64")
- idp
Profiles {[key: string]: GatewayIdp Profiles Args} - Property key is the profile name
- ip
Configs {[key: string]: GatewayIp Configs Args} - Property key is the network name
- managed boolean
- map
Id string - Map where the device belongs to
- msp
Id string - name string
- networks
Gateway
Network[] - notes string
- ntp
Servers string[] - oob
Ip GatewayConfig Oob Ip Config - Out-of-band (vme/em0/fxp0) IP config
- path
Preferences {[key: string]: GatewayPath Preferences Args} - Property key is the path name
- port
Config {[key: string]: GatewayPort Config Args} - Property key is the port name or range (e.g. "ge-0/0/0-10")
- port
Mirroring GatewayPort Mirroring - router
Id string - Auto assigned if not set
- routing
Policies {[key: string]: GatewayRouting Policies Args} - Property key is the routing policy name
- service
Policies GatewayService Policy[] - tunnel
Configs {[key: string]: GatewayTunnel Configs Args} - Property key is the tunnel name
- tunnel
Provider GatewayOptions Tunnel Provider Options - vars {[key: string]: string}
- Dictionary of name->value, the vars can then be used in Wlans. This can overwrite those from Site Vars
- vrf
Config GatewayVrf Config - vrf
Instances {[key: string]: GatewayVrf Instances Args} - Property key is the network name
- x number
- X in pixel
- y number
- Y in pixel
- device_
id str - site_
id str - additional_
config_ Sequence[str]cmds - additional CLI commands to append to the generated Junos config. Note: no check is done
- bgp_
config Mapping[str, GatewayBgp Config Args] - dhcpd_
config GatewayDhcpd Config Args - dns_
servers Sequence[str] - Global dns settings. To keep compatibility, dns settings in
ip_configandoob_ip_configwill overwrite this setting - dns_
suffixes Sequence[str] - Global dns settings. To keep compatibility, dns settings in
ip_configandoob_ip_configwill overwrite this setting - extra_
routes Mapping[str, GatewayExtra Routes Args] - Property key is the destination CIDR (e.g. "10.0.0.0/8")
- extra_
routes6 Mapping[str, GatewayExtra Routes6Args] - Property key is the destination CIDR (e.g. "2a02:1234:420a:10c9::/64")
- idp_
profiles Mapping[str, GatewayIdp Profiles Args] - Property key is the profile name
- ip_
configs Mapping[str, GatewayIp Configs Args] - Property key is the network name
- managed bool
- map_
id str - Map where the device belongs to
- msp_
id str - name str
- networks
Sequence[Gateway
Network Args] - notes str
- ntp_
servers Sequence[str] - oob_
ip_ Gatewayconfig Oob Ip Config Args - Out-of-band (vme/em0/fxp0) IP config
- path_
preferences Mapping[str, GatewayPath Preferences Args] - Property key is the path name
- port_
config Mapping[str, GatewayPort Config Args] - Property key is the port name or range (e.g. "ge-0/0/0-10")
- port_
mirroring GatewayPort Mirroring Args - router_
id str - Auto assigned if not set
- routing_
policies Mapping[str, GatewayRouting Policies Args] - Property key is the routing policy name
- service_
policies Sequence[GatewayService Policy Args] - tunnel_
configs Mapping[str, GatewayTunnel Configs Args] - Property key is the tunnel name
- tunnel_
provider_ Gatewayoptions Tunnel Provider Options Args - vars Mapping[str, str]
- Dictionary of name->value, the vars can then be used in Wlans. This can overwrite those from Site Vars
- vrf_
config GatewayVrf Config Args - vrf_
instances Mapping[str, GatewayVrf Instances Args] - Property key is the network name
- x float
- X in pixel
- y float
- Y in pixel
- device
Id String - site
Id String - additional
Config List<String>Cmds - additional CLI commands to append to the generated Junos config. Note: no check is done
- bgp
Config Map<Property Map> - dhcpd
Config Property Map - dns
Servers List<String> - Global dns settings. To keep compatibility, dns settings in
ip_configandoob_ip_configwill overwrite this setting - dns
Suffixes List<String> - Global dns settings. To keep compatibility, dns settings in
ip_configandoob_ip_configwill overwrite this setting - extra
Routes Map<Property Map> - Property key is the destination CIDR (e.g. "10.0.0.0/8")
- extra
Routes6 Map<Property Map> - Property key is the destination CIDR (e.g. "2a02:1234:420a:10c9::/64")
- idp
Profiles Map<Property Map> - Property key is the profile name
- ip
Configs Map<Property Map> - Property key is the network name
- managed Boolean
- map
Id String - Map where the device belongs to
- msp
Id String - name String
- networks List<Property Map>
- notes String
- ntp
Servers List<String> - oob
Ip Property MapConfig - Out-of-band (vme/em0/fxp0) IP config
- path
Preferences Map<Property Map> - Property key is the path name
- port
Config Map<Property Map> - Property key is the port name or range (e.g. "ge-0/0/0-10")
- port
Mirroring Property Map - router
Id String - Auto assigned if not set
- routing
Policies Map<Property Map> - Property key is the routing policy name
- service
Policies List<Property Map> - tunnel
Configs Map<Property Map> - Property key is the tunnel name
- tunnel
Provider Property MapOptions - vars Map<String>
- Dictionary of name->value, the vars can then be used in Wlans. This can overwrite those from Site Vars
- vrf
Config Property Map - vrf
Instances Map<Property Map> - Property key is the network name
- x Number
- X in pixel
- y Number
- Y in pixel
Outputs
All input properties are implicitly available as output properties. Additionally, the Gateway resource produces the following output properties:
- id str
- The provider-assigned unique ID for this managed resource.
- image1_
url str - image2_
url str - image3_
url str - mac str
- Device MAC address
- model str
- Device Model
- org_
id str - serial str
- Device Serial
- type str
- Device Type. enum:
gateway
Look up Existing Gateway Resource
Get an existing Gateway resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: GatewayState, opts?: CustomResourceOptions): Gateway@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
additional_config_cmds: Optional[Sequence[str]] = None,
bgp_config: Optional[Mapping[str, GatewayBgpConfigArgs]] = None,
device_id: Optional[str] = None,
dhcpd_config: Optional[GatewayDhcpdConfigArgs] = None,
dns_servers: Optional[Sequence[str]] = None,
dns_suffixes: Optional[Sequence[str]] = None,
extra_routes: Optional[Mapping[str, GatewayExtraRoutesArgs]] = None,
extra_routes6: Optional[Mapping[str, GatewayExtraRoutes6Args]] = None,
idp_profiles: Optional[Mapping[str, GatewayIdpProfilesArgs]] = None,
image1_url: Optional[str] = None,
image2_url: Optional[str] = None,
image3_url: Optional[str] = None,
ip_configs: Optional[Mapping[str, GatewayIpConfigsArgs]] = None,
mac: Optional[str] = None,
managed: Optional[bool] = None,
map_id: Optional[str] = None,
model: Optional[str] = None,
msp_id: Optional[str] = None,
name: Optional[str] = None,
networks: Optional[Sequence[GatewayNetworkArgs]] = None,
notes: Optional[str] = None,
ntp_servers: Optional[Sequence[str]] = None,
oob_ip_config: Optional[GatewayOobIpConfigArgs] = None,
org_id: Optional[str] = None,
path_preferences: Optional[Mapping[str, GatewayPathPreferencesArgs]] = None,
port_config: Optional[Mapping[str, GatewayPortConfigArgs]] = None,
port_mirroring: Optional[GatewayPortMirroringArgs] = None,
router_id: Optional[str] = None,
routing_policies: Optional[Mapping[str, GatewayRoutingPoliciesArgs]] = None,
serial: Optional[str] = None,
service_policies: Optional[Sequence[GatewayServicePolicyArgs]] = None,
site_id: Optional[str] = None,
tunnel_configs: Optional[Mapping[str, GatewayTunnelConfigsArgs]] = None,
tunnel_provider_options: Optional[GatewayTunnelProviderOptionsArgs] = None,
type: Optional[str] = None,
vars: Optional[Mapping[str, str]] = None,
vrf_config: Optional[GatewayVrfConfigArgs] = None,
vrf_instances: Optional[Mapping[str, GatewayVrfInstancesArgs]] = None,
x: Optional[float] = None,
y: Optional[float] = None) -> Gatewayfunc GetGateway(ctx *Context, name string, id IDInput, state *GatewayState, opts ...ResourceOption) (*Gateway, error)public static Gateway Get(string name, Input<string> id, GatewayState? state, CustomResourceOptions? opts = null)public static Gateway get(String name, Output<String> id, GatewayState state, CustomResourceOptions options)resources: _: type: junipermist:device:Gateway get: id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Additional
Config List<string>Cmds - additional CLI commands to append to the generated Junos config. Note: no check is done
- Bgp
Config Dictionary<string, Pulumi.Juniper Mist. Device. Inputs. Gateway Bgp Config Args> - Device
Id string - Dhcpd
Config Pulumi.Juniper Mist. Device. Inputs. Gateway Dhcpd Config - Dns
Servers List<string> - Global dns settings. To keep compatibility, dns settings in
ip_configandoob_ip_configwill overwrite this setting - Dns
Suffixes List<string> - Global dns settings. To keep compatibility, dns settings in
ip_configandoob_ip_configwill overwrite this setting - Extra
Routes Dictionary<string, Pulumi.Juniper Mist. Device. Inputs. Gateway Extra Routes Args> - Property key is the destination CIDR (e.g. "10.0.0.0/8")
- Extra
Routes6 Dictionary<string, Pulumi.Juniper Mist. Device. Inputs. Gateway Extra Routes6Args> - Property key is the destination CIDR (e.g. "2a02:1234:420a:10c9::/64")
- Idp
Profiles Dictionary<string, Pulumi.Juniper Mist. Device. Inputs. Gateway Idp Profiles Args> - Property key is the profile name
- Image1Url string
- Image2Url string
- Image3Url string
- Ip
Configs Dictionary<string, Pulumi.Juniper Mist. Device. Inputs. Gateway Ip Configs Args> - Property key is the network name
- Mac string
- Device MAC address
- Managed bool
- Map
Id string - Map where the device belongs to
- Model string
- Device Model
- Msp
Id string - Name string
- Networks
List<Pulumi.
Juniper Mist. Device. Inputs. Gateway Network> - Notes string
- Ntp
Servers List<string> - Oob
Ip Pulumi.Config Juniper Mist. Device. Inputs. Gateway Oob Ip Config - Out-of-band (vme/em0/fxp0) IP config
- Org
Id string - Path
Preferences Dictionary<string, Pulumi.Juniper Mist. Device. Inputs. Gateway Path Preferences Args> - Property key is the path name
- Port
Config Dictionary<string, Pulumi.Juniper Mist. Device. Inputs. Gateway Port Config Args> - Property key is the port name or range (e.g. "ge-0/0/0-10")
- Port
Mirroring Pulumi.Juniper Mist. Device. Inputs. Gateway Port Mirroring - Router
Id string - Auto assigned if not set
- Routing
Policies Dictionary<string, Pulumi.Juniper Mist. Device. Inputs. Gateway Routing Policies Args> - Property key is the routing policy name
- Serial string
- Device Serial
- Service
Policies List<Pulumi.Juniper Mist. Device. Inputs. Gateway Service Policy> - Site
Id string - Tunnel
Configs Dictionary<string, Pulumi.Juniper Mist. Device. Inputs. Gateway Tunnel Configs Args> - Property key is the tunnel name
- Tunnel
Provider Pulumi.Options Juniper Mist. Device. Inputs. Gateway Tunnel Provider Options - Type string
- Device Type. enum:
gateway - Vars Dictionary<string, string>
- Dictionary of name->value, the vars can then be used in Wlans. This can overwrite those from Site Vars
- Vrf
Config Pulumi.Juniper Mist. Device. Inputs. Gateway Vrf Config - Vrf
Instances Dictionary<string, Pulumi.Juniper Mist. Device. Inputs. Gateway Vrf Instances Args> - Property key is the network name
- X double
- X in pixel
- Y double
- Y in pixel
- Additional
Config []stringCmds - additional CLI commands to append to the generated Junos config. Note: no check is done
- Bgp
Config map[string]GatewayBgp Config Args - Device
Id string - Dhcpd
Config GatewayDhcpd Config Args - Dns
Servers []string - Global dns settings. To keep compatibility, dns settings in
ip_configandoob_ip_configwill overwrite this setting - Dns
Suffixes []string - Global dns settings. To keep compatibility, dns settings in
ip_configandoob_ip_configwill overwrite this setting - Extra
Routes map[string]GatewayExtra Routes Args - Property key is the destination CIDR (e.g. "10.0.0.0/8")
- Extra
Routes6 map[string]GatewayExtra Routes6Args - Property key is the destination CIDR (e.g. "2a02:1234:420a:10c9::/64")
- Idp
Profiles map[string]GatewayIdp Profiles Args - Property key is the profile name
- Image1Url string
- Image2Url string
- Image3Url string
- Ip
Configs map[string]GatewayIp Configs Args - Property key is the network name
- Mac string
- Device MAC address
- Managed bool
- Map
Id string - Map where the device belongs to
- Model string
- Device Model
- Msp
Id string - Name string
- Networks
[]Gateway
Network Args - Notes string
- Ntp
Servers []string - Oob
Ip GatewayConfig Oob Ip Config Args - Out-of-band (vme/em0/fxp0) IP config
- Org
Id string - Path
Preferences map[string]GatewayPath Preferences Args - Property key is the path name
- Port
Config map[string]GatewayPort Config Args - Property key is the port name or range (e.g. "ge-0/0/0-10")
- Port
Mirroring GatewayPort Mirroring Args - Router
Id string - Auto assigned if not set
- Routing
Policies map[string]GatewayRouting Policies Args - Property key is the routing policy name
- Serial string
- Device Serial
- Service
Policies []GatewayService Policy Args - Site
Id string - Tunnel
Configs map[string]GatewayTunnel Configs Args - Property key is the tunnel name
- Tunnel
Provider GatewayOptions Tunnel Provider Options Args - Type string
- Device Type. enum:
gateway - Vars map[string]string
- Dictionary of name->value, the vars can then be used in Wlans. This can overwrite those from Site Vars
- Vrf
Config GatewayVrf Config Args - Vrf
Instances map[string]GatewayVrf Instances Args - Property key is the network name
- X float64
- X in pixel
- Y float64
- Y in pixel
- additional
Config List<String>Cmds - additional CLI commands to append to the generated Junos config. Note: no check is done
- bgp
Config Map<String,GatewayBgp Config Args> - device
Id String - dhcpd
Config GatewayDhcpd Config - dns
Servers List<String> - Global dns settings. To keep compatibility, dns settings in
ip_configandoob_ip_configwill overwrite this setting - dns
Suffixes List<String> - Global dns settings. To keep compatibility, dns settings in
ip_configandoob_ip_configwill overwrite this setting - extra
Routes Map<String,GatewayExtra Routes Args> - Property key is the destination CIDR (e.g. "10.0.0.0/8")
- extra
Routes6 Map<String,GatewayExtra Routes6Args> - Property key is the destination CIDR (e.g. "2a02:1234:420a:10c9::/64")
- idp
Profiles Map<String,GatewayIdp Profiles Args> - Property key is the profile name
- image1Url String
- image2Url String
- image3Url String
- ip
Configs Map<String,GatewayIp Configs Args> - Property key is the network name
- mac String
- Device MAC address
- managed Boolean
- map
Id String - Map where the device belongs to
- model String
- Device Model
- msp
Id String - name String
- networks
List<Gateway
Network> - notes String
- ntp
Servers List<String> - oob
Ip GatewayConfig Oob Ip Config - Out-of-band (vme/em0/fxp0) IP config
- org
Id String - path
Preferences Map<String,GatewayPath Preferences Args> - Property key is the path name
- port
Config Map<String,GatewayPort Config Args> - Property key is the port name or range (e.g. "ge-0/0/0-10")
- port
Mirroring GatewayPort Mirroring - router
Id String - Auto assigned if not set
- routing
Policies Map<String,GatewayRouting Policies Args> - Property key is the routing policy name
- serial String
- Device Serial
- service
Policies List<GatewayService Policy> - site
Id String - tunnel
Configs Map<String,GatewayTunnel Configs Args> - Property key is the tunnel name
- tunnel
Provider GatewayOptions Tunnel Provider Options - type String
- Device Type. enum:
gateway - vars Map<String,String>
- Dictionary of name->value, the vars can then be used in Wlans. This can overwrite those from Site Vars
- vrf
Config GatewayVrf Config - vrf
Instances Map<String,GatewayVrf Instances Args> - Property key is the network name
- x Double
- X in pixel
- y Double
- Y in pixel
- additional
Config string[]Cmds - additional CLI commands to append to the generated Junos config. Note: no check is done
- bgp
Config {[key: string]: GatewayBgp Config Args} - device
Id string - dhcpd
Config GatewayDhcpd Config - dns
Servers string[] - Global dns settings. To keep compatibility, dns settings in
ip_configandoob_ip_configwill overwrite this setting - dns
Suffixes string[] - Global dns settings. To keep compatibility, dns settings in
ip_configandoob_ip_configwill overwrite this setting - extra
Routes {[key: string]: GatewayExtra Routes Args} - Property key is the destination CIDR (e.g. "10.0.0.0/8")
- extra
Routes6 {[key: string]: GatewayExtra Routes6Args} - Property key is the destination CIDR (e.g. "2a02:1234:420a:10c9::/64")
- idp
Profiles {[key: string]: GatewayIdp Profiles Args} - Property key is the profile name
- image1Url string
- image2Url string
- image3Url string
- ip
Configs {[key: string]: GatewayIp Configs Args} - Property key is the network name
- mac string
- Device MAC address
- managed boolean
- map
Id string - Map where the device belongs to
- model string
- Device Model
- msp
Id string - name string
- networks
Gateway
Network[] - notes string
- ntp
Servers string[] - oob
Ip GatewayConfig Oob Ip Config - Out-of-band (vme/em0/fxp0) IP config
- org
Id string - path
Preferences {[key: string]: GatewayPath Preferences Args} - Property key is the path name
- port
Config {[key: string]: GatewayPort Config Args} - Property key is the port name or range (e.g. "ge-0/0/0-10")
- port
Mirroring GatewayPort Mirroring - router
Id string - Auto assigned if not set
- routing
Policies {[key: string]: GatewayRouting Policies Args} - Property key is the routing policy name
- serial string
- Device Serial
- service
Policies GatewayService Policy[] - site
Id string - tunnel
Configs {[key: string]: GatewayTunnel Configs Args} - Property key is the tunnel name
- tunnel
Provider GatewayOptions Tunnel Provider Options - type string
- Device Type. enum:
gateway - vars {[key: string]: string}
- Dictionary of name->value, the vars can then be used in Wlans. This can overwrite those from Site Vars
- vrf
Config GatewayVrf Config - vrf
Instances {[key: string]: GatewayVrf Instances Args} - Property key is the network name
- x number
- X in pixel
- y number
- Y in pixel
- additional_
config_ Sequence[str]cmds - additional CLI commands to append to the generated Junos config. Note: no check is done
- bgp_
config Mapping[str, GatewayBgp Config Args] - device_
id str - dhcpd_
config GatewayDhcpd Config Args - dns_
servers Sequence[str] - Global dns settings. To keep compatibility, dns settings in
ip_configandoob_ip_configwill overwrite this setting - dns_
suffixes Sequence[str] - Global dns settings. To keep compatibility, dns settings in
ip_configandoob_ip_configwill overwrite this setting - extra_
routes Mapping[str, GatewayExtra Routes Args] - Property key is the destination CIDR (e.g. "10.0.0.0/8")
- extra_
routes6 Mapping[str, GatewayExtra Routes6Args] - Property key is the destination CIDR (e.g. "2a02:1234:420a:10c9::/64")
- idp_
profiles Mapping[str, GatewayIdp Profiles Args] - Property key is the profile name
- image1_
url str - image2_
url str - image3_
url str - ip_
configs Mapping[str, GatewayIp Configs Args] - Property key is the network name
- mac str
- Device MAC address
- managed bool
- map_
id str - Map where the device belongs to
- model str
- Device Model
- msp_
id str - name str
- networks
Sequence[Gateway
Network Args] - notes str
- ntp_
servers Sequence[str] - oob_
ip_ Gatewayconfig Oob Ip Config Args - Out-of-band (vme/em0/fxp0) IP config
- org_
id str - path_
preferences Mapping[str, GatewayPath Preferences Args] - Property key is the path name
- port_
config Mapping[str, GatewayPort Config Args] - Property key is the port name or range (e.g. "ge-0/0/0-10")
- port_
mirroring GatewayPort Mirroring Args - router_
id str - Auto assigned if not set
- routing_
policies Mapping[str, GatewayRouting Policies Args] - Property key is the routing policy name
- serial str
- Device Serial
- service_
policies Sequence[GatewayService Policy Args] - site_
id str - tunnel_
configs Mapping[str, GatewayTunnel Configs Args] - Property key is the tunnel name
- tunnel_
provider_ Gatewayoptions Tunnel Provider Options Args - type str
- Device Type. enum:
gateway - vars Mapping[str, str]
- Dictionary of name->value, the vars can then be used in Wlans. This can overwrite those from Site Vars
- vrf_
config GatewayVrf Config Args - vrf_
instances Mapping[str, GatewayVrf Instances Args] - Property key is the network name
- x float
- X in pixel
- y float
- Y in pixel
- additional
Config List<String>Cmds - additional CLI commands to append to the generated Junos config. Note: no check is done
- bgp
Config Map<Property Map> - device
Id String - dhcpd
Config Property Map - dns
Servers List<String> - Global dns settings. To keep compatibility, dns settings in
ip_configandoob_ip_configwill overwrite this setting - dns
Suffixes List<String> - Global dns settings. To keep compatibility, dns settings in
ip_configandoob_ip_configwill overwrite this setting - extra
Routes Map<Property Map> - Property key is the destination CIDR (e.g. "10.0.0.0/8")
- extra
Routes6 Map<Property Map> - Property key is the destination CIDR (e.g. "2a02:1234:420a:10c9::/64")
- idp
Profiles Map<Property Map> - Property key is the profile name
- image1Url String
- image2Url String
- image3Url String
- ip
Configs Map<Property Map> - Property key is the network name
- mac String
- Device MAC address
- managed Boolean
- map
Id String - Map where the device belongs to
- model String
- Device Model
- msp
Id String - name String
- networks List<Property Map>
- notes String
- ntp
Servers List<String> - oob
Ip Property MapConfig - Out-of-band (vme/em0/fxp0) IP config
- org
Id String - path
Preferences Map<Property Map> - Property key is the path name
- port
Config Map<Property Map> - Property key is the port name or range (e.g. "ge-0/0/0-10")
- port
Mirroring Property Map - router
Id String - Auto assigned if not set
- routing
Policies Map<Property Map> - Property key is the routing policy name
- serial String
- Device Serial
- service
Policies List<Property Map> - site
Id String - tunnel
Configs Map<Property Map> - Property key is the tunnel name
- tunnel
Provider Property MapOptions - type String
- Device Type. enum:
gateway - vars Map<String>
- Dictionary of name->value, the vars can then be used in Wlans. This can overwrite those from Site Vars
- vrf
Config Property Map - vrf
Instances Map<Property Map> - Property key is the network name
- x Number
- X in pixel
- y Number
- Y in pixel
Supporting Types
GatewayBgpConfig, GatewayBgpConfigArgs
- Auth
Key string - Bfd
Minimum intInterval - When bfd_multiplier is configured alone. Default:
- 1000 if
type==external - 350
type==internal
- 1000 if
- Bfd
Multiplier int - When bfd_minimum_interval_is_configured alone
- Disable
Bfd bool - BFD provides faster path failure detection and is enabled by default
- Export string
- Export
Policy string - Default export policies if no per-neighbor policies defined
- Extended
V4Nexthop bool - By default, either inet/net6 unicast depending on neighbor IP family (v4 or v6). For v6 neighbors, to exchange v4 nexthop, which allows dual-stack support, enable this
- Graceful
Restart intTime 0means disable- Hold
Time int - Import string
- Import
Policy string - Default import policies if no per-neighbor policies defined
- Local
As int - Neighbor
As int - Neighbors
Dictionary<string, Pulumi.
Juniper Mist. Device. Inputs. Gateway Bgp Config Neighbors> - If per-neighbor as is desired. Property key is the neighbor address
- Networks List<string>
- If
type!=externalorvia==wannetworks where we expect BGP neighbor to connect to/from - No
Readvertise boolTo Overlay - By default, we'll re-advertise all learned BGP routers toward overlay
- Tunnel
Name string - If
type==tunnel - Type string
- enum:
external,internal - Via string
- network name. enum:
lan,tunnel,vpn,wan - Vpn
Name string - Wan
Name string - If
via==wan
- Auth
Key string - Bfd
Minimum intInterval - When bfd_multiplier is configured alone. Default:
- 1000 if
type==external - 350
type==internal
- 1000 if
- Bfd
Multiplier int - When bfd_minimum_interval_is_configured alone
- Disable
Bfd bool - BFD provides faster path failure detection and is enabled by default
- Export string
- Export
Policy string - Default export policies if no per-neighbor policies defined
- Extended
V4Nexthop bool - By default, either inet/net6 unicast depending on neighbor IP family (v4 or v6). For v6 neighbors, to exchange v4 nexthop, which allows dual-stack support, enable this
- Graceful
Restart intTime 0means disable- Hold
Time int - Import string
- Import
Policy string - Default import policies if no per-neighbor policies defined
- Local
As int - Neighbor
As int - Neighbors
map[string]Gateway
Bgp Config Neighbors - If per-neighbor as is desired. Property key is the neighbor address
- Networks []string
- If
type!=externalorvia==wannetworks where we expect BGP neighbor to connect to/from - No
Readvertise boolTo Overlay - By default, we'll re-advertise all learned BGP routers toward overlay
- Tunnel
Name string - If
type==tunnel - Type string
- enum:
external,internal - Via string
- network name. enum:
lan,tunnel,vpn,wan - Vpn
Name string - Wan
Name string - If
via==wan
- auth
Key String - bfd
Minimum IntegerInterval - When bfd_multiplier is configured alone. Default:
- 1000 if
type==external - 350
type==internal
- 1000 if
- bfd
Multiplier Integer - When bfd_minimum_interval_is_configured alone
- disable
Bfd Boolean - BFD provides faster path failure detection and is enabled by default
- export String
- export
Policy String - Default export policies if no per-neighbor policies defined
- extended
V4Nexthop Boolean - By default, either inet/net6 unicast depending on neighbor IP family (v4 or v6). For v6 neighbors, to exchange v4 nexthop, which allows dual-stack support, enable this
- graceful
Restart IntegerTime 0means disable- hold
Time Integer - import
Policy String - Default import policies if no per-neighbor policies defined
- import_ String
- local
As Integer - neighbor
As Integer - neighbors
Map<String,Gateway
Bgp Config Neighbors> - If per-neighbor as is desired. Property key is the neighbor address
- networks List<String>
- If
type!=externalorvia==wannetworks where we expect BGP neighbor to connect to/from - no
Readvertise BooleanTo Overlay - By default, we'll re-advertise all learned BGP routers toward overlay
- tunnel
Name String - If
type==tunnel - type String
- enum:
external,internal - via String
- network name. enum:
lan,tunnel,vpn,wan - vpn
Name String - wan
Name String - If
via==wan
- auth
Key string - bfd
Minimum numberInterval - When bfd_multiplier is configured alone. Default:
- 1000 if
type==external - 350
type==internal
- 1000 if
- bfd
Multiplier number - When bfd_minimum_interval_is_configured alone
- disable
Bfd boolean - BFD provides faster path failure detection and is enabled by default
- export string
- export
Policy string - Default export policies if no per-neighbor policies defined
- extended
V4Nexthop boolean - By default, either inet/net6 unicast depending on neighbor IP family (v4 or v6). For v6 neighbors, to exchange v4 nexthop, which allows dual-stack support, enable this
- graceful
Restart numberTime 0means disable- hold
Time number - import string
- import
Policy string - Default import policies if no per-neighbor policies defined
- local
As number - neighbor
As number - neighbors
{[key: string]: Gateway
Bgp Config Neighbors} - If per-neighbor as is desired. Property key is the neighbor address
- networks string[]
- If
type!=externalorvia==wannetworks where we expect BGP neighbor to connect to/from - no
Readvertise booleanTo Overlay - By default, we'll re-advertise all learned BGP routers toward overlay
- tunnel
Name string - If
type==tunnel - type string
- enum:
external,internal - via string
- network name. enum:
lan,tunnel,vpn,wan - vpn
Name string - wan
Name string - If
via==wan
- auth_
key str - bfd_
minimum_ intinterval - When bfd_multiplier is configured alone. Default:
- 1000 if
type==external - 350
type==internal
- 1000 if
- bfd_
multiplier int - When bfd_minimum_interval_is_configured alone
- disable_
bfd bool - BFD provides faster path failure detection and is enabled by default
- export str
- export_
policy str - Default export policies if no per-neighbor policies defined
- extended_
v4_ boolnexthop - By default, either inet/net6 unicast depending on neighbor IP family (v4 or v6). For v6 neighbors, to exchange v4 nexthop, which allows dual-stack support, enable this
- graceful_
restart_ inttime 0means disable- hold_
time int - import_ str
- import_
policy str - Default import policies if no per-neighbor policies defined
- local_
as int - neighbor_
as int - neighbors
Mapping[str, Gateway
Bgp Config Neighbors] - If per-neighbor as is desired. Property key is the neighbor address
- networks Sequence[str]
- If
type!=externalorvia==wannetworks where we expect BGP neighbor to connect to/from - no_
readvertise_ boolto_ overlay - By default, we'll re-advertise all learned BGP routers toward overlay
- tunnel_
name str - If
type==tunnel - type str
- enum:
external,internal - via str
- network name. enum:
lan,tunnel,vpn,wan - vpn_
name str - wan_
name str - If
via==wan
- auth
Key String - bfd
Minimum NumberInterval - When bfd_multiplier is configured alone. Default:
- 1000 if
type==external - 350
type==internal
- 1000 if
- bfd
Multiplier Number - When bfd_minimum_interval_is_configured alone
- disable
Bfd Boolean - BFD provides faster path failure detection and is enabled by default
- export String
- export
Policy String - Default export policies if no per-neighbor policies defined
- extended
V4Nexthop Boolean - By default, either inet/net6 unicast depending on neighbor IP family (v4 or v6). For v6 neighbors, to exchange v4 nexthop, which allows dual-stack support, enable this
- graceful
Restart NumberTime 0means disable- hold
Time Number - import String
- import
Policy String - Default import policies if no per-neighbor policies defined
- local
As Number - neighbor
As Number - neighbors Map<Property Map>
- If per-neighbor as is desired. Property key is the neighbor address
- networks List<String>
- If
type!=externalorvia==wannetworks where we expect BGP neighbor to connect to/from - no
Readvertise BooleanTo Overlay - By default, we'll re-advertise all learned BGP routers toward overlay
- tunnel
Name String - If
type==tunnel - type String
- enum:
external,internal - via String
- network name. enum:
lan,tunnel,vpn,wan - vpn
Name String - wan
Name String - If
via==wan
GatewayBgpConfigNeighbors, GatewayBgpConfigNeighborsArgs
- Disabled bool
- If true, the BGP session to this neighbor will be administratively disabled/shutdown
- Export
Policy string - Hold
Time int - Import
Policy string - Multihop
Ttl int - Assuming BGP neighbor is directly connected
- Neighbor
As int
- Disabled bool
- If true, the BGP session to this neighbor will be administratively disabled/shutdown
- Export
Policy string - Hold
Time int - Import
Policy string - Multihop
Ttl int - Assuming BGP neighbor is directly connected
- Neighbor
As int
- disabled Boolean
- If true, the BGP session to this neighbor will be administratively disabled/shutdown
- export
Policy String - hold
Time Integer - import
Policy String - multihop
Ttl Integer - Assuming BGP neighbor is directly connected
- neighbor
As Integer
- disabled boolean
- If true, the BGP session to this neighbor will be administratively disabled/shutdown
- export
Policy string - hold
Time number - import
Policy string - multihop
Ttl number - Assuming BGP neighbor is directly connected
- neighbor
As number
- disabled bool
- If true, the BGP session to this neighbor will be administratively disabled/shutdown
- export_
policy str - hold_
time int - import_
policy str - multihop_
ttl int - Assuming BGP neighbor is directly connected
- neighbor_
as int
- disabled Boolean
- If true, the BGP session to this neighbor will be administratively disabled/shutdown
- export
Policy String - hold
Time Number - import
Policy String - multihop
Ttl Number - Assuming BGP neighbor is directly connected
- neighbor
As Number
GatewayDhcpdConfig, GatewayDhcpdConfigArgs
GatewayDhcpdConfigConfig, GatewayDhcpdConfigConfigArgs
- Dns
Servers List<string> - If
type==localortype6==local- optional, if not defined, system one will be used - Dns
Suffixes List<string> - If
type==localortype6==local- optional, if not defined, system one will be used - Fixed
Bindings Dictionary<string, Pulumi.Juniper Mist. Device. Inputs. Gateway Dhcpd Config Config Fixed Bindings> - If
type==localortype6==local. Property key is the MAC Address. Format is[0-9a-f]{12}(e.g "5684dae9ac8b") - Gateway string
- If
type==local- optional,ipwill be used if not provided - Ip
End string - If
type==local - Ip
End6 string - If
type6==local - Ip
Start string - If
type==local - Ip
Start6 string - If
type6==local - Lease
Time int - In seconds, lease time has to be between 3600 [1hr] - 604800 [1 week], default is 86400 [1 day]
- Options
Dictionary<string, Pulumi.
Juniper Mist. Device. Inputs. Gateway Dhcpd Config Config Options> - If
type==localortype6==local. Property key is the DHCP option number - Server
Id boolOverride server_id_override==truemeans the device, when acts as DHCP relay and forwards DHCP responses from DHCP server to clients, should overwrite the Sever Identifier option (i.e. DHCP option 54) in DHCP responses with its own IP address.- Servers List<string>
- If
type==relay - Servers6s List<string>
- If
type6==relay - Type string
- enum:
local(DHCP Server),none,relay(DHCP Relay) - Type6 string
- enum:
local(DHCP Server),none,relay(DHCP Relay) - Vendor
Encapsulated Dictionary<string, Pulumi.Juniper Mist. Device. Inputs. Gateway Dhcpd Config Config Vendor Encapsulated> - If
type==localortype6==local. Property key is :, with- enterprise number: 1-65535 (https://www.iana.org/assignments/enterprise-numbers/enterprise-numbers)
- sub option code: 1-255, sub-option code
- Dns
Servers []string - If
type==localortype6==local- optional, if not defined, system one will be used - Dns
Suffixes []string - If
type==localortype6==local- optional, if not defined, system one will be used - Fixed
Bindings map[string]GatewayDhcpd Config Config Fixed Bindings - If
type==localortype6==local. Property key is the MAC Address. Format is[0-9a-f]{12}(e.g "5684dae9ac8b") - Gateway string
- If
type==local- optional,ipwill be used if not provided - Ip
End string - If
type==local - Ip
End6 string - If
type6==local - Ip
Start string - If
type==local - Ip
Start6 string - If
type6==local - Lease
Time int - In seconds, lease time has to be between 3600 [1hr] - 604800 [1 week], default is 86400 [1 day]
- Options
map[string]Gateway
Dhcpd Config Config Options - If
type==localortype6==local. Property key is the DHCP option number - Server
Id boolOverride server_id_override==truemeans the device, when acts as DHCP relay and forwards DHCP responses from DHCP server to clients, should overwrite the Sever Identifier option (i.e. DHCP option 54) in DHCP responses with its own IP address.- Servers []string
- If
type==relay - Servers6s []string
- If
type6==relay - Type string
- enum:
local(DHCP Server),none,relay(DHCP Relay) - Type6 string
- enum:
local(DHCP Server),none,relay(DHCP Relay) - Vendor
Encapsulated map[string]GatewayDhcpd Config Config Vendor Encapsulated - If
type==localortype6==local. Property key is :, with- enterprise number: 1-65535 (https://www.iana.org/assignments/enterprise-numbers/enterprise-numbers)
- sub option code: 1-255, sub-option code
- dns
Servers List<String> - If
type==localortype6==local- optional, if not defined, system one will be used - dns
Suffixes List<String> - If
type==localortype6==local- optional, if not defined, system one will be used - fixed
Bindings Map<String,GatewayDhcpd Config Config Fixed Bindings> - If
type==localortype6==local. Property key is the MAC Address. Format is[0-9a-f]{12}(e.g "5684dae9ac8b") - gateway String
- If
type==local- optional,ipwill be used if not provided - ip
End String - If
type==local - ip
End6 String - If
type6==local - ip
Start String - If
type==local - ip
Start6 String - If
type6==local - lease
Time Integer - In seconds, lease time has to be between 3600 [1hr] - 604800 [1 week], default is 86400 [1 day]
- options
Map<String,Gateway
Dhcpd Config Config Options> - If
type==localortype6==local. Property key is the DHCP option number - server
Id BooleanOverride server_id_override==truemeans the device, when acts as DHCP relay and forwards DHCP responses from DHCP server to clients, should overwrite the Sever Identifier option (i.e. DHCP option 54) in DHCP responses with its own IP address.- servers List<String>
- If
type==relay - servers6s List<String>
- If
type6==relay - type String
- enum:
local(DHCP Server),none,relay(DHCP Relay) - type6 String
- enum:
local(DHCP Server),none,relay(DHCP Relay) - vendor
Encapsulated Map<String,GatewayDhcpd Config Config Vendor Encapsulated> - If
type==localortype6==local. Property key is :, with- enterprise number: 1-65535 (https://www.iana.org/assignments/enterprise-numbers/enterprise-numbers)
- sub option code: 1-255, sub-option code
- dns
Servers string[] - If
type==localortype6==local- optional, if not defined, system one will be used - dns
Suffixes string[] - If
type==localortype6==local- optional, if not defined, system one will be used - fixed
Bindings {[key: string]: GatewayDhcpd Config Config Fixed Bindings} - If
type==localortype6==local. Property key is the MAC Address. Format is[0-9a-f]{12}(e.g "5684dae9ac8b") - gateway string
- If
type==local- optional,ipwill be used if not provided - ip
End string - If
type==local - ip
End6 string - If
type6==local - ip
Start string - If
type==local - ip
Start6 string - If
type6==local - lease
Time number - In seconds, lease time has to be between 3600 [1hr] - 604800 [1 week], default is 86400 [1 day]
- options
{[key: string]: Gateway
Dhcpd Config Config Options} - If
type==localortype6==local. Property key is the DHCP option number - server
Id booleanOverride server_id_override==truemeans the device, when acts as DHCP relay and forwards DHCP responses from DHCP server to clients, should overwrite the Sever Identifier option (i.e. DHCP option 54) in DHCP responses with its own IP address.- servers string[]
- If
type==relay - servers6s string[]
- If
type6==relay - type string
- enum:
local(DHCP Server),none,relay(DHCP Relay) - type6 string
- enum:
local(DHCP Server),none,relay(DHCP Relay) - vendor
Encapsulated {[key: string]: GatewayDhcpd Config Config Vendor Encapsulated} - If
type==localortype6==local. Property key is :, with- enterprise number: 1-65535 (https://www.iana.org/assignments/enterprise-numbers/enterprise-numbers)
- sub option code: 1-255, sub-option code
- dns_
servers Sequence[str] - If
type==localortype6==local- optional, if not defined, system one will be used - dns_
suffixes Sequence[str] - If
type==localortype6==local- optional, if not defined, system one will be used - fixed_
bindings Mapping[str, GatewayDhcpd Config Config Fixed Bindings] - If
type==localortype6==local. Property key is the MAC Address. Format is[0-9a-f]{12}(e.g "5684dae9ac8b") - gateway str
- If
type==local- optional,ipwill be used if not provided - ip_
end str - If
type==local - ip_
end6 str - If
type6==local - ip_
start str - If
type==local - ip_
start6 str - If
type6==local - lease_
time int - In seconds, lease time has to be between 3600 [1hr] - 604800 [1 week], default is 86400 [1 day]
- options
Mapping[str, Gateway
Dhcpd Config Config Options] - If
type==localortype6==local. Property key is the DHCP option number - server_
id_ booloverride server_id_override==truemeans the device, when acts as DHCP relay and forwards DHCP responses from DHCP server to clients, should overwrite the Sever Identifier option (i.e. DHCP option 54) in DHCP responses with its own IP address.- servers Sequence[str]
- If
type==relay - servers6s Sequence[str]
- If
type6==relay - type str
- enum:
local(DHCP Server),none,relay(DHCP Relay) - type6 str
- enum:
local(DHCP Server),none,relay(DHCP Relay) - vendor_
encapsulated Mapping[str, GatewayDhcpd Config Config Vendor Encapsulated] - If
type==localortype6==local. Property key is :, with- enterprise number: 1-65535 (https://www.iana.org/assignments/enterprise-numbers/enterprise-numbers)
- sub option code: 1-255, sub-option code
- dns
Servers List<String> - If
type==localortype6==local- optional, if not defined, system one will be used - dns
Suffixes List<String> - If
type==localortype6==local- optional, if not defined, system one will be used - fixed
Bindings Map<Property Map> - If
type==localortype6==local. Property key is the MAC Address. Format is[0-9a-f]{12}(e.g "5684dae9ac8b") - gateway String
- If
type==local- optional,ipwill be used if not provided - ip
End String - If
type==local - ip
End6 String - If
type6==local - ip
Start String - If
type==local - ip
Start6 String - If
type6==local - lease
Time Number - In seconds, lease time has to be between 3600 [1hr] - 604800 [1 week], default is 86400 [1 day]
- options Map<Property Map>
- If
type==localortype6==local. Property key is the DHCP option number - server
Id BooleanOverride server_id_override==truemeans the device, when acts as DHCP relay and forwards DHCP responses from DHCP server to clients, should overwrite the Sever Identifier option (i.e. DHCP option 54) in DHCP responses with its own IP address.- servers List<String>
- If
type==relay - servers6s List<String>
- If
type6==relay - type String
- enum:
local(DHCP Server),none,relay(DHCP Relay) - type6 String
- enum:
local(DHCP Server),none,relay(DHCP Relay) - vendor
Encapsulated Map<Property Map> - If
type==localortype6==local. Property key is :, with- enterprise number: 1-65535 (https://www.iana.org/assignments/enterprise-numbers/enterprise-numbers)
- sub option code: 1-255, sub-option code
GatewayDhcpdConfigConfigFixedBindings, GatewayDhcpdConfigConfigFixedBindingsArgs
GatewayDhcpdConfigConfigOptions, GatewayDhcpdConfigConfigOptionsArgs
GatewayDhcpdConfigConfigVendorEncapsulated, GatewayDhcpdConfigConfigVendorEncapsulatedArgs
GatewayExtraRoutes, GatewayExtraRoutesArgs
- Via string
- Via string
- via String
- via string
- via str
- via String
GatewayExtraRoutes6, GatewayExtraRoutes6Args
- Via string
- Via string
- via String
- via string
- via str
- via String
GatewayIdpProfiles, GatewayIdpProfilesArgs
- Base
Profile string - enum:
critical,standard,strict - Id string
- Unique ID of the object instance in the Mist Organnization
- Name string
- Org
Id string - Overwrites
List<Pulumi.
Juniper Mist. Device. Inputs. Gateway Idp Profiles Overwrite>
- Base
Profile string - enum:
critical,standard,strict - Id string
- Unique ID of the object instance in the Mist Organnization
- Name string
- Org
Id string - Overwrites
[]Gateway
Idp Profiles Overwrite
- base
Profile String - enum:
critical,standard,strict - id String
- Unique ID of the object instance in the Mist Organnization
- name String
- org
Id String - overwrites
List<Gateway
Idp Profiles Overwrite>
- base
Profile string - enum:
critical,standard,strict - id string
- Unique ID of the object instance in the Mist Organnization
- name string
- org
Id string - overwrites
Gateway
Idp Profiles Overwrite[]
- base_
profile str - enum:
critical,standard,strict - id str
- Unique ID of the object instance in the Mist Organnization
- name str
- org_
id str - overwrites
Sequence[Gateway
Idp Profiles Overwrite]
- base
Profile String - enum:
critical,standard,strict - id String
- Unique ID of the object instance in the Mist Organnization
- name String
- org
Id String - overwrites List<Property Map>
GatewayIdpProfilesOverwrite, GatewayIdpProfilesOverwriteArgs
- Action string
- enum:
- alert (default)
- drop: siliently dropping packets
- close: notify client/server to close connection
- Matching
Pulumi.
Juniper Mist. Device. Inputs. Gateway Idp Profiles Overwrite Matching - Name string
- Action string
- enum:
- alert (default)
- drop: siliently dropping packets
- close: notify client/server to close connection
- Matching
Gateway
Idp Profiles Overwrite Matching - Name string
- action String
- enum:
- alert (default)
- drop: siliently dropping packets
- close: notify client/server to close connection
- matching
Gateway
Idp Profiles Overwrite Matching - name String
- action string
- enum:
- alert (default)
- drop: siliently dropping packets
- close: notify client/server to close connection
- matching
Gateway
Idp Profiles Overwrite Matching - name string
- action str
- enum:
- alert (default)
- drop: siliently dropping packets
- close: notify client/server to close connection
- matching
Gateway
Idp Profiles Overwrite Matching - name str
- action String
- enum:
- alert (default)
- drop: siliently dropping packets
- close: notify client/server to close connection
- matching Property Map
- name String
GatewayIdpProfilesOverwriteMatching, GatewayIdpProfilesOverwriteMatchingArgs
- Attack
Names List<string> - Dst
Subnets List<string> - Severities List<string>
- Attack
Names []string - Dst
Subnets []string - Severities []string
- attack
Names List<String> - dst
Subnets List<String> - severities List<String>
- attack
Names string[] - dst
Subnets string[] - severities string[]
- attack_
names Sequence[str] - dst_
subnets Sequence[str] - severities Sequence[str]
- attack
Names List<String> - dst
Subnets List<String> - severities List<String>
GatewayIpConfigs, GatewayIpConfigsArgs
- Ip string
- Netmask string
- Secondary
Ips List<string> - Optional list of secondary IPs in CIDR format
- Type string
- enum:
dhcp,static
- Ip string
- Netmask string
- Secondary
Ips []string - Optional list of secondary IPs in CIDR format
- Type string
- enum:
dhcp,static
- ip String
- netmask String
- secondary
Ips List<String> - Optional list of secondary IPs in CIDR format
- type String
- enum:
dhcp,static
- ip string
- netmask string
- secondary
Ips string[] - Optional list of secondary IPs in CIDR format
- type string
- enum:
dhcp,static
- ip str
- netmask str
- secondary_
ips Sequence[str] - Optional list of secondary IPs in CIDR format
- type str
- enum:
dhcp,static
- ip String
- netmask String
- secondary
Ips List<String> - Optional list of secondary IPs in CIDR format
- type String
- enum:
dhcp,static
GatewayNetwork, GatewayNetworkArgs
- Name string
- Subnet string
- Disallow
Mist boolServices - Whether to disallow Mist Devices in the network
- Gateway string
- Gateway6 string
- Internal
Access Pulumi.Juniper Mist. Device. Inputs. Gateway Network Internal Access - Internet
Access Pulumi.Juniper Mist. Device. Inputs. Gateway Network Internet Access - Whether this network has direct internet access
- Isolation bool
- Whether to allow clients in the network to talk to each other
- Multicast
Pulumi.
Juniper Mist. Device. Inputs. Gateway Network Multicast - Whether to enable multicast support (only PIM-sparse mode is supported)
- Routed
For List<string>Networks - For a Network (usually LAN), it can be routable to other networks (e.g. OSPF)
- Subnet6 string
- Tenants
Dictionary<string, Pulumi.
Juniper Mist. Device. Inputs. Gateway Network Tenants> - Property key must be the user/tenant name (i.e. "printer-1") or a Variable (i.e. "{{myvar}}")
- Vlan
Id string - Vpn
Access Dictionary<string, Pulumi.Juniper Mist. Device. Inputs. Gateway Network Vpn Access> - Property key is the VPN name. Whether this network can be accessed from vpn
- Name string
- Subnet string
- Disallow
Mist boolServices - Whether to disallow Mist Devices in the network
- Gateway string
- Gateway6 string
- Internal
Access GatewayNetwork Internal Access - Internet
Access GatewayNetwork Internet Access - Whether this network has direct internet access
- Isolation bool
- Whether to allow clients in the network to talk to each other
- Multicast
Gateway
Network Multicast - Whether to enable multicast support (only PIM-sparse mode is supported)
- Routed
For []stringNetworks - For a Network (usually LAN), it can be routable to other networks (e.g. OSPF)
- Subnet6 string
- Tenants
map[string]Gateway
Network Tenants - Property key must be the user/tenant name (i.e. "printer-1") or a Variable (i.e. "{{myvar}}")
- Vlan
Id string - Vpn
Access map[string]GatewayNetwork Vpn Access - Property key is the VPN name. Whether this network can be accessed from vpn
- name String
- subnet String
- disallow
Mist BooleanServices - Whether to disallow Mist Devices in the network
- gateway String
- gateway6 String
- internal
Access GatewayNetwork Internal Access - internet
Access GatewayNetwork Internet Access - Whether this network has direct internet access
- isolation Boolean
- Whether to allow clients in the network to talk to each other
- multicast
Gateway
Network Multicast - Whether to enable multicast support (only PIM-sparse mode is supported)
- routed
For List<String>Networks - For a Network (usually LAN), it can be routable to other networks (e.g. OSPF)
- subnet6 String
- tenants
Map<String,Gateway
Network Tenants> - Property key must be the user/tenant name (i.e. "printer-1") or a Variable (i.e. "{{myvar}}")
- vlan
Id String - vpn
Access Map<String,GatewayNetwork Vpn Access> - Property key is the VPN name. Whether this network can be accessed from vpn
- name string
- subnet string
- disallow
Mist booleanServices - Whether to disallow Mist Devices in the network
- gateway string
- gateway6 string
- internal
Access GatewayNetwork Internal Access - internet
Access GatewayNetwork Internet Access - Whether this network has direct internet access
- isolation boolean
- Whether to allow clients in the network to talk to each other
- multicast
Gateway
Network Multicast - Whether to enable multicast support (only PIM-sparse mode is supported)
- routed
For string[]Networks - For a Network (usually LAN), it can be routable to other networks (e.g. OSPF)
- subnet6 string
- tenants
{[key: string]: Gateway
Network Tenants} - Property key must be the user/tenant name (i.e. "printer-1") or a Variable (i.e. "{{myvar}}")
- vlan
Id string - vpn
Access {[key: string]: GatewayNetwork Vpn Access} - Property key is the VPN name. Whether this network can be accessed from vpn
- name str
- subnet str
- disallow_
mist_ boolservices - Whether to disallow Mist Devices in the network
- gateway str
- gateway6 str
- internal_
access GatewayNetwork Internal Access - internet_
access GatewayNetwork Internet Access - Whether this network has direct internet access
- isolation bool
- Whether to allow clients in the network to talk to each other
- multicast
Gateway
Network Multicast - Whether to enable multicast support (only PIM-sparse mode is supported)
- routed_
for_ Sequence[str]networks - For a Network (usually LAN), it can be routable to other networks (e.g. OSPF)
- subnet6 str
- tenants
Mapping[str, Gateway
Network Tenants] - Property key must be the user/tenant name (i.e. "printer-1") or a Variable (i.e. "{{myvar}}")
- vlan_
id str - vpn_
access Mapping[str, GatewayNetwork Vpn Access] - Property key is the VPN name. Whether this network can be accessed from vpn
- name String
- subnet String
- disallow
Mist BooleanServices - Whether to disallow Mist Devices in the network
- gateway String
- gateway6 String
- internal
Access Property Map - internet
Access Property Map - Whether this network has direct internet access
- isolation Boolean
- Whether to allow clients in the network to talk to each other
- multicast Property Map
- Whether to enable multicast support (only PIM-sparse mode is supported)
- routed
For List<String>Networks - For a Network (usually LAN), it can be routable to other networks (e.g. OSPF)
- subnet6 String
- tenants Map<Property Map>
- Property key must be the user/tenant name (i.e. "printer-1") or a Variable (i.e. "{{myvar}}")
- vlan
Id String - vpn
Access Map<Property Map> - Property key is the VPN name. Whether this network can be accessed from vpn
GatewayNetworkInternalAccess, GatewayNetworkInternalAccessArgs
- Enabled bool
- Enabled bool
- enabled Boolean
- enabled boolean
- enabled bool
- enabled Boolean
GatewayNetworkInternetAccess, GatewayNetworkInternetAccessArgs
- Create
Simple boolService Policy - Destination
Nat Dictionary<string, Pulumi.Juniper Mist. Device. Inputs. Gateway Network Internet Access Destination Nat> - Property key can be an External IP (i.e. "63.16.0.3"), an External IP:Port (i.e. "63.16.0.3:443"), an External Port (i.e. ":443"), an External CIDR (i.e. "63.16.0.0/30"), an External CIDR:Port (i.e. "63.16.0.0/30:443") or a Variable (i.e. "{{myvar}}"). At least one of the
internal_iporportmust be defined - Enabled bool
- Restricted bool
- By default, all access is allowed, to only allow certain traffic, make
restricted=trueand define service_policies - Static
Nat Dictionary<string, Pulumi.Juniper Mist. Device. Inputs. Gateway Network Internet Access Static Nat> - Property key may be an External IP Address (i.e. "63.16.0.3"), a CIDR (i.e. "63.16.0.12/20") or a Variable (i.e. "{{myvar}}")
- Create
Simple boolService Policy - Destination
Nat map[string]GatewayNetwork Internet Access Destination Nat - Property key can be an External IP (i.e. "63.16.0.3"), an External IP:Port (i.e. "63.16.0.3:443"), an External Port (i.e. ":443"), an External CIDR (i.e. "63.16.0.0/30"), an External CIDR:Port (i.e. "63.16.0.0/30:443") or a Variable (i.e. "{{myvar}}"). At least one of the
internal_iporportmust be defined - Enabled bool
- Restricted bool
- By default, all access is allowed, to only allow certain traffic, make
restricted=trueand define service_policies - Static
Nat map[string]GatewayNetwork Internet Access Static Nat - Property key may be an External IP Address (i.e. "63.16.0.3"), a CIDR (i.e. "63.16.0.12/20") or a Variable (i.e. "{{myvar}}")
- create
Simple BooleanService Policy - destination
Nat Map<String,GatewayNetwork Internet Access Destination Nat> - Property key can be an External IP (i.e. "63.16.0.3"), an External IP:Port (i.e. "63.16.0.3:443"), an External Port (i.e. ":443"), an External CIDR (i.e. "63.16.0.0/30"), an External CIDR:Port (i.e. "63.16.0.0/30:443") or a Variable (i.e. "{{myvar}}"). At least one of the
internal_iporportmust be defined - enabled Boolean
- restricted Boolean
- By default, all access is allowed, to only allow certain traffic, make
restricted=trueand define service_policies - static
Nat Map<String,GatewayNetwork Internet Access Static Nat> - Property key may be an External IP Address (i.e. "63.16.0.3"), a CIDR (i.e. "63.16.0.12/20") or a Variable (i.e. "{{myvar}}")
- create
Simple booleanService Policy - destination
Nat {[key: string]: GatewayNetwork Internet Access Destination Nat} - Property key can be an External IP (i.e. "63.16.0.3"), an External IP:Port (i.e. "63.16.0.3:443"), an External Port (i.e. ":443"), an External CIDR (i.e. "63.16.0.0/30"), an External CIDR:Port (i.e. "63.16.0.0/30:443") or a Variable (i.e. "{{myvar}}"). At least one of the
internal_iporportmust be defined - enabled boolean
- restricted boolean
- By default, all access is allowed, to only allow certain traffic, make
restricted=trueand define service_policies - static
Nat {[key: string]: GatewayNetwork Internet Access Static Nat} - Property key may be an External IP Address (i.e. "63.16.0.3"), a CIDR (i.e. "63.16.0.12/20") or a Variable (i.e. "{{myvar}}")
- create_
simple_ boolservice_ policy - destination_
nat Mapping[str, GatewayNetwork Internet Access Destination Nat] - Property key can be an External IP (i.e. "63.16.0.3"), an External IP:Port (i.e. "63.16.0.3:443"), an External Port (i.e. ":443"), an External CIDR (i.e. "63.16.0.0/30"), an External CIDR:Port (i.e. "63.16.0.0/30:443") or a Variable (i.e. "{{myvar}}"). At least one of the
internal_iporportmust be defined - enabled bool
- restricted bool
- By default, all access is allowed, to only allow certain traffic, make
restricted=trueand define service_policies - static_
nat Mapping[str, GatewayNetwork Internet Access Static Nat] - Property key may be an External IP Address (i.e. "63.16.0.3"), a CIDR (i.e. "63.16.0.12/20") or a Variable (i.e. "{{myvar}}")
- create
Simple BooleanService Policy - destination
Nat Map<Property Map> - Property key can be an External IP (i.e. "63.16.0.3"), an External IP:Port (i.e. "63.16.0.3:443"), an External Port (i.e. ":443"), an External CIDR (i.e. "63.16.0.0/30"), an External CIDR:Port (i.e. "63.16.0.0/30:443") or a Variable (i.e. "{{myvar}}"). At least one of the
internal_iporportmust be defined - enabled Boolean
- restricted Boolean
- By default, all access is allowed, to only allow certain traffic, make
restricted=trueand define service_policies - static
Nat Map<Property Map> - Property key may be an External IP Address (i.e. "63.16.0.3"), a CIDR (i.e. "63.16.0.12/20") or a Variable (i.e. "{{myvar}}")
GatewayNetworkInternetAccessDestinationNat, GatewayNetworkInternetAccessDestinationNatArgs
- Internal
Ip string - The Destination NAT destination IP Address. Must be an IP (i.e. "192.168.70.30") or a Variable (i.e. "{{myvar}}")
- Name string
- Port string
- The Destination NAT destination IP Address. Must be a Port (i.e. "443") or a Variable (i.e. "{{myvar}}")
- Wan
Name string - SRX Only. If not set, we configure the nat policies against all WAN ports for simplicity
- Internal
Ip string - The Destination NAT destination IP Address. Must be an IP (i.e. "192.168.70.30") or a Variable (i.e. "{{myvar}}")
- Name string
- Port string
- The Destination NAT destination IP Address. Must be a Port (i.e. "443") or a Variable (i.e. "{{myvar}}")
- Wan
Name string - SRX Only. If not set, we configure the nat policies against all WAN ports for simplicity
- internal
Ip String - The Destination NAT destination IP Address. Must be an IP (i.e. "192.168.70.30") or a Variable (i.e. "{{myvar}}")
- name String
- port String
- The Destination NAT destination IP Address. Must be a Port (i.e. "443") or a Variable (i.e. "{{myvar}}")
- wan
Name String - SRX Only. If not set, we configure the nat policies against all WAN ports for simplicity
- internal
Ip string - The Destination NAT destination IP Address. Must be an IP (i.e. "192.168.70.30") or a Variable (i.e. "{{myvar}}")
- name string
- port string
- The Destination NAT destination IP Address. Must be a Port (i.e. "443") or a Variable (i.e. "{{myvar}}")
- wan
Name string - SRX Only. If not set, we configure the nat policies against all WAN ports for simplicity
- internal_
ip str - The Destination NAT destination IP Address. Must be an IP (i.e. "192.168.70.30") or a Variable (i.e. "{{myvar}}")
- name str
- port str
- The Destination NAT destination IP Address. Must be a Port (i.e. "443") or a Variable (i.e. "{{myvar}}")
- wan_
name str - SRX Only. If not set, we configure the nat policies against all WAN ports for simplicity
- internal
Ip String - The Destination NAT destination IP Address. Must be an IP (i.e. "192.168.70.30") or a Variable (i.e. "{{myvar}}")
- name String
- port String
- The Destination NAT destination IP Address. Must be a Port (i.e. "443") or a Variable (i.e. "{{myvar}}")
- wan
Name String - SRX Only. If not set, we configure the nat policies against all WAN ports for simplicity
GatewayNetworkInternetAccessStaticNat, GatewayNetworkInternetAccessStaticNatArgs
- Internal
Ip string - The Static NAT destination IP Address. Must be an IP Address (i.e. "192.168.70.3") or a Variable (i.e. "{{myvar}}")
- Name string
- Wan
Name string - SRX Only. If not set, we configure the nat policies against all WAN ports for simplicity. Can be a Variable (i.e. "{{myvar}}")
- Internal
Ip string - The Static NAT destination IP Address. Must be an IP Address (i.e. "192.168.70.3") or a Variable (i.e. "{{myvar}}")
- Name string
- Wan
Name string - SRX Only. If not set, we configure the nat policies against all WAN ports for simplicity. Can be a Variable (i.e. "{{myvar}}")
- internal
Ip String - The Static NAT destination IP Address. Must be an IP Address (i.e. "192.168.70.3") or a Variable (i.e. "{{myvar}}")
- name String
- wan
Name String - SRX Only. If not set, we configure the nat policies against all WAN ports for simplicity. Can be a Variable (i.e. "{{myvar}}")
- internal
Ip string - The Static NAT destination IP Address. Must be an IP Address (i.e. "192.168.70.3") or a Variable (i.e. "{{myvar}}")
- name string
- wan
Name string - SRX Only. If not set, we configure the nat policies against all WAN ports for simplicity. Can be a Variable (i.e. "{{myvar}}")
- internal_
ip str - The Static NAT destination IP Address. Must be an IP Address (i.e. "192.168.70.3") or a Variable (i.e. "{{myvar}}")
- name str
- wan_
name str - SRX Only. If not set, we configure the nat policies against all WAN ports for simplicity. Can be a Variable (i.e. "{{myvar}}")
- internal
Ip String - The Static NAT destination IP Address. Must be an IP Address (i.e. "192.168.70.3") or a Variable (i.e. "{{myvar}}")
- name String
- wan
Name String - SRX Only. If not set, we configure the nat policies against all WAN ports for simplicity. Can be a Variable (i.e. "{{myvar}}")
GatewayNetworkMulticast, GatewayNetworkMulticastArgs
- Disable
Igmp bool - If the network will only be the soruce of the multicast traffic, IGMP can be disabled
- Enabled bool
- Groups
Dictionary<string, Pulumi.
Juniper Mist. Device. Inputs. Gateway Network Multicast Groups> - Group address to RP (rendezvous point) mapping. Property Key is the CIDR (example "225.1.0.3/32")
- Disable
Igmp bool - If the network will only be the soruce of the multicast traffic, IGMP can be disabled
- Enabled bool
- Groups
map[string]Gateway
Network Multicast Groups - Group address to RP (rendezvous point) mapping. Property Key is the CIDR (example "225.1.0.3/32")
- disable
Igmp Boolean - If the network will only be the soruce of the multicast traffic, IGMP can be disabled
- enabled Boolean
- groups
Map<String,Gateway
Network Multicast Groups> - Group address to RP (rendezvous point) mapping. Property Key is the CIDR (example "225.1.0.3/32")
- disable
Igmp boolean - If the network will only be the soruce of the multicast traffic, IGMP can be disabled
- enabled boolean
- groups
{[key: string]: Gateway
Network Multicast Groups} - Group address to RP (rendezvous point) mapping. Property Key is the CIDR (example "225.1.0.3/32")
- disable_
igmp bool - If the network will only be the soruce of the multicast traffic, IGMP can be disabled
- enabled bool
- groups
Mapping[str, Gateway
Network Multicast Groups] - Group address to RP (rendezvous point) mapping. Property Key is the CIDR (example "225.1.0.3/32")
- disable
Igmp Boolean - If the network will only be the soruce of the multicast traffic, IGMP can be disabled
- enabled Boolean
- groups Map<Property Map>
- Group address to RP (rendezvous point) mapping. Property Key is the CIDR (example "225.1.0.3/32")
GatewayNetworkMulticastGroups, GatewayNetworkMulticastGroupsArgs
- Rp
Ip string - RP (rendezvous point) IP Address
- Rp
Ip string - RP (rendezvous point) IP Address
- rp
Ip String - RP (rendezvous point) IP Address
- rp
Ip string - RP (rendezvous point) IP Address
- rp_
ip str - RP (rendezvous point) IP Address
- rp
Ip String - RP (rendezvous point) IP Address
GatewayNetworkTenants, GatewayNetworkTenantsArgs
- Addresses List<string>
- Addresses []string
- addresses List<String>
- addresses string[]
- addresses Sequence[str]
- addresses List<String>
GatewayNetworkVpnAccess, GatewayNetworkVpnAccessArgs
- Advertised
Subnet string - If
routed==true, whether to advertise an aggregated subnet toward HUB this is useful when there are multiple networks on SPOKE's side - Allow
Ping bool - Whether to allow ping from vpn into this routed network
- Destination
Nat Dictionary<string, Pulumi.Juniper Mist. Device. Inputs. Gateway Network Vpn Access Destination Nat> - Property key can be an External IP (i.e. "63.16.0.3"), an External IP:Port (i.e. "63.16.0.3:443"), an External Port (i.e. ":443"), an External CIDR (i.e. "63.16.0.0/30"), an External CIDR:Port (i.e. "63.16.0.0/30:443") or a Variable (i.e. "{{myvar}}"). At least one of the
internal_iporportmust be defined - Nat
Pool string - If
routed==false(usually at Spoke), but some hosts needs to be reachable from Hub, a subnet is required to create and advertise the route to Hub - No
Readvertise boolTo Lan Bgp - toward LAN-side BGP peers
- No
Readvertise boolTo Lan Ospf - toward LAN-side OSPF peers
- No
Readvertise boolTo Overlay - toward overlay, how HUB should deal with routes it received from Spokes
- Other
Vrfs List<string> - By default, the routes are only readvertised toward the same vrf on spoke. To allow it to be leaked to other vrfs
- Routed bool
- Whether this network is routable
- Source
Nat Pulumi.Juniper Mist. Device. Inputs. Gateway Network Vpn Access Source Nat - If
routed==false(usually at Spoke), but some hosts needs to be reachable from Hub - Static
Nat Dictionary<string, Pulumi.Juniper Mist. Device. Inputs. Gateway Network Vpn Access Static Nat> - Property key may be an External IP Address (i.e. "63.16.0.3"), a CIDR (i.e. "63.16.0.12/20") or a Variable (i.e. "{{myvar}}")
- Summarized
Subnet string - toward overlay, how HUB should deal with routes it received from Spokes
- Summarized
Subnet stringTo Lan Bgp - toward LAN-side BGP peers
- Summarized
Subnet stringTo Lan Ospf - toward LAN-side OSPF peers
- Advertised
Subnet string - If
routed==true, whether to advertise an aggregated subnet toward HUB this is useful when there are multiple networks on SPOKE's side - Allow
Ping bool - Whether to allow ping from vpn into this routed network
- Destination
Nat map[string]GatewayNetwork Vpn Access Destination Nat - Property key can be an External IP (i.e. "63.16.0.3"), an External IP:Port (i.e. "63.16.0.3:443"), an External Port (i.e. ":443"), an External CIDR (i.e. "63.16.0.0/30"), an External CIDR:Port (i.e. "63.16.0.0/30:443") or a Variable (i.e. "{{myvar}}"). At least one of the
internal_iporportmust be defined - Nat
Pool string - If
routed==false(usually at Spoke), but some hosts needs to be reachable from Hub, a subnet is required to create and advertise the route to Hub - No
Readvertise boolTo Lan Bgp - toward LAN-side BGP peers
- No
Readvertise boolTo Lan Ospf - toward LAN-side OSPF peers
- No
Readvertise boolTo Overlay - toward overlay, how HUB should deal with routes it received from Spokes
- Other
Vrfs []string - By default, the routes are only readvertised toward the same vrf on spoke. To allow it to be leaked to other vrfs
- Routed bool
- Whether this network is routable
- Source
Nat GatewayNetwork Vpn Access Source Nat - If
routed==false(usually at Spoke), but some hosts needs to be reachable from Hub - Static
Nat map[string]GatewayNetwork Vpn Access Static Nat - Property key may be an External IP Address (i.e. "63.16.0.3"), a CIDR (i.e. "63.16.0.12/20") or a Variable (i.e. "{{myvar}}")
- Summarized
Subnet string - toward overlay, how HUB should deal with routes it received from Spokes
- Summarized
Subnet stringTo Lan Bgp - toward LAN-side BGP peers
- Summarized
Subnet stringTo Lan Ospf - toward LAN-side OSPF peers
- advertised
Subnet String - If
routed==true, whether to advertise an aggregated subnet toward HUB this is useful when there are multiple networks on SPOKE's side - allow
Ping Boolean - Whether to allow ping from vpn into this routed network
- destination
Nat Map<String,GatewayNetwork Vpn Access Destination Nat> - Property key can be an External IP (i.e. "63.16.0.3"), an External IP:Port (i.e. "63.16.0.3:443"), an External Port (i.e. ":443"), an External CIDR (i.e. "63.16.0.0/30"), an External CIDR:Port (i.e. "63.16.0.0/30:443") or a Variable (i.e. "{{myvar}}"). At least one of the
internal_iporportmust be defined - nat
Pool String - If
routed==false(usually at Spoke), but some hosts needs to be reachable from Hub, a subnet is required to create and advertise the route to Hub - no
Readvertise BooleanTo Lan Bgp - toward LAN-side BGP peers
- no
Readvertise BooleanTo Lan Ospf - toward LAN-side OSPF peers
- no
Readvertise BooleanTo Overlay - toward overlay, how HUB should deal with routes it received from Spokes
- other
Vrfs List<String> - By default, the routes are only readvertised toward the same vrf on spoke. To allow it to be leaked to other vrfs
- routed Boolean
- Whether this network is routable
- source
Nat GatewayNetwork Vpn Access Source Nat - If
routed==false(usually at Spoke), but some hosts needs to be reachable from Hub - static
Nat Map<String,GatewayNetwork Vpn Access Static Nat> - Property key may be an External IP Address (i.e. "63.16.0.3"), a CIDR (i.e. "63.16.0.12/20") or a Variable (i.e. "{{myvar}}")
- summarized
Subnet String - toward overlay, how HUB should deal with routes it received from Spokes
- summarized
Subnet StringTo Lan Bgp - toward LAN-side BGP peers
- summarized
Subnet StringTo Lan Ospf - toward LAN-side OSPF peers
- advertised
Subnet string - If
routed==true, whether to advertise an aggregated subnet toward HUB this is useful when there are multiple networks on SPOKE's side - allow
Ping boolean - Whether to allow ping from vpn into this routed network
- destination
Nat {[key: string]: GatewayNetwork Vpn Access Destination Nat} - Property key can be an External IP (i.e. "63.16.0.3"), an External IP:Port (i.e. "63.16.0.3:443"), an External Port (i.e. ":443"), an External CIDR (i.e. "63.16.0.0/30"), an External CIDR:Port (i.e. "63.16.0.0/30:443") or a Variable (i.e. "{{myvar}}"). At least one of the
internal_iporportmust be defined - nat
Pool string - If
routed==false(usually at Spoke), but some hosts needs to be reachable from Hub, a subnet is required to create and advertise the route to Hub - no
Readvertise booleanTo Lan Bgp - toward LAN-side BGP peers
- no
Readvertise booleanTo Lan Ospf - toward LAN-side OSPF peers
- no
Readvertise booleanTo Overlay - toward overlay, how HUB should deal with routes it received from Spokes
- other
Vrfs string[] - By default, the routes are only readvertised toward the same vrf on spoke. To allow it to be leaked to other vrfs
- routed boolean
- Whether this network is routable
- source
Nat GatewayNetwork Vpn Access Source Nat - If
routed==false(usually at Spoke), but some hosts needs to be reachable from Hub - static
Nat {[key: string]: GatewayNetwork Vpn Access Static Nat} - Property key may be an External IP Address (i.e. "63.16.0.3"), a CIDR (i.e. "63.16.0.12/20") or a Variable (i.e. "{{myvar}}")
- summarized
Subnet string - toward overlay, how HUB should deal with routes it received from Spokes
- summarized
Subnet stringTo Lan Bgp - toward LAN-side BGP peers
- summarized
Subnet stringTo Lan Ospf - toward LAN-side OSPF peers
- advertised_
subnet str - If
routed==true, whether to advertise an aggregated subnet toward HUB this is useful when there are multiple networks on SPOKE's side - allow_
ping bool - Whether to allow ping from vpn into this routed network
- destination_
nat Mapping[str, GatewayNetwork Vpn Access Destination Nat] - Property key can be an External IP (i.e. "63.16.0.3"), an External IP:Port (i.e. "63.16.0.3:443"), an External Port (i.e. ":443"), an External CIDR (i.e. "63.16.0.0/30"), an External CIDR:Port (i.e. "63.16.0.0/30:443") or a Variable (i.e. "{{myvar}}"). At least one of the
internal_iporportmust be defined - nat_
pool str - If
routed==false(usually at Spoke), but some hosts needs to be reachable from Hub, a subnet is required to create and advertise the route to Hub - no_
readvertise_ boolto_ lan_ bgp - toward LAN-side BGP peers
- no_
readvertise_ boolto_ lan_ ospf - toward LAN-side OSPF peers
- no_
readvertise_ boolto_ overlay - toward overlay, how HUB should deal with routes it received from Spokes
- other_
vrfs Sequence[str] - By default, the routes are only readvertised toward the same vrf on spoke. To allow it to be leaked to other vrfs
- routed bool
- Whether this network is routable
- source_
nat GatewayNetwork Vpn Access Source Nat - If
routed==false(usually at Spoke), but some hosts needs to be reachable from Hub - static_
nat Mapping[str, GatewayNetwork Vpn Access Static Nat] - Property key may be an External IP Address (i.e. "63.16.0.3"), a CIDR (i.e. "63.16.0.12/20") or a Variable (i.e. "{{myvar}}")
- summarized_
subnet str - toward overlay, how HUB should deal with routes it received from Spokes
- summarized_
subnet_ strto_ lan_ bgp - toward LAN-side BGP peers
- summarized_
subnet_ strto_ lan_ ospf - toward LAN-side OSPF peers
- advertised
Subnet String - If
routed==true, whether to advertise an aggregated subnet toward HUB this is useful when there are multiple networks on SPOKE's side - allow
Ping Boolean - Whether to allow ping from vpn into this routed network
- destination
Nat Map<Property Map> - Property key can be an External IP (i.e. "63.16.0.3"), an External IP:Port (i.e. "63.16.0.3:443"), an External Port (i.e. ":443"), an External CIDR (i.e. "63.16.0.0/30"), an External CIDR:Port (i.e. "63.16.0.0/30:443") or a Variable (i.e. "{{myvar}}"). At least one of the
internal_iporportmust be defined - nat
Pool String - If
routed==false(usually at Spoke), but some hosts needs to be reachable from Hub, a subnet is required to create and advertise the route to Hub - no
Readvertise BooleanTo Lan Bgp - toward LAN-side BGP peers
- no
Readvertise BooleanTo Lan Ospf - toward LAN-side OSPF peers
- no
Readvertise BooleanTo Overlay - toward overlay, how HUB should deal with routes it received from Spokes
- other
Vrfs List<String> - By default, the routes are only readvertised toward the same vrf on spoke. To allow it to be leaked to other vrfs
- routed Boolean
- Whether this network is routable
- source
Nat Property Map - If
routed==false(usually at Spoke), but some hosts needs to be reachable from Hub - static
Nat Map<Property Map> - Property key may be an External IP Address (i.e. "63.16.0.3"), a CIDR (i.e. "63.16.0.12/20") or a Variable (i.e. "{{myvar}}")
- summarized
Subnet String - toward overlay, how HUB should deal with routes it received from Spokes
- summarized
Subnet StringTo Lan Bgp - toward LAN-side BGP peers
- summarized
Subnet StringTo Lan Ospf - toward LAN-side OSPF peers
GatewayNetworkVpnAccessDestinationNat, GatewayNetworkVpnAccessDestinationNatArgs
- Internal
Ip string - The Destination NAT destination IP Address. Must be an IP (i.e. "192.168.70.30") or a Variable (i.e. "{{myvar}}")
- Name string
- Port string
- Internal
Ip string - The Destination NAT destination IP Address. Must be an IP (i.e. "192.168.70.30") or a Variable (i.e. "{{myvar}}")
- Name string
- Port string
- internal
Ip String - The Destination NAT destination IP Address. Must be an IP (i.e. "192.168.70.30") or a Variable (i.e. "{{myvar}}")
- name String
- port String
- internal
Ip string - The Destination NAT destination IP Address. Must be an IP (i.e. "192.168.70.30") or a Variable (i.e. "{{myvar}}")
- name string
- port string
- internal_
ip str - The Destination NAT destination IP Address. Must be an IP (i.e. "192.168.70.30") or a Variable (i.e. "{{myvar}}")
- name str
- port str
- internal
Ip String - The Destination NAT destination IP Address. Must be an IP (i.e. "192.168.70.30") or a Variable (i.e. "{{myvar}}")
- name String
- port String
GatewayNetworkVpnAccessSourceNat, GatewayNetworkVpnAccessSourceNatArgs
- External
Ip string
- External
Ip string
- external
Ip String
- external
Ip string
- external_
ip str
- external
Ip String
GatewayNetworkVpnAccessStaticNat, GatewayNetworkVpnAccessStaticNatArgs
- Internal
Ip string - The Static NAT destination IP Address. Must be an IP Address (i.e. "192.168.70.3") or a Variable (i.e. "{{myvar}}")
- Name string
- Internal
Ip string - The Static NAT destination IP Address. Must be an IP Address (i.e. "192.168.70.3") or a Variable (i.e. "{{myvar}}")
- Name string
- internal
Ip String - The Static NAT destination IP Address. Must be an IP Address (i.e. "192.168.70.3") or a Variable (i.e. "{{myvar}}")
- name String
- internal
Ip string - The Static NAT destination IP Address. Must be an IP Address (i.e. "192.168.70.3") or a Variable (i.e. "{{myvar}}")
- name string
- internal_
ip str - The Static NAT destination IP Address. Must be an IP Address (i.e. "192.168.70.3") or a Variable (i.e. "{{myvar}}")
- name str
- internal
Ip String - The Static NAT destination IP Address. Must be an IP Address (i.e. "192.168.70.3") or a Variable (i.e. "{{myvar}}")
- name String
GatewayOobIpConfig, GatewayOobIpConfigArgs
- Gateway string
- If
type==static - Ip string
- If
type==static - Netmask string
- If
type==static - Node1
Pulumi.
Juniper Mist. Device. Inputs. Gateway Oob Ip Config Node1 - For HA Cluster, node1 can have different IP Config
- Type string
- enum:
dhcp,static - Use
Mgmt boolVrf - If supported on the platform. If enabled, DNS will be using this routing-instance, too
- Use
Mgmt boolVrf For Host Out - For host-out traffic (NTP/TACPLUS/RADIUS/SYSLOG/SNMP), if alternative source network/ip is desired
- Vlan
Id string
- Gateway string
- If
type==static - Ip string
- If
type==static - Netmask string
- If
type==static - Node1
Gateway
Oob Ip Config Node1 - For HA Cluster, node1 can have different IP Config
- Type string
- enum:
dhcp,static - Use
Mgmt boolVrf - If supported on the platform. If enabled, DNS will be using this routing-instance, too
- Use
Mgmt boolVrf For Host Out - For host-out traffic (NTP/TACPLUS/RADIUS/SYSLOG/SNMP), if alternative source network/ip is desired
- Vlan
Id string
- gateway String
- If
type==static - ip String
- If
type==static - netmask String
- If
type==static - node1
Gateway
Oob Ip Config Node1 - For HA Cluster, node1 can have different IP Config
- type String
- enum:
dhcp,static - use
Mgmt BooleanVrf - If supported on the platform. If enabled, DNS will be using this routing-instance, too
- use
Mgmt BooleanVrf For Host Out - For host-out traffic (NTP/TACPLUS/RADIUS/SYSLOG/SNMP), if alternative source network/ip is desired
- vlan
Id String
- gateway string
- If
type==static - ip string
- If
type==static - netmask string
- If
type==static - node1
Gateway
Oob Ip Config Node1 - For HA Cluster, node1 can have different IP Config
- type string
- enum:
dhcp,static - use
Mgmt booleanVrf - If supported on the platform. If enabled, DNS will be using this routing-instance, too
- use
Mgmt booleanVrf For Host Out - For host-out traffic (NTP/TACPLUS/RADIUS/SYSLOG/SNMP), if alternative source network/ip is desired
- vlan
Id string
- gateway str
- If
type==static - ip str
- If
type==static - netmask str
- If
type==static - node1
Gateway
Oob Ip Config Node1 - For HA Cluster, node1 can have different IP Config
- type str
- enum:
dhcp,static - use_
mgmt_ boolvrf - If supported on the platform. If enabled, DNS will be using this routing-instance, too
- use_
mgmt_ boolvrf_ for_ host_ out - For host-out traffic (NTP/TACPLUS/RADIUS/SYSLOG/SNMP), if alternative source network/ip is desired
- vlan_
id str
- gateway String
- If
type==static - ip String
- If
type==static - netmask String
- If
type==static - node1 Property Map
- For HA Cluster, node1 can have different IP Config
- type String
- enum:
dhcp,static - use
Mgmt BooleanVrf - If supported on the platform. If enabled, DNS will be using this routing-instance, too
- use
Mgmt BooleanVrf For Host Out - For host-out traffic (NTP/TACPLUS/RADIUS/SYSLOG/SNMP), if alternative source network/ip is desired
- vlan
Id String
GatewayOobIpConfigNode1, GatewayOobIpConfigNode1Args
- Gateway string
- If
type==static - Ip string
- Netmask string
- Used only if
subnetis not specified innetworks - Type string
- enum:
dhcp,static - Use
Mgmt boolVrf - If supported on the platform. If enabled, DNS will be using this routing-instance, too
- Use
Mgmt boolVrf For Host Out - Whether to use
mgmt_junosfor host-out traffic (NTP/TACPLUS/RADIUS/SYSLOG/SNMP), if alternative source network/ip is desired - Vlan
Id string
- Gateway string
- If
type==static - Ip string
- Netmask string
- Used only if
subnetis not specified innetworks - Type string
- enum:
dhcp,static - Use
Mgmt boolVrf - If supported on the platform. If enabled, DNS will be using this routing-instance, too
- Use
Mgmt boolVrf For Host Out - Whether to use
mgmt_junosfor host-out traffic (NTP/TACPLUS/RADIUS/SYSLOG/SNMP), if alternative source network/ip is desired - Vlan
Id string
- gateway String
- If
type==static - ip String
- netmask String
- Used only if
subnetis not specified innetworks - type String
- enum:
dhcp,static - use
Mgmt BooleanVrf - If supported on the platform. If enabled, DNS will be using this routing-instance, too
- use
Mgmt BooleanVrf For Host Out - Whether to use
mgmt_junosfor host-out traffic (NTP/TACPLUS/RADIUS/SYSLOG/SNMP), if alternative source network/ip is desired - vlan
Id String
- gateway string
- If
type==static - ip string
- netmask string
- Used only if
subnetis not specified innetworks - type string
- enum:
dhcp,static - use
Mgmt booleanVrf - If supported on the platform. If enabled, DNS will be using this routing-instance, too
- use
Mgmt booleanVrf For Host Out - Whether to use
mgmt_junosfor host-out traffic (NTP/TACPLUS/RADIUS/SYSLOG/SNMP), if alternative source network/ip is desired - vlan
Id string
- gateway str
- If
type==static - ip str
- netmask str
- Used only if
subnetis not specified innetworks - type str
- enum:
dhcp,static - use_
mgmt_ boolvrf - If supported on the platform. If enabled, DNS will be using this routing-instance, too
- use_
mgmt_ boolvrf_ for_ host_ out - Whether to use
mgmt_junosfor host-out traffic (NTP/TACPLUS/RADIUS/SYSLOG/SNMP), if alternative source network/ip is desired - vlan_
id str
- gateway String
- If
type==static - ip String
- netmask String
- Used only if
subnetis not specified innetworks - type String
- enum:
dhcp,static - use
Mgmt BooleanVrf - If supported on the platform. If enabled, DNS will be using this routing-instance, too
- use
Mgmt BooleanVrf For Host Out - Whether to use
mgmt_junosfor host-out traffic (NTP/TACPLUS/RADIUS/SYSLOG/SNMP), if alternative source network/ip is desired - vlan
Id String
GatewayPathPreferences, GatewayPathPreferencesArgs
- Paths
List<Pulumi.
Juniper Mist. Device. Inputs. Gateway Path Preferences Path> - Strategy string
- enum:
ecmp,ordered,weighted
- Paths
[]Gateway
Path Preferences Path - Strategy string
- enum:
ecmp,ordered,weighted
- paths
List<Gateway
Path Preferences Path> - strategy String
- enum:
ecmp,ordered,weighted
- paths
Gateway
Path Preferences Path[] - strategy string
- enum:
ecmp,ordered,weighted
- paths
Sequence[Gateway
Path Preferences Path] - strategy str
- enum:
ecmp,ordered,weighted
- paths List<Property Map>
- strategy String
- enum:
ecmp,ordered,weighted
GatewayPathPreferencesPath, GatewayPathPreferencesPathArgs
- Cost int
- Disabled bool
- For SSR Only.
true, if this specific path is undesired - Gateway
Ip string - Only if
type==local, if a different gateway is desired - Internet
Access bool - Only if
type==vpn, if this vpn path can be used for internet - Name string
- Required when
type==vpn: the name of the VPN Path to usetype==wan: the name of the WAN interface to use
- Networks List<string>
- Required when
type==local - Target
Ips List<string> - If
type==local, if destination IP is to be replaced - Type string
- enum:
local,tunnel,vpn,wan - Wan
Name string - Optional if
type==vpn
- Cost int
- Disabled bool
- For SSR Only.
true, if this specific path is undesired - Gateway
Ip string - Only if
type==local, if a different gateway is desired - Internet
Access bool - Only if
type==vpn, if this vpn path can be used for internet - Name string
- Required when
type==vpn: the name of the VPN Path to usetype==wan: the name of the WAN interface to use
- Networks []string
- Required when
type==local - Target
Ips []string - If
type==local, if destination IP is to be replaced - Type string
- enum:
local,tunnel,vpn,wan - Wan
Name string - Optional if
type==vpn
- cost Integer
- disabled Boolean
- For SSR Only.
true, if this specific path is undesired - gateway
Ip String - Only if
type==local, if a different gateway is desired - internet
Access Boolean - Only if
type==vpn, if this vpn path can be used for internet - name String
- Required when
type==vpn: the name of the VPN Path to usetype==wan: the name of the WAN interface to use
- networks List<String>
- Required when
type==local - target
Ips List<String> - If
type==local, if destination IP is to be replaced - type String
- enum:
local,tunnel,vpn,wan - wan
Name String - Optional if
type==vpn
- cost number
- disabled boolean
- For SSR Only.
true, if this specific path is undesired - gateway
Ip string - Only if
type==local, if a different gateway is desired - internet
Access boolean - Only if
type==vpn, if this vpn path can be used for internet - name string
- Required when
type==vpn: the name of the VPN Path to usetype==wan: the name of the WAN interface to use
- networks string[]
- Required when
type==local - target
Ips string[] - If
type==local, if destination IP is to be replaced - type string
- enum:
local,tunnel,vpn,wan - wan
Name string - Optional if
type==vpn
- cost int
- disabled bool
- For SSR Only.
true, if this specific path is undesired - gateway_
ip str - Only if
type==local, if a different gateway is desired - internet_
access bool - Only if
type==vpn, if this vpn path can be used for internet - name str
- Required when
type==vpn: the name of the VPN Path to usetype==wan: the name of the WAN interface to use
- networks Sequence[str]
- Required when
type==local - target_
ips Sequence[str] - If
type==local, if destination IP is to be replaced - type str
- enum:
local,tunnel,vpn,wan - wan_
name str - Optional if
type==vpn
- cost Number
- disabled Boolean
- For SSR Only.
true, if this specific path is undesired - gateway
Ip String - Only if
type==local, if a different gateway is desired - internet
Access Boolean - Only if
type==vpn, if this vpn path can be used for internet - name String
- Required when
type==vpn: the name of the VPN Path to usetype==wan: the name of the WAN interface to use
- networks List<String>
- Required when
type==local - target
Ips List<String> - If
type==local, if destination IP is to be replaced - type String
- enum:
local,tunnel,vpn,wan - wan
Name String - Optional if
type==vpn
GatewayPortConfig, GatewayPortConfigArgs
- Usage string
- port usage name. enum:
ha_control,ha_data,lan,wan - Ae
Disable boolLacp - If
aggregated==true. To disable LCP support for the AE interface - Ae
Idx string - If
aggregated==true. Users could force to use the designated AE name (must be an integer between 0 and 127) - Ae
Lacp boolForce Up - For SRX Only, if
aggregated==true.Sets the state of the interface as UP when the peer has limited LACP capability. Use case: When a device connected to this AE port is ZTPing for the first time, it will not have LACP configured on the other end. Note: Turning this on will enable force-up on one of the interfaces in the bundle only - Aggregated bool
- Critical bool
- To generate port up/down alarm, set it to true
- Description string
- Interface Description. Can be a variable (i.e. "{{myvar}}")
- Disable
Autoneg bool - Disabled bool
- Port admin up (true) / down (false)
- Dsl
Type string - if
wan_type==dsl. enum:adsl,vdsl - Dsl
Vci int - If
wan_type==dsl, 16 bit int - Dsl
Vpi int - If
wan_type==dsl, 8 bit int - Duplex string
- enum:
auto,full,half - Ip
Config Pulumi.Juniper Mist. Device. Inputs. Gateway Port Config Ip Config - Junos IP Config
- Lte
Apn string - If
wan_type==lte - Lte
Auth string - if
wan_type==lte. enum:chap,none,pap - Lte
Backup bool - Lte
Password string - If
wan_type==lte - Lte
Username string - If
wan_type==lte - Mtu int
- Name string
- Name that we'll use to derive config
- Networks List<string>
- if
usage==lan, name of thejunipermist.org.Networkresource - Outer
Vlan intId - For Q-in-Q
- Poe
Disabled bool - Port
Network string - Only for SRX and if
usage==lan, the name of the Network to be used as the Untagged VLAN - Preserve
Dscp bool - Whether to preserve dscp when sending traffic over VPN (SSR-only)
- Redundant bool
- If HA mode
- Reth
Idx int - If HA mode
- Reth
Node string - If HA mode
- Reth
Nodes List<string> - SSR only - supporting vlan-based redundancy (matching the size of
networks) - Speed string
- Ssr
No boolVirtual Mac - When SSR is running as VM, this is required on certain hosting platforms
- Svr
Port stringRange - For SSR only
- Traffic
Shaping Pulumi.Juniper Mist. Device. Inputs. Gateway Port Config Traffic Shaping - Vlan
Id string - Vpn
Paths Dictionary<string, Pulumi.Juniper Mist. Device. Inputs. Gateway Port Config Vpn Paths> - Property key is the VPN name
- Wan
Arp stringPolicer - Only when
wan_type==broadband. enum:default,max,recommended - Wan
Ext stringIp - Only if
usage==wan, optional. If spoke should reach this port by a different IP - Wan
Extra Dictionary<string, Pulumi.Routes Juniper Mist. Device. Inputs. Gateway Port Config Wan Extra Routes> - Only if
usage==wan. Property Key is the destianation CIDR (e.g "100.100.100.0/24") - Wan
Networks List<string> - Only if
usage==wan. If some networks are connected to this WAN port, it can be added here so policies can be defined - Wan
Probe Pulumi.Override Juniper Mist. Device. Inputs. Gateway Port Config Wan Probe Override - Only if
usage==wan - Wan
Source Pulumi.Nat Juniper Mist. Device. Inputs. Gateway Port Config Wan Source Nat - Only if
usage==wan, optional. By default, source-NAT is performed on all WAN Ports using the interface-ip - Wan
Type string - Only if
usage==wan. enum:broadband,dsl,lte
- Usage string
- port usage name. enum:
ha_control,ha_data,lan,wan - Ae
Disable boolLacp - If
aggregated==true. To disable LCP support for the AE interface - Ae
Idx string - If
aggregated==true. Users could force to use the designated AE name (must be an integer between 0 and 127) - Ae
Lacp boolForce Up - For SRX Only, if
aggregated==true.Sets the state of the interface as UP when the peer has limited LACP capability. Use case: When a device connected to this AE port is ZTPing for the first time, it will not have LACP configured on the other end. Note: Turning this on will enable force-up on one of the interfaces in the bundle only - Aggregated bool
- Critical bool
- To generate port up/down alarm, set it to true
- Description string
- Interface Description. Can be a variable (i.e. "{{myvar}}")
- Disable
Autoneg bool - Disabled bool
- Port admin up (true) / down (false)
- Dsl
Type string - if
wan_type==dsl. enum:adsl,vdsl - Dsl
Vci int - If
wan_type==dsl, 16 bit int - Dsl
Vpi int - If
wan_type==dsl, 8 bit int - Duplex string
- enum:
auto,full,half - Ip
Config GatewayPort Config Ip Config - Junos IP Config
- Lte
Apn string - If
wan_type==lte - Lte
Auth string - if
wan_type==lte. enum:chap,none,pap - Lte
Backup bool - Lte
Password string - If
wan_type==lte - Lte
Username string - If
wan_type==lte - Mtu int
- Name string
- Name that we'll use to derive config
- Networks []string
- if
usage==lan, name of thejunipermist.org.Networkresource - Outer
Vlan intId - For Q-in-Q
- Poe
Disabled bool - Port
Network string - Only for SRX and if
usage==lan, the name of the Network to be used as the Untagged VLAN - Preserve
Dscp bool - Whether to preserve dscp when sending traffic over VPN (SSR-only)
- Redundant bool
- If HA mode
- Reth
Idx int - If HA mode
- Reth
Node string - If HA mode
- Reth
Nodes []string - SSR only - supporting vlan-based redundancy (matching the size of
networks) - Speed string
- Ssr
No boolVirtual Mac - When SSR is running as VM, this is required on certain hosting platforms
- Svr
Port stringRange - For SSR only
- Traffic
Shaping GatewayPort Config Traffic Shaping - Vlan
Id string - Vpn
Paths map[string]GatewayPort Config Vpn Paths - Property key is the VPN name
- Wan
Arp stringPolicer - Only when
wan_type==broadband. enum:default,max,recommended - Wan
Ext stringIp - Only if
usage==wan, optional. If spoke should reach this port by a different IP - Wan
Extra map[string]GatewayRoutes Port Config Wan Extra Routes - Only if
usage==wan. Property Key is the destianation CIDR (e.g "100.100.100.0/24") - Wan
Networks []string - Only if
usage==wan. If some networks are connected to this WAN port, it can be added here so policies can be defined - Wan
Probe GatewayOverride Port Config Wan Probe Override - Only if
usage==wan - Wan
Source GatewayNat Port Config Wan Source Nat - Only if
usage==wan, optional. By default, source-NAT is performed on all WAN Ports using the interface-ip - Wan
Type string - Only if
usage==wan. enum:broadband,dsl,lte
- usage String
- port usage name. enum:
ha_control,ha_data,lan,wan - ae
Disable BooleanLacp - If
aggregated==true. To disable LCP support for the AE interface - ae
Idx String - If
aggregated==true. Users could force to use the designated AE name (must be an integer between 0 and 127) - ae
Lacp BooleanForce Up - For SRX Only, if
aggregated==true.Sets the state of the interface as UP when the peer has limited LACP capability. Use case: When a device connected to this AE port is ZTPing for the first time, it will not have LACP configured on the other end. Note: Turning this on will enable force-up on one of the interfaces in the bundle only - aggregated Boolean
- critical Boolean
- To generate port up/down alarm, set it to true
- description String
- Interface Description. Can be a variable (i.e. "{{myvar}}")
- disable
Autoneg Boolean - disabled Boolean
- Port admin up (true) / down (false)
- dsl
Type String - if
wan_type==dsl. enum:adsl,vdsl - dsl
Vci Integer - If
wan_type==dsl, 16 bit int - dsl
Vpi Integer - If
wan_type==dsl, 8 bit int - duplex String
- enum:
auto,full,half - ip
Config GatewayPort Config Ip Config - Junos IP Config
- lte
Apn String - If
wan_type==lte - lte
Auth String - if
wan_type==lte. enum:chap,none,pap - lte
Backup Boolean - lte
Password String - If
wan_type==lte - lte
Username String - If
wan_type==lte - mtu Integer
- name String
- Name that we'll use to derive config
- networks List<String>
- if
usage==lan, name of thejunipermist.org.Networkresource - outer
Vlan IntegerId - For Q-in-Q
- poe
Disabled Boolean - port
Network String - Only for SRX and if
usage==lan, the name of the Network to be used as the Untagged VLAN - preserve
Dscp Boolean - Whether to preserve dscp when sending traffic over VPN (SSR-only)
- redundant Boolean
- If HA mode
- reth
Idx Integer - If HA mode
- reth
Node String - If HA mode
- reth
Nodes List<String> - SSR only - supporting vlan-based redundancy (matching the size of
networks) - speed String
- ssr
No BooleanVirtual Mac - When SSR is running as VM, this is required on certain hosting platforms
- svr
Port StringRange - For SSR only
- traffic
Shaping GatewayPort Config Traffic Shaping - vlan
Id String - vpn
Paths Map<String,GatewayPort Config Vpn Paths> - Property key is the VPN name
- wan
Arp StringPolicer - Only when
wan_type==broadband. enum:default,max,recommended - wan
Ext StringIp - Only if
usage==wan, optional. If spoke should reach this port by a different IP - wan
Extra Map<String,GatewayRoutes Port Config Wan Extra Routes> - Only if
usage==wan. Property Key is the destianation CIDR (e.g "100.100.100.0/24") - wan
Networks List<String> - Only if
usage==wan. If some networks are connected to this WAN port, it can be added here so policies can be defined - wan
Probe GatewayOverride Port Config Wan Probe Override - Only if
usage==wan - wan
Source GatewayNat Port Config Wan Source Nat - Only if
usage==wan, optional. By default, source-NAT is performed on all WAN Ports using the interface-ip - wan
Type String - Only if
usage==wan. enum:broadband,dsl,lte
- usage string
- port usage name. enum:
ha_control,ha_data,lan,wan - ae
Disable booleanLacp - If
aggregated==true. To disable LCP support for the AE interface - ae
Idx string - If
aggregated==true. Users could force to use the designated AE name (must be an integer between 0 and 127) - ae
Lacp booleanForce Up - For SRX Only, if
aggregated==true.Sets the state of the interface as UP when the peer has limited LACP capability. Use case: When a device connected to this AE port is ZTPing for the first time, it will not have LACP configured on the other end. Note: Turning this on will enable force-up on one of the interfaces in the bundle only - aggregated boolean
- critical boolean
- To generate port up/down alarm, set it to true
- description string
- Interface Description. Can be a variable (i.e. "{{myvar}}")
- disable
Autoneg boolean - disabled boolean
- Port admin up (true) / down (false)
- dsl
Type string - if
wan_type==dsl. enum:adsl,vdsl - dsl
Vci number - If
wan_type==dsl, 16 bit int - dsl
Vpi number - If
wan_type==dsl, 8 bit int - duplex string
- enum:
auto,full,half - ip
Config GatewayPort Config Ip Config - Junos IP Config
- lte
Apn string - If
wan_type==lte - lte
Auth string - if
wan_type==lte. enum:chap,none,pap - lte
Backup boolean - lte
Password string - If
wan_type==lte - lte
Username string - If
wan_type==lte - mtu number
- name string
- Name that we'll use to derive config
- networks string[]
- if
usage==lan, name of thejunipermist.org.Networkresource - outer
Vlan numberId - For Q-in-Q
- poe
Disabled boolean - port
Network string - Only for SRX and if
usage==lan, the name of the Network to be used as the Untagged VLAN - preserve
Dscp boolean - Whether to preserve dscp when sending traffic over VPN (SSR-only)
- redundant boolean
- If HA mode
- reth
Idx number - If HA mode
- reth
Node string - If HA mode
- reth
Nodes string[] - SSR only - supporting vlan-based redundancy (matching the size of
networks) - speed string
- ssr
No booleanVirtual Mac - When SSR is running as VM, this is required on certain hosting platforms
- svr
Port stringRange - For SSR only
- traffic
Shaping GatewayPort Config Traffic Shaping - vlan
Id string - vpn
Paths {[key: string]: GatewayPort Config Vpn Paths} - Property key is the VPN name
- wan
Arp stringPolicer - Only when
wan_type==broadband. enum:default,max,recommended - wan
Ext stringIp - Only if
usage==wan, optional. If spoke should reach this port by a different IP - wan
Extra {[key: string]: GatewayRoutes Port Config Wan Extra Routes} - Only if
usage==wan. Property Key is the destianation CIDR (e.g "100.100.100.0/24") - wan
Networks string[] - Only if
usage==wan. If some networks are connected to this WAN port, it can be added here so policies can be defined - wan
Probe GatewayOverride Port Config Wan Probe Override - Only if
usage==wan - wan
Source GatewayNat Port Config Wan Source Nat - Only if
usage==wan, optional. By default, source-NAT is performed on all WAN Ports using the interface-ip - wan
Type string - Only if
usage==wan. enum:broadband,dsl,lte
- usage str
- port usage name. enum:
ha_control,ha_data,lan,wan - ae_
disable_ boollacp - If
aggregated==true. To disable LCP support for the AE interface - ae_
idx str - If
aggregated==true. Users could force to use the designated AE name (must be an integer between 0 and 127) - ae_
lacp_ boolforce_ up - For SRX Only, if
aggregated==true.Sets the state of the interface as UP when the peer has limited LACP capability. Use case: When a device connected to this AE port is ZTPing for the first time, it will not have LACP configured on the other end. Note: Turning this on will enable force-up on one of the interfaces in the bundle only - aggregated bool
- critical bool
- To generate port up/down alarm, set it to true
- description str
- Interface Description. Can be a variable (i.e. "{{myvar}}")
- disable_
autoneg bool - disabled bool
- Port admin up (true) / down (false)
- dsl_
type str - if
wan_type==dsl. enum:adsl,vdsl - dsl_
vci int - If
wan_type==dsl, 16 bit int - dsl_
vpi int - If
wan_type==dsl, 8 bit int - duplex str
- enum:
auto,full,half - ip_
config GatewayPort Config Ip Config - Junos IP Config
- lte_
apn str - If
wan_type==lte - lte_
auth str - if
wan_type==lte. enum:chap,none,pap - lte_
backup bool - lte_
password str - If
wan_type==lte - lte_
username str - If
wan_type==lte - mtu int
- name str
- Name that we'll use to derive config
- networks Sequence[str]
- if
usage==lan, name of thejunipermist.org.Networkresource - outer_
vlan_ intid - For Q-in-Q
- poe_
disabled bool - port_
network str - Only for SRX and if
usage==lan, the name of the Network to be used as the Untagged VLAN - preserve_
dscp bool - Whether to preserve dscp when sending traffic over VPN (SSR-only)
- redundant bool
- If HA mode
- reth_
idx int - If HA mode
- reth_
node str - If HA mode
- reth_
nodes Sequence[str] - SSR only - supporting vlan-based redundancy (matching the size of
networks) - speed str
- ssr_
no_ boolvirtual_ mac - When SSR is running as VM, this is required on certain hosting platforms
- svr_
port_ strrange - For SSR only
- traffic_
shaping GatewayPort Config Traffic Shaping - vlan_
id str - vpn_
paths Mapping[str, GatewayPort Config Vpn Paths] - Property key is the VPN name
- wan_
arp_ strpolicer - Only when
wan_type==broadband. enum:default,max,recommended - wan_
ext_ strip - Only if
usage==wan, optional. If spoke should reach this port by a different IP - wan_
extra_ Mapping[str, Gatewayroutes Port Config Wan Extra Routes] - Only if
usage==wan. Property Key is the destianation CIDR (e.g "100.100.100.0/24") - wan_
networks Sequence[str] - Only if
usage==wan. If some networks are connected to this WAN port, it can be added here so policies can be defined - wan_
probe_ Gatewayoverride Port Config Wan Probe Override - Only if
usage==wan - wan_
source_ Gatewaynat Port Config Wan Source Nat - Only if
usage==wan, optional. By default, source-NAT is performed on all WAN Ports using the interface-ip - wan_
type str - Only if
usage==wan. enum:broadband,dsl,lte
- usage String
- port usage name. enum:
ha_control,ha_data,lan,wan - ae
Disable BooleanLacp - If
aggregated==true. To disable LCP support for the AE interface - ae
Idx String - If
aggregated==true. Users could force to use the designated AE name (must be an integer between 0 and 127) - ae
Lacp BooleanForce Up - For SRX Only, if
aggregated==true.Sets the state of the interface as UP when the peer has limited LACP capability. Use case: When a device connected to this AE port is ZTPing for the first time, it will not have LACP configured on the other end. Note: Turning this on will enable force-up on one of the interfaces in the bundle only - aggregated Boolean
- critical Boolean
- To generate port up/down alarm, set it to true
- description String
- Interface Description. Can be a variable (i.e. "{{myvar}}")
- disable
Autoneg Boolean - disabled Boolean
- Port admin up (true) / down (false)
- dsl
Type String - if
wan_type==dsl. enum:adsl,vdsl - dsl
Vci Number - If
wan_type==dsl, 16 bit int - dsl
Vpi Number - If
wan_type==dsl, 8 bit int - duplex String
- enum:
auto,full,half - ip
Config Property Map - Junos IP Config
- lte
Apn String - If
wan_type==lte - lte
Auth String - if
wan_type==lte. enum:chap,none,pap - lte
Backup Boolean - lte
Password String - If
wan_type==lte - lte
Username String - If
wan_type==lte - mtu Number
- name String
- Name that we'll use to derive config
- networks List<String>
- if
usage==lan, name of thejunipermist.org.Networkresource - outer
Vlan NumberId - For Q-in-Q
- poe
Disabled Boolean - port
Network String - Only for SRX and if
usage==lan, the name of the Network to be used as the Untagged VLAN - preserve
Dscp Boolean - Whether to preserve dscp when sending traffic over VPN (SSR-only)
- redundant Boolean
- If HA mode
- reth
Idx Number - If HA mode
- reth
Node String - If HA mode
- reth
Nodes List<String> - SSR only - supporting vlan-based redundancy (matching the size of
networks) - speed String
- ssr
No BooleanVirtual Mac - When SSR is running as VM, this is required on certain hosting platforms
- svr
Port StringRange - For SSR only
- traffic
Shaping Property Map - vlan
Id String - vpn
Paths Map<Property Map> - Property key is the VPN name
- wan
Arp StringPolicer - Only when
wan_type==broadband. enum:default,max,recommended - wan
Ext StringIp - Only if
usage==wan, optional. If spoke should reach this port by a different IP - wan
Extra Map<Property Map>Routes - Only if
usage==wan. Property Key is the destianation CIDR (e.g "100.100.100.0/24") - wan
Networks List<String> - Only if
usage==wan. If some networks are connected to this WAN port, it can be added here so policies can be defined - wan
Probe Property MapOverride - Only if
usage==wan - wan
Source Property MapNat - Only if
usage==wan, optional. By default, source-NAT is performed on all WAN Ports using the interface-ip - wan
Type String - Only if
usage==wan. enum:broadband,dsl,lte
GatewayPortConfigIpConfig, GatewayPortConfigIpConfigArgs
- Dns List<string>
- Except for out-of_band interface (vme/em0/fxp0)
- Dns
Suffixes List<string> - Except for out-of_band interface (vme/em0/fxp0)
- Gateway string
- Except for out-of_band interface (vme/em0/fxp0). Interface Default Gateway IP Address (i.e. "192.168.1.1") or a Variable (i.e. "{{myvar}}")
- Ip string
- Interface IP Address (i.e. "192.168.1.8") or a Variable (i.e. "{{myvar}}")
- Netmask string
- Used only if
subnetis not specified innetworks. Interface Netmask (i.e. "/24") or a Variable (i.e. "{{myvar}}") - Network string
- Optional, the network to be used for mgmt
- Poser
Password string - If
type==pppoe - Pppoe
Auth string - if
type==pppoe. enum:chap,none,pap - Pppoe
Username string - If
type==pppoe - Type string
- enum:
dhcp,pppoe,static
- Dns []string
- Except for out-of_band interface (vme/em0/fxp0)
- Dns
Suffixes []string - Except for out-of_band interface (vme/em0/fxp0)
- Gateway string
- Except for out-of_band interface (vme/em0/fxp0). Interface Default Gateway IP Address (i.e. "192.168.1.1") or a Variable (i.e. "{{myvar}}")
- Ip string
- Interface IP Address (i.e. "192.168.1.8") or a Variable (i.e. "{{myvar}}")
- Netmask string
- Used only if
subnetis not specified innetworks. Interface Netmask (i.e. "/24") or a Variable (i.e. "{{myvar}}") - Network string
- Optional, the network to be used for mgmt
- Poser
Password string - If
type==pppoe - Pppoe
Auth string - if
type==pppoe. enum:chap,none,pap - Pppoe
Username string - If
type==pppoe - Type string
- enum:
dhcp,pppoe,static
- dns List<String>
- Except for out-of_band interface (vme/em0/fxp0)
- dns
Suffixes List<String> - Except for out-of_band interface (vme/em0/fxp0)
- gateway String
- Except for out-of_band interface (vme/em0/fxp0). Interface Default Gateway IP Address (i.e. "192.168.1.1") or a Variable (i.e. "{{myvar}}")
- ip String
- Interface IP Address (i.e. "192.168.1.8") or a Variable (i.e. "{{myvar}}")
- netmask String
- Used only if
subnetis not specified innetworks. Interface Netmask (i.e. "/24") or a Variable (i.e. "{{myvar}}") - network String
- Optional, the network to be used for mgmt
- poser
Password String - If
type==pppoe - pppoe
Auth String - if
type==pppoe. enum:chap,none,pap - pppoe
Username String - If
type==pppoe - type String
- enum:
dhcp,pppoe,static
- dns string[]
- Except for out-of_band interface (vme/em0/fxp0)
- dns
Suffixes string[] - Except for out-of_band interface (vme/em0/fxp0)
- gateway string
- Except for out-of_band interface (vme/em0/fxp0). Interface Default Gateway IP Address (i.e. "192.168.1.1") or a Variable (i.e. "{{myvar}}")
- ip string
- Interface IP Address (i.e. "192.168.1.8") or a Variable (i.e. "{{myvar}}")
- netmask string
- Used only if
subnetis not specified innetworks. Interface Netmask (i.e. "/24") or a Variable (i.e. "{{myvar}}") - network string
- Optional, the network to be used for mgmt
- poser
Password string - If
type==pppoe - pppoe
Auth string - if
type==pppoe. enum:chap,none,pap - pppoe
Username string - If
type==pppoe - type string
- enum:
dhcp,pppoe,static
- dns Sequence[str]
- Except for out-of_band interface (vme/em0/fxp0)
- dns_
suffixes Sequence[str] - Except for out-of_band interface (vme/em0/fxp0)
- gateway str
- Except for out-of_band interface (vme/em0/fxp0). Interface Default Gateway IP Address (i.e. "192.168.1.1") or a Variable (i.e. "{{myvar}}")
- ip str
- Interface IP Address (i.e. "192.168.1.8") or a Variable (i.e. "{{myvar}}")
- netmask str
- Used only if
subnetis not specified innetworks. Interface Netmask (i.e. "/24") or a Variable (i.e. "{{myvar}}") - network str
- Optional, the network to be used for mgmt
- poser_
password str - If
type==pppoe - pppoe_
auth str - if
type==pppoe. enum:chap,none,pap - pppoe_
username str - If
type==pppoe - type str
- enum:
dhcp,pppoe,static
- dns List<String>
- Except for out-of_band interface (vme/em0/fxp0)
- dns
Suffixes List<String> - Except for out-of_band interface (vme/em0/fxp0)
- gateway String
- Except for out-of_band interface (vme/em0/fxp0). Interface Default Gateway IP Address (i.e. "192.168.1.1") or a Variable (i.e. "{{myvar}}")
- ip String
- Interface IP Address (i.e. "192.168.1.8") or a Variable (i.e. "{{myvar}}")
- netmask String
- Used only if
subnetis not specified innetworks. Interface Netmask (i.e. "/24") or a Variable (i.e. "{{myvar}}") - network String
- Optional, the network to be used for mgmt
- poser
Password String - If
type==pppoe - pppoe
Auth String - if
type==pppoe. enum:chap,none,pap - pppoe
Username String - If
type==pppoe - type String
- enum:
dhcp,pppoe,static
GatewayPortConfigTrafficShaping, GatewayPortConfigTrafficShapingArgs
- Class
Percentages List<int> - percentages for differet class of traffic: high / medium / low / best-effort. Sum must be equal to 100
- Enabled bool
- Max
Tx intKbps - Interface Transmit Cap in kbps
- Class
Percentages []int - percentages for differet class of traffic: high / medium / low / best-effort. Sum must be equal to 100
- Enabled bool
- Max
Tx intKbps - Interface Transmit Cap in kbps
- class
Percentages List<Integer> - percentages for differet class of traffic: high / medium / low / best-effort. Sum must be equal to 100
- enabled Boolean
- max
Tx IntegerKbps - Interface Transmit Cap in kbps
- class
Percentages number[] - percentages for differet class of traffic: high / medium / low / best-effort. Sum must be equal to 100
- enabled boolean
- max
Tx numberKbps - Interface Transmit Cap in kbps
- class_
percentages Sequence[int] - percentages for differet class of traffic: high / medium / low / best-effort. Sum must be equal to 100
- enabled bool
- max_
tx_ intkbps - Interface Transmit Cap in kbps
- class
Percentages List<Number> - percentages for differet class of traffic: high / medium / low / best-effort. Sum must be equal to 100
- enabled Boolean
- max
Tx NumberKbps - Interface Transmit Cap in kbps
GatewayPortConfigVpnPaths, GatewayPortConfigVpnPathsArgs
- Bfd
Profile string - Only if the VPN
type==hub_spoke. enum:broadband,lte - Bfd
Use boolTunnel Mode - Only if the VPN
type==hub_spoke. Whether to use tunnel mode. SSR only - Link
Name string - Only if the VPN
type==mesh - Preference int
- Only if the VPN
type==hub_spoke. For a given VPN, whenpath_selection.strategy==simple, the preference for a path (lower is preferred) - Role string
- Only if the VPN
type==hub_spoke. enum:hub,spoke - Traffic
Shaping Pulumi.Juniper Mist. Device. Inputs. Gateway Port Config Vpn Paths Traffic Shaping
- Bfd
Profile string - Only if the VPN
type==hub_spoke. enum:broadband,lte - Bfd
Use boolTunnel Mode - Only if the VPN
type==hub_spoke. Whether to use tunnel mode. SSR only - Link
Name string - Only if the VPN
type==mesh - Preference int
- Only if the VPN
type==hub_spoke. For a given VPN, whenpath_selection.strategy==simple, the preference for a path (lower is preferred) - Role string
- Only if the VPN
type==hub_spoke. enum:hub,spoke - Traffic
Shaping GatewayPort Config Vpn Paths Traffic Shaping
- bfd
Profile String - Only if the VPN
type==hub_spoke. enum:broadband,lte - bfd
Use BooleanTunnel Mode - Only if the VPN
type==hub_spoke. Whether to use tunnel mode. SSR only - link
Name String - Only if the VPN
type==mesh - preference Integer
- Only if the VPN
type==hub_spoke. For a given VPN, whenpath_selection.strategy==simple, the preference for a path (lower is preferred) - role String
- Only if the VPN
type==hub_spoke. enum:hub,spoke - traffic
Shaping GatewayPort Config Vpn Paths Traffic Shaping
- bfd
Profile string - Only if the VPN
type==hub_spoke. enum:broadband,lte - bfd
Use booleanTunnel Mode - Only if the VPN
type==hub_spoke. Whether to use tunnel mode. SSR only - link
Name string - Only if the VPN
type==mesh - preference number
- Only if the VPN
type==hub_spoke. For a given VPN, whenpath_selection.strategy==simple, the preference for a path (lower is preferred) - role string
- Only if the VPN
type==hub_spoke. enum:hub,spoke - traffic
Shaping GatewayPort Config Vpn Paths Traffic Shaping
- bfd_
profile str - Only if the VPN
type==hub_spoke. enum:broadband,lte - bfd_
use_ booltunnel_ mode - Only if the VPN
type==hub_spoke. Whether to use tunnel mode. SSR only - link_
name str - Only if the VPN
type==mesh - preference int
- Only if the VPN
type==hub_spoke. For a given VPN, whenpath_selection.strategy==simple, the preference for a path (lower is preferred) - role str
- Only if the VPN
type==hub_spoke. enum:hub,spoke - traffic_
shaping GatewayPort Config Vpn Paths Traffic Shaping
- bfd
Profile String - Only if the VPN
type==hub_spoke. enum:broadband,lte - bfd
Use BooleanTunnel Mode - Only if the VPN
type==hub_spoke. Whether to use tunnel mode. SSR only - link
Name String - Only if the VPN
type==mesh - preference Number
- Only if the VPN
type==hub_spoke. For a given VPN, whenpath_selection.strategy==simple, the preference for a path (lower is preferred) - role String
- Only if the VPN
type==hub_spoke. enum:hub,spoke - traffic
Shaping Property Map
GatewayPortConfigVpnPathsTrafficShaping, GatewayPortConfigVpnPathsTrafficShapingArgs
- Class
Percentages List<int> - percentages for differet class of traffic: high / medium / low / best-effort. Sum must be equal to 100
- Enabled bool
- Max
Tx intKbps - Interface Transmit Cap in kbps
- Class
Percentages []int - percentages for differet class of traffic: high / medium / low / best-effort. Sum must be equal to 100
- Enabled bool
- Max
Tx intKbps - Interface Transmit Cap in kbps
- class
Percentages List<Integer> - percentages for differet class of traffic: high / medium / low / best-effort. Sum must be equal to 100
- enabled Boolean
- max
Tx IntegerKbps - Interface Transmit Cap in kbps
- class
Percentages number[] - percentages for differet class of traffic: high / medium / low / best-effort. Sum must be equal to 100
- enabled boolean
- max
Tx numberKbps - Interface Transmit Cap in kbps
- class_
percentages Sequence[int] - percentages for differet class of traffic: high / medium / low / best-effort. Sum must be equal to 100
- enabled bool
- max_
tx_ intkbps - Interface Transmit Cap in kbps
- class
Percentages List<Number> - percentages for differet class of traffic: high / medium / low / best-effort. Sum must be equal to 100
- enabled Boolean
- max
Tx NumberKbps - Interface Transmit Cap in kbps
GatewayPortConfigWanExtraRoutes, GatewayPortConfigWanExtraRoutesArgs
- Via string
- Via string
- via String
- via string
- via str
- via String
GatewayPortConfigWanProbeOverride, GatewayPortConfigWanProbeOverrideArgs
- Ips List<string>
- Probe
Profile string - enum:
broadband,lte
- Ips []string
- Probe
Profile string - enum:
broadband,lte
- ips List<String>
- probe
Profile String - enum:
broadband,lte
- ips string[]
- probe
Profile string - enum:
broadband,lte
- ips Sequence[str]
- probe_
profile str - enum:
broadband,lte
- ips List<String>
- probe
Profile String - enum:
broadband,lte
GatewayPortConfigWanSourceNat, GatewayPortConfigWanSourceNatArgs
GatewayPortMirroring, GatewayPortMirroringArgs
GatewayPortMirroringPortMirror, GatewayPortMirroringPortMirrorArgs
- Family
Type string - Ingress
Port List<string>Ids - Output
Port stringId - Rate int
- Run
Length int
- Family
Type string - Ingress
Port []stringIds - Output
Port stringId - Rate int
- Run
Length int
- family
Type String - ingress
Port List<String>Ids - output
Port StringId - rate Integer
- run
Length Integer
- family
Type string - ingress
Port string[]Ids - output
Port stringId - rate number
- run
Length number
- family_
type str - ingress_
port_ Sequence[str]ids - output_
port_ strid - rate int
- run_
length int
- family
Type String - ingress
Port List<String>Ids - output
Port StringId - rate Number
- run
Length Number
GatewayRoutingPolicies, GatewayRoutingPoliciesArgs
- Terms
List<Pulumi.
Juniper Mist. Device. Inputs. Gateway Routing Policies Term> - zero or more criteria/filter can be specified to match the term, all criteria have to be met
- Terms
[]Gateway
Routing Policies Term - zero or more criteria/filter can be specified to match the term, all criteria have to be met
- terms
List<Gateway
Routing Policies Term> - zero or more criteria/filter can be specified to match the term, all criteria have to be met
- terms
Gateway
Routing Policies Term[] - zero or more criteria/filter can be specified to match the term, all criteria have to be met
- terms
Sequence[Gateway
Routing Policies Term] - zero or more criteria/filter can be specified to match the term, all criteria have to be met
- terms List<Property Map>
- zero or more criteria/filter can be specified to match the term, all criteria have to be met
GatewayRoutingPoliciesTerm, GatewayRoutingPoliciesTermArgs
- Action
Pulumi.
Juniper Mist. Device. Inputs. Gateway Routing Policies Term Action - When used as import policy
- Matching
Pulumi.
Juniper Mist. Device. Inputs. Gateway Routing Policies Term Matching - zero or more criteria/filter can be specified to match the term, all criteria have to be met
- Action
Gateway
Routing Policies Term Action - When used as import policy
- Matching
Gateway
Routing Policies Term Matching - zero or more criteria/filter can be specified to match the term, all criteria have to be met
- action
Gateway
Routing Policies Term Action - When used as import policy
- matching
Gateway
Routing Policies Term Matching - zero or more criteria/filter can be specified to match the term, all criteria have to be met
- action
Gateway
Routing Policies Term Action - When used as import policy
- matching
Gateway
Routing Policies Term Matching - zero or more criteria/filter can be specified to match the term, all criteria have to be met
- action
Gateway
Routing Policies Term Action - When used as import policy
- matching
Gateway
Routing Policies Term Matching - zero or more criteria/filter can be specified to match the term, all criteria have to be met
- action Property Map
- When used as import policy
- matching Property Map
- zero or more criteria/filter can be specified to match the term, all criteria have to be met
GatewayRoutingPoliciesTermAction, GatewayRoutingPoliciesTermActionArgs
- Accept bool
- Add
Communities List<string> - Add
Target List<string>Vrfs - For SSR, hub decides how VRF routes are leaked on spoke
- Aggregates List<string>
- route aggregation
- Communities List<string>
- When used as export policy, optional
- Exclude
As List<string>Paths - When used as export policy, optional. To exclude certain AS
- Exclude
Communities List<string> - Export
Communitites List<string> - When used as export policy, optional
- Local
Preference string - Optional, for an import policy, local_preference can be changed
- Prepend
As List<string>Paths - When used as export policy, optional. By default, the local AS will be prepended, to change it
- Accept bool
- Add
Communities []string - Add
Target []stringVrfs - For SSR, hub decides how VRF routes are leaked on spoke
- Aggregates []string
- route aggregation
- Communities []string
- When used as export policy, optional
- Exclude
As []stringPaths - When used as export policy, optional. To exclude certain AS
- Exclude
Communities []string - Export
Communitites []string - When used as export policy, optional
- Local
Preference string - Optional, for an import policy, local_preference can be changed
- Prepend
As []stringPaths - When used as export policy, optional. By default, the local AS will be prepended, to change it
- accept Boolean
- add
Communities List<String> - add
Target List<String>Vrfs - For SSR, hub decides how VRF routes are leaked on spoke
- aggregates List<String>
- route aggregation
- communities List<String>
- When used as export policy, optional
- exclude
As List<String>Paths - When used as export policy, optional. To exclude certain AS
- exclude
Communities List<String> - export
Communitites List<String> - When used as export policy, optional
- local
Preference String - Optional, for an import policy, local_preference can be changed
- prepend
As List<String>Paths - When used as export policy, optional. By default, the local AS will be prepended, to change it
- accept boolean
- add
Communities string[] - add
Target string[]Vrfs - For SSR, hub decides how VRF routes are leaked on spoke
- aggregates string[]
- route aggregation
- communities string[]
- When used as export policy, optional
- exclude
As string[]Paths - When used as export policy, optional. To exclude certain AS
- exclude
Communities string[] - export
Communitites string[] - When used as export policy, optional
- local
Preference string - Optional, for an import policy, local_preference can be changed
- prepend
As string[]Paths - When used as export policy, optional. By default, the local AS will be prepended, to change it
- accept bool
- add_
communities Sequence[str] - add_
target_ Sequence[str]vrfs - For SSR, hub decides how VRF routes are leaked on spoke
- aggregates Sequence[str]
- route aggregation
- communities Sequence[str]
- When used as export policy, optional
- exclude_
as_ Sequence[str]paths - When used as export policy, optional. To exclude certain AS
- exclude_
communities Sequence[str] - export_
communitites Sequence[str] - When used as export policy, optional
- local_
preference str - Optional, for an import policy, local_preference can be changed
- prepend_
as_ Sequence[str]paths - When used as export policy, optional. By default, the local AS will be prepended, to change it
- accept Boolean
- add
Communities List<String> - add
Target List<String>Vrfs - For SSR, hub decides how VRF routes are leaked on spoke
- aggregates List<String>
- route aggregation
- communities List<String>
- When used as export policy, optional
- exclude
As List<String>Paths - When used as export policy, optional. To exclude certain AS
- exclude
Communities List<String> - export
Communitites List<String> - When used as export policy, optional
- local
Preference String - Optional, for an import policy, local_preference can be changed
- prepend
As List<String>Paths - When used as export policy, optional. By default, the local AS will be prepended, to change it
GatewayRoutingPoliciesTermMatching, GatewayRoutingPoliciesTermMatchingArgs
- As
Paths List<string> - takes regular expression
- Communities List<string>
- Networks List<string>
- Prefixes List<string>
- zero or more criteria/filter can be specified to match the term, all criteria have to be met
- Protocols List<string>
direct,bgp,osp, ...- Route
Exists Pulumi.Juniper Mist. Device. Inputs. Gateway Routing Policies Term Matching Route Exists - Vpn
Neighbor List<string>Macs - overlay-facing criteria (used for bgp_config where via=vpn)
- Vpn
Path Pulumi.Sla Juniper Mist. Device. Inputs. Gateway Routing Policies Term Matching Vpn Path Sla - Vpn
Paths List<string> - overlay-facing criteria (used for bgp_config where via=vpn). ordered-
- As
Paths []string - takes regular expression
- Communities []string
- Networks []string
- Prefixes []string
- zero or more criteria/filter can be specified to match the term, all criteria have to be met
- Protocols []string
direct,bgp,osp, ...- Route
Exists GatewayRouting Policies Term Matching Route Exists - Vpn
Neighbor []stringMacs - overlay-facing criteria (used for bgp_config where via=vpn)
- Vpn
Path GatewaySla Routing Policies Term Matching Vpn Path Sla - Vpn
Paths []string - overlay-facing criteria (used for bgp_config where via=vpn). ordered-
- as
Paths List<String> - takes regular expression
- communities List<String>
- networks List<String>
- prefixes List<String>
- zero or more criteria/filter can be specified to match the term, all criteria have to be met
- protocols List<String>
direct,bgp,osp, ...- route
Exists GatewayRouting Policies Term Matching Route Exists - vpn
Neighbor List<String>Macs - overlay-facing criteria (used for bgp_config where via=vpn)
- vpn
Path GatewaySla Routing Policies Term Matching Vpn Path Sla - vpn
Paths List<String> - overlay-facing criteria (used for bgp_config where via=vpn). ordered-
- as
Paths string[] - takes regular expression
- communities string[]
- networks string[]
- prefixes string[]
- zero or more criteria/filter can be specified to match the term, all criteria have to be met
- protocols string[]
direct,bgp,osp, ...- route
Exists GatewayRouting Policies Term Matching Route Exists - vpn
Neighbor string[]Macs - overlay-facing criteria (used for bgp_config where via=vpn)
- vpn
Path GatewaySla Routing Policies Term Matching Vpn Path Sla - vpn
Paths string[] - overlay-facing criteria (used for bgp_config where via=vpn). ordered-
- as_
paths Sequence[str] - takes regular expression
- communities Sequence[str]
- networks Sequence[str]
- prefixes Sequence[str]
- zero or more criteria/filter can be specified to match the term, all criteria have to be met
- protocols Sequence[str]
direct,bgp,osp, ...- route_
exists GatewayRouting Policies Term Matching Route Exists - vpn_
neighbor_ Sequence[str]macs - overlay-facing criteria (used for bgp_config where via=vpn)
- vpn_
path_ Gatewaysla Routing Policies Term Matching Vpn Path Sla - vpn_
paths Sequence[str] - overlay-facing criteria (used for bgp_config where via=vpn). ordered-
- as
Paths List<String> - takes regular expression
- communities List<String>
- networks List<String>
- prefixes List<String>
- zero or more criteria/filter can be specified to match the term, all criteria have to be met
- protocols List<String>
direct,bgp,osp, ...- route
Exists Property Map - vpn
Neighbor List<String>Macs - overlay-facing criteria (used for bgp_config where via=vpn)
- vpn
Path Property MapSla - vpn
Paths List<String> - overlay-facing criteria (used for bgp_config where via=vpn). ordered-
GatewayRoutingPoliciesTermMatchingRouteExists, GatewayRoutingPoliciesTermMatchingRouteExistsArgs
GatewayRoutingPoliciesTermMatchingVpnPathSla, GatewayRoutingPoliciesTermMatchingVpnPathSlaArgs
- Max
Jitter int - Max
Latency int - Max
Loss int
- Max
Jitter int - Max
Latency int - Max
Loss int
- max
Jitter Integer - max
Latency Integer - max
Loss Integer
- max
Jitter number - max
Latency number - max
Loss number
- max_
jitter int - max_
latency int - max_
loss int
- max
Jitter Number - max
Latency Number - max
Loss Number
GatewayServicePolicy, GatewayServicePolicyArgs
- Action string
- Required when
servicepolicy_idis not defined, optional otherwise (override the servicepolicy action). enum:allow,deny - Antivirus
Pulumi.
Juniper Mist. Device. Inputs. Gateway Service Policy Antivirus - For SRX-only
- Appqoe
Pulumi.
Juniper Mist. Device. Inputs. Gateway Service Policy Appqoe - For SRX Only
- Ewfs
List<Pulumi.
Juniper Mist. Device. Inputs. Gateway Service Policy Ewf> - Idp
Pulumi.
Juniper Mist. Device. Inputs. Gateway Service Policy Idp - Local
Routing bool - access within the same VRF
- Name string
- Required when
servicepolicy_idis not defined, optional otherwise (override the servicepolicy name) - Path
Preference string - By default, we derive all paths available and use them. Optionally, you can customize by using
path_preference - Servicepolicy
Id string - Used to link servicepolicy defined at org level and overwrite some attributes
- Services List<string>
- Required when
servicepolicy_idis not defined. List of Applications / Desctinations - Ssl
Proxy Pulumi.Juniper Mist. Device. Inputs. Gateway Service Policy Ssl Proxy - For SRX-only
- Tenants List<string>
- Required when
servicepolicy_idis not defined. List of Networks / Users
- Action string
- Required when
servicepolicy_idis not defined, optional otherwise (override the servicepolicy action). enum:allow,deny - Antivirus
Gateway
Service Policy Antivirus - For SRX-only
- Appqoe
Gateway
Service Policy Appqoe - For SRX Only
- Ewfs
[]Gateway
Service Policy Ewf - Idp
Gateway
Service Policy Idp - Local
Routing bool - access within the same VRF
- Name string
- Required when
servicepolicy_idis not defined, optional otherwise (override the servicepolicy name) - Path
Preference string - By default, we derive all paths available and use them. Optionally, you can customize by using
path_preference - Servicepolicy
Id string - Used to link servicepolicy defined at org level and overwrite some attributes
- Services []string
- Required when
servicepolicy_idis not defined. List of Applications / Desctinations - Ssl
Proxy GatewayService Policy Ssl Proxy - For SRX-only
- Tenants []string
- Required when
servicepolicy_idis not defined. List of Networks / Users
- action String
- Required when
servicepolicy_idis not defined, optional otherwise (override the servicepolicy action). enum:allow,deny - antivirus
Gateway
Service Policy Antivirus - For SRX-only
- appqoe
Gateway
Service Policy Appqoe - For SRX Only
- ewfs
List<Gateway
Service Policy Ewf> - idp
Gateway
Service Policy Idp - local
Routing Boolean - access within the same VRF
- name String
- Required when
servicepolicy_idis not defined, optional otherwise (override the servicepolicy name) - path
Preference String - By default, we derive all paths available and use them. Optionally, you can customize by using
path_preference - servicepolicy
Id String - Used to link servicepolicy defined at org level and overwrite some attributes
- services List<String>
- Required when
servicepolicy_idis not defined. List of Applications / Desctinations - ssl
Proxy GatewayService Policy Ssl Proxy - For SRX-only
- tenants List<String>
- Required when
servicepolicy_idis not defined. List of Networks / Users
- action string
- Required when
servicepolicy_idis not defined, optional otherwise (override the servicepolicy action). enum:allow,deny - antivirus
Gateway
Service Policy Antivirus - For SRX-only
- appqoe
Gateway
Service Policy Appqoe - For SRX Only
- ewfs
Gateway
Service Policy Ewf[] - idp
Gateway
Service Policy Idp - local
Routing boolean - access within the same VRF
- name string
- Required when
servicepolicy_idis not defined, optional otherwise (override the servicepolicy name) - path
Preference string - By default, we derive all paths available and use them. Optionally, you can customize by using
path_preference - servicepolicy
Id string - Used to link servicepolicy defined at org level and overwrite some attributes
- services string[]
- Required when
servicepolicy_idis not defined. List of Applications / Desctinations - ssl
Proxy GatewayService Policy Ssl Proxy - For SRX-only
- tenants string[]
- Required when
servicepolicy_idis not defined. List of Networks / Users
- action str
- Required when
servicepolicy_idis not defined, optional otherwise (override the servicepolicy action). enum:allow,deny - antivirus
Gateway
Service Policy Antivirus - For SRX-only
- appqoe
Gateway
Service Policy Appqoe - For SRX Only
- ewfs
Sequence[Gateway
Service Policy Ewf] - idp
Gateway
Service Policy Idp - local_
routing bool - access within the same VRF
- name str
- Required when
servicepolicy_idis not defined, optional otherwise (override the servicepolicy name) - path_
preference str - By default, we derive all paths available and use them. Optionally, you can customize by using
path_preference - servicepolicy_
id str - Used to link servicepolicy defined at org level and overwrite some attributes
- services Sequence[str]
- Required when
servicepolicy_idis not defined. List of Applications / Desctinations - ssl_
proxy GatewayService Policy Ssl Proxy - For SRX-only
- tenants Sequence[str]
- Required when
servicepolicy_idis not defined. List of Networks / Users
- action String
- Required when
servicepolicy_idis not defined, optional otherwise (override the servicepolicy action). enum:allow,deny - antivirus Property Map
- For SRX-only
- appqoe Property Map
- For SRX Only
- ewfs List<Property Map>
- idp Property Map
- local
Routing Boolean - access within the same VRF
- name String
- Required when
servicepolicy_idis not defined, optional otherwise (override the servicepolicy name) - path
Preference String - By default, we derive all paths available and use them. Optionally, you can customize by using
path_preference - servicepolicy
Id String - Used to link servicepolicy defined at org level and overwrite some attributes
- services List<String>
- Required when
servicepolicy_idis not defined. List of Applications / Desctinations - ssl
Proxy Property Map - For SRX-only
- tenants List<String>
- Required when
servicepolicy_idis not defined. List of Networks / Users
GatewayServicePolicyAntivirus, GatewayServicePolicyAntivirusArgs
- Avprofile
Id string - org-level AV Profile can be used, this takes precendence over 'profile'
- Enabled bool
- Profile string
- Default / noftp / httponly / or keys from av_profiles
- Avprofile
Id string - org-level AV Profile can be used, this takes precendence over 'profile'
- Enabled bool
- Profile string
- Default / noftp / httponly / or keys from av_profiles
- avprofile
Id String - org-level AV Profile can be used, this takes precendence over 'profile'
- enabled Boolean
- profile String
- Default / noftp / httponly / or keys from av_profiles
- avprofile
Id string - org-level AV Profile can be used, this takes precendence over 'profile'
- enabled boolean
- profile string
- Default / noftp / httponly / or keys from av_profiles
- avprofile_
id str - org-level AV Profile can be used, this takes precendence over 'profile'
- enabled bool
- profile str
- Default / noftp / httponly / or keys from av_profiles
- avprofile
Id String - org-level AV Profile can be used, this takes precendence over 'profile'
- enabled Boolean
- profile String
- Default / noftp / httponly / or keys from av_profiles
GatewayServicePolicyAppqoe, GatewayServicePolicyAppqoeArgs
- Enabled bool
- Enabled bool
- enabled Boolean
- enabled boolean
- enabled bool
- enabled Boolean
GatewayServicePolicyEwf, GatewayServicePolicyEwfArgs
- Alert
Only bool - Block
Message string - Enabled bool
- Profile string
- enum:
critical,standard,strict
- Alert
Only bool - Block
Message string - Enabled bool
- Profile string
- enum:
critical,standard,strict
- alert
Only Boolean - block
Message String - enabled Boolean
- profile String
- enum:
critical,standard,strict
- alert
Only boolean - block
Message string - enabled boolean
- profile string
- enum:
critical,standard,strict
- alert_
only bool - block_
message str - enabled bool
- profile str
- enum:
critical,standard,strict
- alert
Only Boolean - block
Message String - enabled Boolean
- profile String
- enum:
critical,standard,strict
GatewayServicePolicyIdp, GatewayServicePolicyIdpArgs
- Alert
Only bool - Enabled bool
- Idpprofile
Id string - org_level IDP Profile can be used, this takes precedence over
profile - Profile string
- enum:
Custom,strict(default),standardor keys from idp_profiles
- Alert
Only bool - Enabled bool
- Idpprofile
Id string - org_level IDP Profile can be used, this takes precedence over
profile - Profile string
- enum:
Custom,strict(default),standardor keys from idp_profiles
- alert
Only Boolean - enabled Boolean
- idpprofile
Id String - org_level IDP Profile can be used, this takes precedence over
profile - profile String
- enum:
Custom,strict(default),standardor keys from idp_profiles
- alert
Only boolean - enabled boolean
- idpprofile
Id string - org_level IDP Profile can be used, this takes precedence over
profile - profile string
- enum:
Custom,strict(default),standardor keys from idp_profiles
- alert_
only bool - enabled bool
- idpprofile_
id str - org_level IDP Profile can be used, this takes precedence over
profile - profile str
- enum:
Custom,strict(default),standardor keys from idp_profiles
- alert
Only Boolean - enabled Boolean
- idpprofile
Id String - org_level IDP Profile can be used, this takes precedence over
profile - profile String
- enum:
Custom,strict(default),standardor keys from idp_profiles
GatewayServicePolicySslProxy, GatewayServicePolicySslProxyArgs
- Ciphers
Category string - enum:
medium,strong,weak - Enabled bool
- Ciphers
Category string - enum:
medium,strong,weak - Enabled bool
- ciphers
Category String - enum:
medium,strong,weak - enabled Boolean
- ciphers
Category string - enum:
medium,strong,weak - enabled boolean
- ciphers_
category str - enum:
medium,strong,weak - enabled bool
- ciphers
Category String - enum:
medium,strong,weak - enabled Boolean
GatewayTunnelConfigs, GatewayTunnelConfigsArgs
- Auto
Provision Pulumi.Juniper Mist. Device. Inputs. Gateway Tunnel Configs Auto Provision - Ike
Lifetime int - Only if
provider==custom-ipsec. Must be between 180 and 86400 - Ike
Mode string - Only if
provider==custom-ipsec. enum:aggressive,main - Ike
Proposals List<Pulumi.Juniper Mist. Device. Inputs. Gateway Tunnel Configs Ike Proposal> - If
provider==custom-ipsec - Ipsec
Lifetime int - Only if
provider==custom-ipsec. Must be between 180 and 86400 - Ipsec
Proposals List<Pulumi.Juniper Mist. Device. Inputs. Gateway Tunnel Configs Ipsec Proposal> - Only if
provider==custom-ipsec - Local
Id string - Required if
provider==zscaler-ipsec,provider==jse-ipsecorprovider==custom-ipsec - Mode string
- Required if
provider==zscaler-gre,provider==jse-ipsec. enum:active-active,active-standby - Networks List<string>
- If
provider==custom-ipsec, networks reachable via this tunnel - Primary
Pulumi.
Juniper Mist. Device. Inputs. Gateway Tunnel Configs Primary - Only if
provider==zscaler-ipsec,provider==jse-ipsecorprovider==custom-ipsec - Probe
Pulumi.
Juniper Mist. Device. Inputs. Gateway Tunnel Configs Probe - Only if
provider==custom-ipsec - Protocol string
- Only if
provider==custom-ipsec. enum:gre,ipsec - Provider string
- Only if
auto_provision.enabled==false. enum:custom-ipsec,customer-gre,jse-ipsec,zscaler-gre,zscaler-ipsec - Psk string
- Required if
provider==zscaler-ipsec,provider==jse-ipsecorprovider==custom-ipsec - Secondary
Pulumi.
Juniper Mist. Device. Inputs. Gateway Tunnel Configs Secondary - Only if
provider==zscaler-ipsec,provider==jse-ipsecorprovider==custom-ipsec - Version string
- Only if
provider==custom-greorprovider==custom-ipsec. enum:1,2
- Auto
Provision GatewayTunnel Configs Auto Provision - Ike
Lifetime int - Only if
provider==custom-ipsec. Must be between 180 and 86400 - Ike
Mode string - Only if
provider==custom-ipsec. enum:aggressive,main - Ike
Proposals []GatewayTunnel Configs Ike Proposal - If
provider==custom-ipsec - Ipsec
Lifetime int - Only if
provider==custom-ipsec. Must be between 180 and 86400 - Ipsec
Proposals []GatewayTunnel Configs Ipsec Proposal - Only if
provider==custom-ipsec - Local
Id string - Required if
provider==zscaler-ipsec,provider==jse-ipsecorprovider==custom-ipsec - Mode string
- Required if
provider==zscaler-gre,provider==jse-ipsec. enum:active-active,active-standby - Networks []string
- If
provider==custom-ipsec, networks reachable via this tunnel - Primary
Gateway
Tunnel Configs Primary - Only if
provider==zscaler-ipsec,provider==jse-ipsecorprovider==custom-ipsec - Probe
Gateway
Tunnel Configs Probe - Only if
provider==custom-ipsec - Protocol string
- Only if
provider==custom-ipsec. enum:gre,ipsec - Provider string
- Only if
auto_provision.enabled==false. enum:custom-ipsec,customer-gre,jse-ipsec,zscaler-gre,zscaler-ipsec - Psk string
- Required if
provider==zscaler-ipsec,provider==jse-ipsecorprovider==custom-ipsec - Secondary
Gateway
Tunnel Configs Secondary - Only if
provider==zscaler-ipsec,provider==jse-ipsecorprovider==custom-ipsec - Version string
- Only if
provider==custom-greorprovider==custom-ipsec. enum:1,2
- auto
Provision GatewayTunnel Configs Auto Provision - ike
Lifetime Integer - Only if
provider==custom-ipsec. Must be between 180 and 86400 - ike
Mode String - Only if
provider==custom-ipsec. enum:aggressive,main - ike
Proposals List<GatewayTunnel Configs Ike Proposal> - If
provider==custom-ipsec - ipsec
Lifetime Integer - Only if
provider==custom-ipsec. Must be between 180 and 86400 - ipsec
Proposals List<GatewayTunnel Configs Ipsec Proposal> - Only if
provider==custom-ipsec - local
Id String - Required if
provider==zscaler-ipsec,provider==jse-ipsecorprovider==custom-ipsec - mode String
- Required if
provider==zscaler-gre,provider==jse-ipsec. enum:active-active,active-standby - networks List<String>
- If
provider==custom-ipsec, networks reachable via this tunnel - primary
Gateway
Tunnel Configs Primary - Only if
provider==zscaler-ipsec,provider==jse-ipsecorprovider==custom-ipsec - probe
Gateway
Tunnel Configs Probe - Only if
provider==custom-ipsec - protocol String
- Only if
provider==custom-ipsec. enum:gre,ipsec - provider String
- Only if
auto_provision.enabled==false. enum:custom-ipsec,customer-gre,jse-ipsec,zscaler-gre,zscaler-ipsec - psk String
- Required if
provider==zscaler-ipsec,provider==jse-ipsecorprovider==custom-ipsec - secondary
Gateway
Tunnel Configs Secondary - Only if
provider==zscaler-ipsec,provider==jse-ipsecorprovider==custom-ipsec - version String
- Only if
provider==custom-greorprovider==custom-ipsec. enum:1,2
- auto
Provision GatewayTunnel Configs Auto Provision - ike
Lifetime number - Only if
provider==custom-ipsec. Must be between 180 and 86400 - ike
Mode string - Only if
provider==custom-ipsec. enum:aggressive,main - ike
Proposals GatewayTunnel Configs Ike Proposal[] - If
provider==custom-ipsec - ipsec
Lifetime number - Only if
provider==custom-ipsec. Must be between 180 and 86400 - ipsec
Proposals GatewayTunnel Configs Ipsec Proposal[] - Only if
provider==custom-ipsec - local
Id string - Required if
provider==zscaler-ipsec,provider==jse-ipsecorprovider==custom-ipsec - mode string
- Required if
provider==zscaler-gre,provider==jse-ipsec. enum:active-active,active-standby - networks string[]
- If
provider==custom-ipsec, networks reachable via this tunnel - primary
Gateway
Tunnel Configs Primary - Only if
provider==zscaler-ipsec,provider==jse-ipsecorprovider==custom-ipsec - probe
Gateway
Tunnel Configs Probe - Only if
provider==custom-ipsec - protocol string
- Only if
provider==custom-ipsec. enum:gre,ipsec - provider string
- Only if
auto_provision.enabled==false. enum:custom-ipsec,customer-gre,jse-ipsec,zscaler-gre,zscaler-ipsec - psk string
- Required if
provider==zscaler-ipsec,provider==jse-ipsecorprovider==custom-ipsec - secondary
Gateway
Tunnel Configs Secondary - Only if
provider==zscaler-ipsec,provider==jse-ipsecorprovider==custom-ipsec - version string
- Only if
provider==custom-greorprovider==custom-ipsec. enum:1,2
- auto_
provision GatewayTunnel Configs Auto Provision - ike_
lifetime int - Only if
provider==custom-ipsec. Must be between 180 and 86400 - ike_
mode str - Only if
provider==custom-ipsec. enum:aggressive,main - ike_
proposals Sequence[GatewayTunnel Configs Ike Proposal] - If
provider==custom-ipsec - ipsec_
lifetime int - Only if
provider==custom-ipsec. Must be between 180 and 86400 - ipsec_
proposals Sequence[GatewayTunnel Configs Ipsec Proposal] - Only if
provider==custom-ipsec - local_
id str - Required if
provider==zscaler-ipsec,provider==jse-ipsecorprovider==custom-ipsec - mode str
- Required if
provider==zscaler-gre,provider==jse-ipsec. enum:active-active,active-standby - networks Sequence[str]
- If
provider==custom-ipsec, networks reachable via this tunnel - primary
Gateway
Tunnel Configs Primary - Only if
provider==zscaler-ipsec,provider==jse-ipsecorprovider==custom-ipsec - probe
Gateway
Tunnel Configs Probe - Only if
provider==custom-ipsec - protocol str
- Only if
provider==custom-ipsec. enum:gre,ipsec - provider str
- Only if
auto_provision.enabled==false. enum:custom-ipsec,customer-gre,jse-ipsec,zscaler-gre,zscaler-ipsec - psk str
- Required if
provider==zscaler-ipsec,provider==jse-ipsecorprovider==custom-ipsec - secondary
Gateway
Tunnel Configs Secondary - Only if
provider==zscaler-ipsec,provider==jse-ipsecorprovider==custom-ipsec - version str
- Only if
provider==custom-greorprovider==custom-ipsec. enum:1,2
- auto
Provision Property Map - ike
Lifetime Number - Only if
provider==custom-ipsec. Must be between 180 and 86400 - ike
Mode String - Only if
provider==custom-ipsec. enum:aggressive,main - ike
Proposals List<Property Map> - If
provider==custom-ipsec - ipsec
Lifetime Number - Only if
provider==custom-ipsec. Must be between 180 and 86400 - ipsec
Proposals List<Property Map> - Only if
provider==custom-ipsec - local
Id String - Required if
provider==zscaler-ipsec,provider==jse-ipsecorprovider==custom-ipsec - mode String
- Required if
provider==zscaler-gre,provider==jse-ipsec. enum:active-active,active-standby - networks List<String>
- If
provider==custom-ipsec, networks reachable via this tunnel - primary Property Map
- Only if
provider==zscaler-ipsec,provider==jse-ipsecorprovider==custom-ipsec - probe Property Map
- Only if
provider==custom-ipsec - protocol String
- Only if
provider==custom-ipsec. enum:gre,ipsec - provider String
- Only if
auto_provision.enabled==false. enum:custom-ipsec,customer-gre,jse-ipsec,zscaler-gre,zscaler-ipsec - psk String
- Required if
provider==zscaler-ipsec,provider==jse-ipsecorprovider==custom-ipsec - secondary Property Map
- Only if
provider==zscaler-ipsec,provider==jse-ipsecorprovider==custom-ipsec - version String
- Only if
provider==custom-greorprovider==custom-ipsec. enum:1,2
GatewayTunnelConfigsAutoProvision, GatewayTunnelConfigsAutoProvisionArgs
- Provider string
- enum:
jse-ipsec,zscaler-ipsec - Enable bool
- Latlng
Pulumi.
Juniper Mist. Device. Inputs. Gateway Tunnel Configs Auto Provision Latlng - API override for POP selection
- Primary
Pulumi.
Juniper Mist. Device. Inputs. Gateway Tunnel Configs Auto Provision Primary - Region string
- API override for POP selection
- Secondary
Pulumi.
Juniper Mist. Device. Inputs. Gateway Tunnel Configs Auto Provision Secondary
- Provider string
- enum:
jse-ipsec,zscaler-ipsec - Enable bool
- Latlng
Gateway
Tunnel Configs Auto Provision Latlng - API override for POP selection
- Primary
Gateway
Tunnel Configs Auto Provision Primary - Region string
- API override for POP selection
- Secondary
Gateway
Tunnel Configs Auto Provision Secondary
- provider String
- enum:
jse-ipsec,zscaler-ipsec - enable Boolean
- latlng
Gateway
Tunnel Configs Auto Provision Latlng - API override for POP selection
- primary
Gateway
Tunnel Configs Auto Provision Primary - region String
- API override for POP selection
- secondary
Gateway
Tunnel Configs Auto Provision Secondary
- provider string
- enum:
jse-ipsec,zscaler-ipsec - enable boolean
- latlng
Gateway
Tunnel Configs Auto Provision Latlng - API override for POP selection
- primary
Gateway
Tunnel Configs Auto Provision Primary - region string
- API override for POP selection
- secondary
Gateway
Tunnel Configs Auto Provision Secondary
- provider str
- enum:
jse-ipsec,zscaler-ipsec - enable bool
- latlng
Gateway
Tunnel Configs Auto Provision Latlng - API override for POP selection
- primary
Gateway
Tunnel Configs Auto Provision Primary - region str
- API override for POP selection
- secondary
Gateway
Tunnel Configs Auto Provision Secondary
- provider String
- enum:
jse-ipsec,zscaler-ipsec - enable Boolean
- latlng Property Map
- API override for POP selection
- primary Property Map
- region String
- API override for POP selection
- secondary Property Map
GatewayTunnelConfigsAutoProvisionLatlng, GatewayTunnelConfigsAutoProvisionLatlngArgs
GatewayTunnelConfigsAutoProvisionPrimary, GatewayTunnelConfigsAutoProvisionPrimaryArgs
GatewayTunnelConfigsAutoProvisionSecondary, GatewayTunnelConfigsAutoProvisionSecondaryArgs
GatewayTunnelConfigsIkeProposal, GatewayTunnelConfigsIkeProposalArgs
GatewayTunnelConfigsIpsecProposal, GatewayTunnelConfigsIpsecProposalArgs
GatewayTunnelConfigsPrimary, GatewayTunnelConfigsPrimaryArgs
- Hosts List<string>
- Wan
Names List<string> - Internal
Ips List<string> - Only if
provider==zscaler-gre,provider==jse-ipsec,provider==custom-ipsecorprovider==custom-gre - Probe
Ips List<string> - Remote
Ids List<string> - Only if
provider==jse-ipsecorprovider==custom-ipsec
- Hosts []string
- Wan
Names []string - Internal
Ips []string - Only if
provider==zscaler-gre,provider==jse-ipsec,provider==custom-ipsecorprovider==custom-gre - Probe
Ips []string - Remote
Ids []string - Only if
provider==jse-ipsecorprovider==custom-ipsec
- hosts List<String>
- wan
Names List<String> - internal
Ips List<String> - Only if
provider==zscaler-gre,provider==jse-ipsec,provider==custom-ipsecorprovider==custom-gre - probe
Ips List<String> - remote
Ids List<String> - Only if
provider==jse-ipsecorprovider==custom-ipsec
- hosts string[]
- wan
Names string[] - internal
Ips string[] - Only if
provider==zscaler-gre,provider==jse-ipsec,provider==custom-ipsecorprovider==custom-gre - probe
Ips string[] - remote
Ids string[] - Only if
provider==jse-ipsecorprovider==custom-ipsec
- hosts Sequence[str]
- wan_
names Sequence[str] - internal_
ips Sequence[str] - Only if
provider==zscaler-gre,provider==jse-ipsec,provider==custom-ipsecorprovider==custom-gre - probe_
ips Sequence[str] - remote_
ids Sequence[str] - Only if
provider==jse-ipsecorprovider==custom-ipsec
- hosts List<String>
- wan
Names List<String> - internal
Ips List<String> - Only if
provider==zscaler-gre,provider==jse-ipsec,provider==custom-ipsecorprovider==custom-gre - probe
Ips List<String> - remote
Ids List<String> - Only if
provider==jse-ipsecorprovider==custom-ipsec
GatewayTunnelConfigsProbe, GatewayTunnelConfigsProbeArgs
GatewayTunnelConfigsSecondary, GatewayTunnelConfigsSecondaryArgs
- Hosts List<string>
- Wan
Names List<string> - Internal
Ips List<string> - Only if
provider==zscaler-gre,provider==jse-ipsec,provider==custom-ipsecorprovider==custom-gre - Probe
Ips List<string> - Remote
Ids List<string> - Only if
provider==jse-ipsecorprovider==custom-ipsec
- Hosts []string
- Wan
Names []string - Internal
Ips []string - Only if
provider==zscaler-gre,provider==jse-ipsec,provider==custom-ipsecorprovider==custom-gre - Probe
Ips []string - Remote
Ids []string - Only if
provider==jse-ipsecorprovider==custom-ipsec
- hosts List<String>
- wan
Names List<String> - internal
Ips List<String> - Only if
provider==zscaler-gre,provider==jse-ipsec,provider==custom-ipsecorprovider==custom-gre - probe
Ips List<String> - remote
Ids List<String> - Only if
provider==jse-ipsecorprovider==custom-ipsec
- hosts string[]
- wan
Names string[] - internal
Ips string[] - Only if
provider==zscaler-gre,provider==jse-ipsec,provider==custom-ipsecorprovider==custom-gre - probe
Ips string[] - remote
Ids string[] - Only if
provider==jse-ipsecorprovider==custom-ipsec
- hosts Sequence[str]
- wan_
names Sequence[str] - internal_
ips Sequence[str] - Only if
provider==zscaler-gre,provider==jse-ipsec,provider==custom-ipsecorprovider==custom-gre - probe_
ips Sequence[str] - remote_
ids Sequence[str] - Only if
provider==jse-ipsecorprovider==custom-ipsec
- hosts List<String>
- wan
Names List<String> - internal
Ips List<String> - Only if
provider==zscaler-gre,provider==jse-ipsec,provider==custom-ipsecorprovider==custom-gre - probe
Ips List<String> - remote
Ids List<String> - Only if
provider==jse-ipsecorprovider==custom-ipsec
GatewayTunnelProviderOptions, GatewayTunnelProviderOptionsArgs
- Jse
Pulumi.
Juniper Mist. Device. Inputs. Gateway Tunnel Provider Options Jse - For jse-ipsec, this allows provisioning of adequate resource on JSE. Make sure adequate licenses are added
- Zscaler
Pulumi.
Juniper Mist. Device. Inputs. Gateway Tunnel Provider Options Zscaler - For zscaler-ipsec and zscaler-gre
- Jse
Gateway
Tunnel Provider Options Jse - For jse-ipsec, this allows provisioning of adequate resource on JSE. Make sure adequate licenses are added
- Zscaler
Gateway
Tunnel Provider Options Zscaler - For zscaler-ipsec and zscaler-gre
- jse
Gateway
Tunnel Provider Options Jse - For jse-ipsec, this allows provisioning of adequate resource on JSE. Make sure adequate licenses are added
- zscaler
Gateway
Tunnel Provider Options Zscaler - For zscaler-ipsec and zscaler-gre
- jse
Gateway
Tunnel Provider Options Jse - For jse-ipsec, this allows provisioning of adequate resource on JSE. Make sure adequate licenses are added
- zscaler
Gateway
Tunnel Provider Options Zscaler - For zscaler-ipsec and zscaler-gre
- jse
Gateway
Tunnel Provider Options Jse - For jse-ipsec, this allows provisioning of adequate resource on JSE. Make sure adequate licenses are added
- zscaler
Gateway
Tunnel Provider Options Zscaler - For zscaler-ipsec and zscaler-gre
- jse Property Map
- For jse-ipsec, this allows provisioning of adequate resource on JSE. Make sure adequate licenses are added
- zscaler Property Map
- For zscaler-ipsec and zscaler-gre
GatewayTunnelProviderOptionsJse, GatewayTunnelProviderOptionsJseArgs
GatewayTunnelProviderOptionsZscaler, GatewayTunnelProviderOptionsZscalerArgs
- Aup
Block boolInternet Until Accepted - Aup
Enabled bool - Can only be
truewhenauth_required==false, display Acceptable Use Policy (AUP) - Aup
Force boolSsl Inspection - Proxy HTTPs traffic, requiring Zscaler cert to be installed in browser
- Aup
Timeout intIn Days - Required if
aup_enabled==true. Days before AUP is requested again - Auth
Required bool - Enable this option to enforce user authentication
- Caution
Enabled bool - Can only be
truewhenauth_required==false, display caution notification for non-authenticated users - Dn
Bandwidth double - Download bandwidth cap of the link, in Mbps. Disabled if not set
- Idle
Time intIn Minutes - Required if
surrogate_IP==true, idle Time to Disassociation - Ofw
Enabled bool - If
true, enable the firewall control option - Sub
Locations List<Pulumi.Juniper Mist. Device. Inputs. Gateway Tunnel Provider Options Zscaler Sub Location> sub-locationscan be used for specific uses cases to define different configuration based on the user network- Surrogate
Ip bool - Can only be
truewhenauth_required==true. Map a user to a private IP address so it applies the user's policies, instead of the location's policies - Surrogate
Ip boolEnforced For Known Browsers - Can only be
truewhensurrogate_IP==true, enforce surrogate IP for known browsers - Surrogate
Refresh intTime In Minutes - Required if
surrogate_IP_enforced_for_known_browsers==true, must be lower or equal thanidle_time_in_minutes, refresh Time for re-validation of Surrogacy - Up
Bandwidth double - Download bandwidth cap of the link, in Mbps. Disabled if not set
- Xff
Forward boolEnabled - Location uses proxy chaining to forward traffic
- Aup
Block boolInternet Until Accepted - Aup
Enabled bool - Can only be
truewhenauth_required==false, display Acceptable Use Policy (AUP) - Aup
Force boolSsl Inspection - Proxy HTTPs traffic, requiring Zscaler cert to be installed in browser
- Aup
Timeout intIn Days - Required if
aup_enabled==true. Days before AUP is requested again - Auth
Required bool - Enable this option to enforce user authentication
- Caution
Enabled bool - Can only be
truewhenauth_required==false, display caution notification for non-authenticated users - Dn
Bandwidth float64 - Download bandwidth cap of the link, in Mbps. Disabled if not set
- Idle
Time intIn Minutes - Required if
surrogate_IP==true, idle Time to Disassociation - Ofw
Enabled bool - If
true, enable the firewall control option - Sub
Locations []GatewayTunnel Provider Options Zscaler Sub Location sub-locationscan be used for specific uses cases to define different configuration based on the user network- Surrogate
Ip bool - Can only be
truewhenauth_required==true. Map a user to a private IP address so it applies the user's policies, instead of the location's policies - Surrogate
Ip boolEnforced For Known Browsers - Can only be
truewhensurrogate_IP==true, enforce surrogate IP for known browsers - Surrogate
Refresh intTime In Minutes - Required if
surrogate_IP_enforced_for_known_browsers==true, must be lower or equal thanidle_time_in_minutes, refresh Time for re-validation of Surrogacy - Up
Bandwidth float64 - Download bandwidth cap of the link, in Mbps. Disabled if not set
- Xff
Forward boolEnabled - Location uses proxy chaining to forward traffic
- aup
Block BooleanInternet Until Accepted - aup
Enabled Boolean - Can only be
truewhenauth_required==false, display Acceptable Use Policy (AUP) - aup
Force BooleanSsl Inspection - Proxy HTTPs traffic, requiring Zscaler cert to be installed in browser
- aup
Timeout IntegerIn Days - Required if
aup_enabled==true. Days before AUP is requested again - auth
Required Boolean - Enable this option to enforce user authentication
- caution
Enabled Boolean - Can only be
truewhenauth_required==false, display caution notification for non-authenticated users - dn
Bandwidth Double - Download bandwidth cap of the link, in Mbps. Disabled if not set
- idle
Time IntegerIn Minutes - Required if
surrogate_IP==true, idle Time to Disassociation - ofw
Enabled Boolean - If
true, enable the firewall control option - sub
Locations List<GatewayTunnel Provider Options Zscaler Sub Location> sub-locationscan be used for specific uses cases to define different configuration based on the user network- surrogate
Ip Boolean - Can only be
truewhenauth_required==true. Map a user to a private IP address so it applies the user's policies, instead of the location's policies - surrogate
Ip BooleanEnforced For Known Browsers - Can only be
truewhensurrogate_IP==true, enforce surrogate IP for known browsers - surrogate
Refresh IntegerTime In Minutes - Required if
surrogate_IP_enforced_for_known_browsers==true, must be lower or equal thanidle_time_in_minutes, refresh Time for re-validation of Surrogacy - up
Bandwidth Double - Download bandwidth cap of the link, in Mbps. Disabled if not set
- xff
Forward BooleanEnabled - Location uses proxy chaining to forward traffic
- aup
Block booleanInternet Until Accepted - aup
Enabled boolean - Can only be
truewhenauth_required==false, display Acceptable Use Policy (AUP) - aup
Force booleanSsl Inspection - Proxy HTTPs traffic, requiring Zscaler cert to be installed in browser
- aup
Timeout numberIn Days - Required if
aup_enabled==true. Days before AUP is requested again - auth
Required boolean - Enable this option to enforce user authentication
- caution
Enabled boolean - Can only be
truewhenauth_required==false, display caution notification for non-authenticated users - dn
Bandwidth number - Download bandwidth cap of the link, in Mbps. Disabled if not set
- idle
Time numberIn Minutes - Required if
surrogate_IP==true, idle Time to Disassociation - ofw
Enabled boolean - If
true, enable the firewall control option - sub
Locations GatewayTunnel Provider Options Zscaler Sub Location[] sub-locationscan be used for specific uses cases to define different configuration based on the user network- surrogate
Ip boolean - Can only be
truewhenauth_required==true. Map a user to a private IP address so it applies the user's policies, instead of the location's policies - surrogate
Ip booleanEnforced For Known Browsers - Can only be
truewhensurrogate_IP==true, enforce surrogate IP for known browsers - surrogate
Refresh numberTime In Minutes - Required if
surrogate_IP_enforced_for_known_browsers==true, must be lower or equal thanidle_time_in_minutes, refresh Time for re-validation of Surrogacy - up
Bandwidth number - Download bandwidth cap of the link, in Mbps. Disabled if not set
- xff
Forward booleanEnabled - Location uses proxy chaining to forward traffic
- aup_
block_ boolinternet_ until_ accepted - aup_
enabled bool - Can only be
truewhenauth_required==false, display Acceptable Use Policy (AUP) - aup_
force_ boolssl_ inspection - Proxy HTTPs traffic, requiring Zscaler cert to be installed in browser
- aup_
timeout_ intin_ days - Required if
aup_enabled==true. Days before AUP is requested again - auth_
required bool - Enable this option to enforce user authentication
- caution_
enabled bool - Can only be
truewhenauth_required==false, display caution notification for non-authenticated users - dn_
bandwidth float - Download bandwidth cap of the link, in Mbps. Disabled if not set
- idle_
time_ intin_ minutes - Required if
surrogate_IP==true, idle Time to Disassociation - ofw_
enabled bool - If
true, enable the firewall control option - sub_
locations Sequence[GatewayTunnel Provider Options Zscaler Sub Location] sub-locationscan be used for specific uses cases to define different configuration based on the user network- surrogate_
ip bool - Can only be
truewhenauth_required==true. Map a user to a private IP address so it applies the user's policies, instead of the location's policies - surrogate_
ip_ boolenforced_ for_ known_ browsers - Can only be
truewhensurrogate_IP==true, enforce surrogate IP for known browsers - surrogate_
refresh_ inttime_ in_ minutes - Required if
surrogate_IP_enforced_for_known_browsers==true, must be lower or equal thanidle_time_in_minutes, refresh Time for re-validation of Surrogacy - up_
bandwidth float - Download bandwidth cap of the link, in Mbps. Disabled if not set
- xff_
forward_ boolenabled - Location uses proxy chaining to forward traffic
- aup
Block BooleanInternet Until Accepted - aup
Enabled Boolean - Can only be
truewhenauth_required==false, display Acceptable Use Policy (AUP) - aup
Force BooleanSsl Inspection - Proxy HTTPs traffic, requiring Zscaler cert to be installed in browser
- aup
Timeout NumberIn Days - Required if
aup_enabled==true. Days before AUP is requested again - auth
Required Boolean - Enable this option to enforce user authentication
- caution
Enabled Boolean - Can only be
truewhenauth_required==false, display caution notification for non-authenticated users - dn
Bandwidth Number - Download bandwidth cap of the link, in Mbps. Disabled if not set
- idle
Time NumberIn Minutes - Required if
surrogate_IP==true, idle Time to Disassociation - ofw
Enabled Boolean - If
true, enable the firewall control option - sub
Locations List<Property Map> sub-locationscan be used for specific uses cases to define different configuration based on the user network- surrogate
Ip Boolean - Can only be
truewhenauth_required==true. Map a user to a private IP address so it applies the user's policies, instead of the location's policies - surrogate
Ip BooleanEnforced For Known Browsers - Can only be
truewhensurrogate_IP==true, enforce surrogate IP for known browsers - surrogate
Refresh NumberTime In Minutes - Required if
surrogate_IP_enforced_for_known_browsers==true, must be lower or equal thanidle_time_in_minutes, refresh Time for re-validation of Surrogacy - up
Bandwidth Number - Download bandwidth cap of the link, in Mbps. Disabled if not set
- xff
Forward BooleanEnabled - Location uses proxy chaining to forward traffic
GatewayTunnelProviderOptionsZscalerSubLocation, GatewayTunnelProviderOptionsZscalerSubLocationArgs
- Aup
Block boolInternet Until Accepted - Aup
Enabled bool - Can only be
truewhenauth_required==false, display Acceptable Use Policy (AUP) - Aup
Force boolSsl Inspection - Proxy HTTPs traffic, requiring Zscaler cert to be installed in browser
- Aup
Timeout intIn Days - Required if
aup_enabled==true. Days before AUP is requested again - Auth
Required bool - Enable this option to authenticate users
- Caution
Enabled bool - Can only be
truewhenauth_required==false, display caution notification for non-authenticated users - Dn
Bandwidth double - Download bandwidth cap of the link, in Mbps. Disabled if not set
- Idle
Time intIn Minutes - Required if
surrogate_IP==true, idle Time to Disassociation - Name string
- Network name
- Ofw
Enabled bool - If
true, enable the firewall control option - Surrogate
Ip bool - Can only be
truewhenauth_required==true. Map a user to a private IP address so it applies the user's policies, instead of the location's policies - Surrogate
Ip boolEnforced For Known Browsers - Can only be
truewhensurrogate_IP==true, enforce surrogate IP for known browsers - Surrogate
Refresh intTime In Minutes - Required if
surrogate_IP_enforced_for_known_browsers==true, must be lower or equal thanidle_time_in_minutes, refresh Time for re-validation of Surrogacy - Up
Bandwidth double - Download bandwidth cap of the link, in Mbps. Disabled if not set
- Aup
Block boolInternet Until Accepted - Aup
Enabled bool - Can only be
truewhenauth_required==false, display Acceptable Use Policy (AUP) - Aup
Force boolSsl Inspection - Proxy HTTPs traffic, requiring Zscaler cert to be installed in browser
- Aup
Timeout intIn Days - Required if
aup_enabled==true. Days before AUP is requested again - Auth
Required bool - Enable this option to authenticate users
- Caution
Enabled bool - Can only be
truewhenauth_required==false, display caution notification for non-authenticated users - Dn
Bandwidth float64 - Download bandwidth cap of the link, in Mbps. Disabled if not set
- Idle
Time intIn Minutes - Required if
surrogate_IP==true, idle Time to Disassociation - Name string
- Network name
- Ofw
Enabled bool - If
true, enable the firewall control option - Surrogate
Ip bool - Can only be
truewhenauth_required==true. Map a user to a private IP address so it applies the user's policies, instead of the location's policies - Surrogate
Ip boolEnforced For Known Browsers - Can only be
truewhensurrogate_IP==true, enforce surrogate IP for known browsers - Surrogate
Refresh intTime In Minutes - Required if
surrogate_IP_enforced_for_known_browsers==true, must be lower or equal thanidle_time_in_minutes, refresh Time for re-validation of Surrogacy - Up
Bandwidth float64 - Download bandwidth cap of the link, in Mbps. Disabled if not set
- aup
Block BooleanInternet Until Accepted - aup
Enabled Boolean - Can only be
truewhenauth_required==false, display Acceptable Use Policy (AUP) - aup
Force BooleanSsl Inspection - Proxy HTTPs traffic, requiring Zscaler cert to be installed in browser
- aup
Timeout IntegerIn Days - Required if
aup_enabled==true. Days before AUP is requested again - auth
Required Boolean - Enable this option to authenticate users
- caution
Enabled Boolean - Can only be
truewhenauth_required==false, display caution notification for non-authenticated users - dn
Bandwidth Double - Download bandwidth cap of the link, in Mbps. Disabled if not set
- idle
Time IntegerIn Minutes - Required if
surrogate_IP==true, idle Time to Disassociation - name String
- Network name
- ofw
Enabled Boolean - If
true, enable the firewall control option - surrogate
Ip Boolean - Can only be
truewhenauth_required==true. Map a user to a private IP address so it applies the user's policies, instead of the location's policies - surrogate
Ip BooleanEnforced For Known Browsers - Can only be
truewhensurrogate_IP==true, enforce surrogate IP for known browsers - surrogate
Refresh IntegerTime In Minutes - Required if
surrogate_IP_enforced_for_known_browsers==true, must be lower or equal thanidle_time_in_minutes, refresh Time for re-validation of Surrogacy - up
Bandwidth Double - Download bandwidth cap of the link, in Mbps. Disabled if not set
- aup
Block booleanInternet Until Accepted - aup
Enabled boolean - Can only be
truewhenauth_required==false, display Acceptable Use Policy (AUP) - aup
Force booleanSsl Inspection - Proxy HTTPs traffic, requiring Zscaler cert to be installed in browser
- aup
Timeout numberIn Days - Required if
aup_enabled==true. Days before AUP is requested again - auth
Required boolean - Enable this option to authenticate users
- caution
Enabled boolean - Can only be
truewhenauth_required==false, display caution notification for non-authenticated users - dn
Bandwidth number - Download bandwidth cap of the link, in Mbps. Disabled if not set
- idle
Time numberIn Minutes - Required if
surrogate_IP==true, idle Time to Disassociation - name string
- Network name
- ofw
Enabled boolean - If
true, enable the firewall control option - surrogate
Ip boolean - Can only be
truewhenauth_required==true. Map a user to a private IP address so it applies the user's policies, instead of the location's policies - surrogate
Ip booleanEnforced For Known Browsers - Can only be
truewhensurrogate_IP==true, enforce surrogate IP for known browsers - surrogate
Refresh numberTime In Minutes - Required if
surrogate_IP_enforced_for_known_browsers==true, must be lower or equal thanidle_time_in_minutes, refresh Time for re-validation of Surrogacy - up
Bandwidth number - Download bandwidth cap of the link, in Mbps. Disabled if not set
- aup_
block_ boolinternet_ until_ accepted - aup_
enabled bool - Can only be
truewhenauth_required==false, display Acceptable Use Policy (AUP) - aup_
force_ boolssl_ inspection - Proxy HTTPs traffic, requiring Zscaler cert to be installed in browser
- aup_
timeout_ intin_ days - Required if
aup_enabled==true. Days before AUP is requested again - auth_
required bool - Enable this option to authenticate users
- caution_
enabled bool - Can only be
truewhenauth_required==false, display caution notification for non-authenticated users - dn_
bandwidth float - Download bandwidth cap of the link, in Mbps. Disabled if not set
- idle_
time_ intin_ minutes - Required if
surrogate_IP==true, idle Time to Disassociation - name str
- Network name
- ofw_
enabled bool - If
true, enable the firewall control option - surrogate_
ip bool - Can only be
truewhenauth_required==true. Map a user to a private IP address so it applies the user's policies, instead of the location's policies - surrogate_
ip_ boolenforced_ for_ known_ browsers - Can only be
truewhensurrogate_IP==true, enforce surrogate IP for known browsers - surrogate_
refresh_ inttime_ in_ minutes - Required if
surrogate_IP_enforced_for_known_browsers==true, must be lower or equal thanidle_time_in_minutes, refresh Time for re-validation of Surrogacy - up_
bandwidth float - Download bandwidth cap of the link, in Mbps. Disabled if not set
- aup
Block BooleanInternet Until Accepted - aup
Enabled Boolean - Can only be
truewhenauth_required==false, display Acceptable Use Policy (AUP) - aup
Force BooleanSsl Inspection - Proxy HTTPs traffic, requiring Zscaler cert to be installed in browser
- aup
Timeout NumberIn Days - Required if
aup_enabled==true. Days before AUP is requested again - auth
Required Boolean - Enable this option to authenticate users
- caution
Enabled Boolean - Can only be
truewhenauth_required==false, display caution notification for non-authenticated users - dn
Bandwidth Number - Download bandwidth cap of the link, in Mbps. Disabled if not set
- idle
Time NumberIn Minutes - Required if
surrogate_IP==true, idle Time to Disassociation - name String
- Network name
- ofw
Enabled Boolean - If
true, enable the firewall control option - surrogate
Ip Boolean - Can only be
truewhenauth_required==true. Map a user to a private IP address so it applies the user's policies, instead of the location's policies - surrogate
Ip BooleanEnforced For Known Browsers - Can only be
truewhensurrogate_IP==true, enforce surrogate IP for known browsers - surrogate
Refresh NumberTime In Minutes - Required if
surrogate_IP_enforced_for_known_browsers==true, must be lower or equal thanidle_time_in_minutes, refresh Time for re-validation of Surrogacy - up
Bandwidth Number - Download bandwidth cap of the link, in Mbps. Disabled if not set
GatewayVrfConfig, GatewayVrfConfigArgs
- Enabled bool
- Whether to enable VRF (when supported on the device)
- Enabled bool
- Whether to enable VRF (when supported on the device)
- enabled Boolean
- Whether to enable VRF (when supported on the device)
- enabled boolean
- Whether to enable VRF (when supported on the device)
- enabled bool
- Whether to enable VRF (when supported on the device)
- enabled Boolean
- Whether to enable VRF (when supported on the device)
GatewayVrfInstances, GatewayVrfInstancesArgs
- Networks List<string>
- Networks []string
- networks List<String>
- networks string[]
- networks Sequence[str]
- networks List<String>
Import
Using pulumi import, import mist_device_gateway with:
Gateway Configuration can be imported by specifying the site_id and the device_id
$ pulumi import junipermist:device/gateway:Gateway gateway_one 17b46405-3a6d-4715-8bb4-6bb6d06f316a.d3c42998-9012-4859-9743-6b9bee475309
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- junipermist pulumi/pulumi-junipermist
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
mistTerraform Provider.