Docs Home
Juniper Mist v0.1.1 published on Monday, Nov 4, 2024 by Pulumi
junipermist.device.Gateway
Explore with Pulumi AI
This resource manages the Gateway configuration. It can be used to define specific configuration at the device level or to override Org Gateway template settings.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as junipermist from "@pulumi/juniper-mist";
const gatewayOne = new junipermist.device.Gateway("gateway_one", {
name: "gateway_one",
deviceId: clusterOne.deviceId,
siteId: clusterOne.siteId,
oobIpConfig: {
type: "dhcp",
},
dnsServers: ["8.8.8.8"],
additionalConfigCmds: [
"annotate system \" -- custom-main -- Template level --\"",
"delete apply-groups custom-main",
"delete groups custom-main",
"set groups custom-main",
"set groups custom-main system services ssh root-login allow",
"set apply-groups custom-main",
],
});
import pulumi
import pulumi_juniper_mist as junipermist
gateway_one = junipermist.device.Gateway("gateway_one",
name="gateway_one",
device_id=cluster_one["deviceId"],
site_id=cluster_one["siteId"],
oob_ip_config={
"type": "dhcp",
},
dns_servers=["8.8.8.8"],
additional_config_cmds=[
"annotate system \" -- custom-main -- Template level --\"",
"delete apply-groups custom-main",
"delete groups custom-main",
"set groups custom-main",
"set groups custom-main system services ssh root-login allow",
"set apply-groups custom-main",
])
package main
import (
"github.com/pulumi/pulumi-junipermist/sdk/go/junipermist/device"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := device.NewGateway(ctx, "gateway_one", &device.GatewayArgs{
Name: pulumi.String("gateway_one"),
DeviceId: pulumi.Any(clusterOne.DeviceId),
SiteId: pulumi.Any(clusterOne.SiteId),
OobIpConfig: &device.GatewayOobIpConfigArgs{
Type: pulumi.String("dhcp"),
},
DnsServers: pulumi.StringArray{
pulumi.String("8.8.8.8"),
},
AdditionalConfigCmds: pulumi.StringArray{
pulumi.String("annotate system \" -- custom-main -- Template level --\""),
pulumi.String("delete apply-groups custom-main"),
pulumi.String("delete groups custom-main"),
pulumi.String("set groups custom-main"),
pulumi.String("set groups custom-main system services ssh root-login allow"),
pulumi.String("set apply-groups custom-main"),
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using JuniperMist = Pulumi.JuniperMist;
return await Deployment.RunAsync(() =>
{
var gatewayOne = new JuniperMist.Device.Gateway("gateway_one", new()
{
Name = "gateway_one",
DeviceId = clusterOne.DeviceId,
SiteId = clusterOne.SiteId,
OobIpConfig = new JuniperMist.Device.Inputs.GatewayOobIpConfigArgs
{
Type = "dhcp",
},
DnsServers = new[]
{
"8.8.8.8",
},
AdditionalConfigCmds = new[]
{
"annotate system \" -- custom-main -- Template level --\"",
"delete apply-groups custom-main",
"delete groups custom-main",
"set groups custom-main",
"set groups custom-main system services ssh root-login allow",
"set apply-groups custom-main",
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.junipermist.device.Gateway;
import com.pulumi.junipermist.device.GatewayArgs;
import com.pulumi.junipermist.device.inputs.GatewayOobIpConfigArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var gatewayOne = new Gateway("gatewayOne", GatewayArgs.builder()
.name("gateway_one")
.deviceId(clusterOne.deviceId())
.siteId(clusterOne.siteId())
.oobIpConfig(GatewayOobIpConfigArgs.builder()
.type("dhcp")
.build())
.dnsServers("8.8.8.8")
.additionalConfigCmds(
"annotate system \" -- custom-main -- Template level --\"",
"delete apply-groups custom-main",
"delete groups custom-main",
"set groups custom-main",
"set groups custom-main system services ssh root-login allow",
"set apply-groups custom-main")
.build());
}
}
resources:
gatewayOne:
type: junipermist:device:Gateway
name: gateway_one
properties:
name: gateway_one
deviceId: ${clusterOne.deviceId}
siteId: ${clusterOne.siteId}
oobIpConfig:
type: dhcp
dnsServers:
- 8.8.8.8
additionalConfigCmds:
- annotate system " -- custom-main -- Template level --"
- delete apply-groups custom-main
- delete groups custom-main
- set groups custom-main
- set groups custom-main system services ssh root-login allow
- set apply-groups custom-main
Create Gateway Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new Gateway(name: string, args: GatewayArgs, opts?: CustomResourceOptions);@overload
def Gateway(resource_name: str,
args: GatewayArgs,
opts: Optional[ResourceOptions] = None)
@overload
def Gateway(resource_name: str,
opts: Optional[ResourceOptions] = None,
device_id: Optional[str] = None,
site_id: Optional[str] = None,
idp_profiles: Optional[Mapping[str, GatewayIdpProfilesArgs]] = None,
dns_servers: Optional[Sequence[str]] = None,
oob_ip_config: Optional[GatewayOobIpConfigArgs] = None,
dns_suffixes: Optional[Sequence[str]] = None,
extra_routes: Optional[Mapping[str, GatewayExtraRoutesArgs]] = None,
extra_routes6: Optional[Mapping[str, GatewayExtraRoutes6Args]] = None,
additional_config_cmds: Optional[Sequence[str]] = None,
ip_configs: Optional[Mapping[str, GatewayIpConfigsArgs]] = None,
managed: Optional[bool] = None,
map_id: Optional[str] = None,
msp_id: Optional[str] = None,
name: Optional[str] = None,
networks: Optional[Sequence[GatewayNetworkArgs]] = None,
notes: Optional[str] = None,
y: Optional[float] = None,
dhcpd_config: Optional[GatewayDhcpdConfigArgs] = None,
path_preferences: Optional[Mapping[str, GatewayPathPreferencesArgs]] = None,
port_config: Optional[Mapping[str, GatewayPortConfigArgs]] = None,
port_mirroring: Optional[GatewayPortMirroringArgs] = None,
router_id: Optional[str] = None,
routing_policies: Optional[Mapping[str, GatewayRoutingPoliciesArgs]] = None,
service_policies: Optional[Sequence[GatewayServicePolicyArgs]] = None,
bgp_config: Optional[Mapping[str, GatewayBgpConfigArgs]] = None,
tunnel_configs: Optional[Mapping[str, GatewayTunnelConfigsArgs]] = None,
tunnel_provider_options: Optional[GatewayTunnelProviderOptionsArgs] = None,
vars: Optional[Mapping[str, str]] = None,
vrf_config: Optional[GatewayVrfConfigArgs] = None,
vrf_instances: Optional[Mapping[str, GatewayVrfInstancesArgs]] = None,
x: Optional[float] = None,
ntp_servers: Optional[Sequence[str]] = None)func NewGateway(ctx *Context, name string, args GatewayArgs, opts ...ResourceOption) (*Gateway, error)public Gateway(string name, GatewayArgs args, CustomResourceOptions? opts = null)
public Gateway(String name, GatewayArgs args)
public Gateway(String name, GatewayArgs args, CustomResourceOptions options)
type: junipermist:device:Gateway
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args GatewayArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args GatewayArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args GatewayArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args GatewayArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args GatewayArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var gatewayResource = new JuniperMist.Device.Gateway("gatewayResource", new()
{
DeviceId = "string",
SiteId = "string",
IdpProfiles =
{
{ "string", new JuniperMist.Device.Inputs.GatewayIdpProfilesArgs
{
BaseProfile = "string",
Id = "string",
Name = "string",
OrgId = "string",
Overwrites = new[]
{
new JuniperMist.Device.Inputs.GatewayIdpProfilesOverwriteArgs
{
Action = "string",
Matching = new JuniperMist.Device.Inputs.GatewayIdpProfilesOverwriteMatchingArgs
{
AttackNames = new[]
{
"string",
},
DstSubnets = new[]
{
"string",
},
Severities = new[]
{
"string",
},
},
Name = "string",
},
},
} },
},
DnsServers = new[]
{
"string",
},
OobIpConfig = new JuniperMist.Device.Inputs.GatewayOobIpConfigArgs
{
Gateway = "string",
Ip = "string",
Netmask = "string",
Node1 = new JuniperMist.Device.Inputs.GatewayOobIpConfigNode1Args
{
Gateway = "string",
Ip = "string",
Netmask = "string",
Type = "string",
UseMgmtVrf = false,
UseMgmtVrfForHostOut = false,
VlanId = "string",
},
Type = "string",
UseMgmtVrf = false,
UseMgmtVrfForHostOut = false,
VlanId = "string",
},
DnsSuffixes = new[]
{
"string",
},
ExtraRoutes =
{
{ "string", new JuniperMist.Device.Inputs.GatewayExtraRoutesArgs
{
Via = "string",
} },
},
ExtraRoutes6 =
{
{ "string", new JuniperMist.Device.Inputs.GatewayExtraRoutes6Args
{
Via = "string",
} },
},
AdditionalConfigCmds = new[]
{
"string",
},
IpConfigs =
{
{ "string", new JuniperMist.Device.Inputs.GatewayIpConfigsArgs
{
Ip = "string",
Netmask = "string",
SecondaryIps = new[]
{
"string",
},
Type = "string",
} },
},
Managed = false,
MapId = "string",
MspId = "string",
Name = "string",
Networks = new[]
{
new JuniperMist.Device.Inputs.GatewayNetworkArgs
{
Name = "string",
Subnet = "string",
InternalAccess = new JuniperMist.Device.Inputs.GatewayNetworkInternalAccessArgs
{
Enabled = false,
},
DisallowMistServices = false,
InternetAccess = new JuniperMist.Device.Inputs.GatewayNetworkInternetAccessArgs
{
CreateSimpleServicePolicy = false,
DestinationNat =
{
{ "string", new JuniperMist.Device.Inputs.GatewayNetworkInternetAccessDestinationNatArgs
{
InternalIp = "string",
Name = "string",
Port = 0,
} },
},
Enabled = false,
Restricted = false,
StaticNat =
{
{ "string", new JuniperMist.Device.Inputs.GatewayNetworkInternetAccessStaticNatArgs
{
InternalIp = "string",
Name = "string",
WanName = "string",
} },
},
},
Isolation = false,
Multicast = new JuniperMist.Device.Inputs.GatewayNetworkMulticastArgs
{
DisableIgmp = false,
Enabled = false,
Groups =
{
{ "string", new JuniperMist.Device.Inputs.GatewayNetworkMulticastGroupsArgs
{
RpIp = "string",
} },
},
},
Gateway6 = "string",
RoutedForNetworks = new[]
{
"string",
},
Gateway = "string",
Subnet6 = "string",
Tenants =
{
{ "string", new JuniperMist.Device.Inputs.GatewayNetworkTenantsArgs
{
Addresses = new[]
{
"string",
},
} },
},
VlanId = "string",
VpnAccess =
{
{ "string", new JuniperMist.Device.Inputs.GatewayNetworkVpnAccessArgs
{
AdvertisedSubnet = "string",
AllowPing = false,
DestinationNat =
{
{ "string", new JuniperMist.Device.Inputs.GatewayNetworkVpnAccessDestinationNatArgs
{
InternalIp = "string",
Name = "string",
Port = 0,
} },
},
NatPool = "string",
NoReadvertiseToLanBgp = false,
NoReadvertiseToLanOspf = false,
NoReadvertiseToOverlay = false,
OtherVrfs = new[]
{
"string",
},
Routed = false,
SourceNat = new JuniperMist.Device.Inputs.GatewayNetworkVpnAccessSourceNatArgs
{
ExternalIp = "string",
},
StaticNat =
{
{ "string", new JuniperMist.Device.Inputs.GatewayNetworkVpnAccessStaticNatArgs
{
InternalIp = "string",
Name = "string",
WanName = "string",
} },
},
SummarizedSubnet = "string",
SummarizedSubnetToLanBgp = "string",
SummarizedSubnetToLanOspf = "string",
} },
},
},
},
Notes = "string",
Y = 0,
DhcpdConfig = new JuniperMist.Device.Inputs.GatewayDhcpdConfigArgs
{
Config =
{
{ "string", new JuniperMist.Device.Inputs.GatewayDhcpdConfigConfigArgs
{
DnsServers = new[]
{
"string",
},
DnsSuffixes = new[]
{
"string",
},
FixedBindings =
{
{ "string", new JuniperMist.Device.Inputs.GatewayDhcpdConfigConfigFixedBindingsArgs
{
Ip = "string",
Name = "string",
} },
},
Gateway = "string",
IpEnd = "string",
IpEnd6 = "string",
IpStart = "string",
IpStart6 = "string",
LeaseTime = 0,
Options =
{
{ "string", new JuniperMist.Device.Inputs.GatewayDhcpdConfigConfigOptionsArgs
{
Type = "string",
Value = "string",
} },
},
ServerIdOverride = false,
Servers = new[]
{
"string",
},
Servers6s = new[]
{
"string",
},
Type = "string",
Type6 = "string",
VendorEncapulated =
{
{ "string", new JuniperMist.Device.Inputs.GatewayDhcpdConfigConfigVendorEncapulatedArgs
{
Type = "string",
Value = "string",
} },
},
} },
},
Enabled = false,
},
PathPreferences =
{
{ "string", new JuniperMist.Device.Inputs.GatewayPathPreferencesArgs
{
Paths = new[]
{
new JuniperMist.Device.Inputs.GatewayPathPreferencesPathArgs
{
Cost = 0,
Disabled = false,
GatewayIp = "string",
InternetAccess = false,
Name = "string",
Networks = new[]
{
"string",
},
TargetIps = new[]
{
"string",
},
Type = "string",
WanName = "string",
},
},
Strategy = "string",
} },
},
PortConfig =
{
{ "string", new JuniperMist.Device.Inputs.GatewayPortConfigArgs
{
Usage = "string",
Networks = new[]
{
"string",
},
DslType = "string",
Aggregated = false,
OuterVlanId = 0,
Description = "string",
PortNetwork = "string",
Disabled = false,
PoeDisabled = false,
DslVci = 0,
DslVpi = 0,
Duplex = "string",
IpConfig = new JuniperMist.Device.Inputs.GatewayPortConfigIpConfigArgs
{
Dns = new[]
{
"string",
},
DnsSuffixes = new[]
{
"string",
},
Gateway = "string",
Ip = "string",
Netmask = "string",
Network = "string",
PoserPassword = "string",
PppoeAuth = "string",
PppoeUsername = "string",
Type = "string",
},
LteApn = "string",
LteAuth = "string",
LteBackup = false,
LtePassword = "string",
LteUsername = "string",
Mtu = 0,
Name = "string",
AeDisableLacp = false,
Critical = false,
AeLacpForceUp = false,
DisableAutoneg = false,
PreserveDscp = false,
Redundant = false,
RethIdx = 0,
RethNode = "string",
RethNodes = new[]
{
"string",
},
Speed = "string",
SsrNoVirtualMac = false,
SvrPortRange = "string",
TrafficShaping = new JuniperMist.Device.Inputs.GatewayPortConfigTrafficShapingArgs
{
ClassPercentages = new[]
{
0,
},
Enabled = false,
},
AeIdx = "string",
VlanId = 0,
VpnPaths =
{
{ "string", new JuniperMist.Device.Inputs.GatewayPortConfigVpnPathsArgs
{
BfdProfile = "string",
BfdUseTunnelMode = false,
LinkName = "string",
Preference = 0,
Role = "string",
TrafficShaping = new JuniperMist.Device.Inputs.GatewayPortConfigVpnPathsTrafficShapingArgs
{
ClassPercentages = new[]
{
0,
},
Enabled = false,
},
} },
},
WanArpPolicer = "string",
WanExtIp = "string",
WanExtraRoutes =
{
{ "string", new JuniperMist.Device.Inputs.GatewayPortConfigWanExtraRoutesArgs
{
Via = "string",
} },
},
WanProbeOverride = new JuniperMist.Device.Inputs.GatewayPortConfigWanProbeOverrideArgs
{
Ips = new[]
{
"string",
},
ProbeProfile = "string",
},
WanSourceNat = new JuniperMist.Device.Inputs.GatewayPortConfigWanSourceNatArgs
{
Disabled = false,
NatPool = "string",
},
WanType = "string",
} },
},
PortMirroring = new JuniperMist.Device.Inputs.GatewayPortMirroringArgs
{
PortMirror = new JuniperMist.Device.Inputs.GatewayPortMirroringPortMirrorArgs
{
FamilyType = "string",
IngressPortIds = new[]
{
"string",
},
OutputPortId = "string",
Rate = 0,
RunLength = 0,
},
},
RouterId = "string",
RoutingPolicies =
{
{ "string", new JuniperMist.Device.Inputs.GatewayRoutingPoliciesArgs
{
Terms = new[]
{
new JuniperMist.Device.Inputs.GatewayRoutingPoliciesTermArgs
{
Action = new JuniperMist.Device.Inputs.GatewayRoutingPoliciesTermActionArgs
{
Accept = false,
AddCommunities = new[]
{
"string",
},
AddTargetVrfs = new[]
{
"string",
},
Communities = new[]
{
"string",
},
ExcludeAsPaths = new[]
{
"string",
},
ExcludeCommunities = new[]
{
"string",
},
ExportCommunitites = new[]
{
"string",
},
LocalPreference = "string",
PrependAsPaths = new[]
{
"string",
},
},
Matching = new JuniperMist.Device.Inputs.GatewayRoutingPoliciesTermMatchingArgs
{
AsPaths = new[]
{
"string",
},
Communities = new[]
{
"string",
},
Networks = new[]
{
"string",
},
Prefixes = new[]
{
"string",
},
Protocols = new[]
{
"string",
},
RouteExists = new JuniperMist.Device.Inputs.GatewayRoutingPoliciesTermMatchingRouteExistsArgs
{
Route = "string",
VrfName = "string",
},
VpnNeighborMacs = new[]
{
"string",
},
VpnPathSla = new JuniperMist.Device.Inputs.GatewayRoutingPoliciesTermMatchingVpnPathSlaArgs
{
MaxJitter = 0,
MaxLatency = 0,
MaxLoss = 0,
},
VpnPaths = new[]
{
"string",
},
},
},
},
} },
},
ServicePolicies = new[]
{
new JuniperMist.Device.Inputs.GatewayServicePolicyArgs
{
Action = "string",
Appqoe = new JuniperMist.Device.Inputs.GatewayServicePolicyAppqoeArgs
{
Enabled = false,
},
Ewfs = new[]
{
new JuniperMist.Device.Inputs.GatewayServicePolicyEwfArgs
{
AlertOnly = false,
BlockMessage = "string",
Enabled = false,
Profile = "string",
},
},
Idp = new JuniperMist.Device.Inputs.GatewayServicePolicyIdpArgs
{
AlertOnly = false,
Enabled = false,
IdpprofileId = "string",
Profile = "string",
},
LocalRouting = false,
Name = "string",
PathPreference = "string",
ServicepolicyId = "string",
Services = new[]
{
"string",
},
Tenants = new[]
{
"string",
},
},
},
BgpConfig =
{
{ "string", new JuniperMist.Device.Inputs.GatewayBgpConfigArgs
{
AuthKey = "string",
BfdMinimumInterval = 0,
BfdMultiplier = 0,
DisableBfd = false,
Export = "string",
ExportPolicy = "string",
ExtendedV4Nexthop = false,
GracefulRestartTime = 0,
HoldTime = 0,
Import = "string",
ImportPolicy = "string",
LocalAs = 0,
NeighborAs = 0,
Neighbors =
{
{ "string", new JuniperMist.Device.Inputs.GatewayBgpConfigNeighborsArgs
{
Disabled = false,
ExportPolicy = "string",
HoldTime = 0,
ImportPolicy = "string",
MultihopTtl = 0,
NeighborAs = 0,
} },
},
Networks = new[]
{
"string",
},
NoReadvertiseToOverlay = false,
TunnelName = "string",
Type = "string",
Via = "string",
VpnName = "string",
WanName = "string",
} },
},
TunnelConfigs =
{
{ "string", new JuniperMist.Device.Inputs.GatewayTunnelConfigsArgs
{
AutoProvision = new JuniperMist.Device.Inputs.GatewayTunnelConfigsAutoProvisionArgs
{
Enable = false,
Latlng = new JuniperMist.Device.Inputs.GatewayTunnelConfigsAutoProvisionLatlngArgs
{
Lat = 0,
Lng = 0,
},
Primary = new JuniperMist.Device.Inputs.GatewayTunnelConfigsAutoProvisionPrimaryArgs
{
NumHosts = "string",
WanNames = new[]
{
"string",
},
},
Secondary = new JuniperMist.Device.Inputs.GatewayTunnelConfigsAutoProvisionSecondaryArgs
{
NumHosts = "string",
WanNames = new[]
{
"string",
},
},
},
IkeLifetime = 0,
IkeMode = "string",
IkeProposals = new[]
{
new JuniperMist.Device.Inputs.GatewayTunnelConfigsIkeProposalArgs
{
AuthAlgo = "string",
DhGroup = "string",
EncAlgo = "string",
},
},
IpsecLifetime = 0,
IpsecProposals = new[]
{
new JuniperMist.Device.Inputs.GatewayTunnelConfigsIpsecProposalArgs
{
AuthAlgo = "string",
DhGroup = "string",
EncAlgo = "string",
},
},
LocalId = "string",
Mode = "string",
Networks = new[]
{
"string",
},
Primary = new JuniperMist.Device.Inputs.GatewayTunnelConfigsPrimaryArgs
{
Hosts = new[]
{
"string",
},
InternalIps = new[]
{
"string",
},
ProbeIps = new[]
{
"string",
},
RemoteIds = new[]
{
"string",
},
WanNames = new[]
{
"string",
},
},
Probe = new JuniperMist.Device.Inputs.GatewayTunnelConfigsProbeArgs
{
Interval = 0,
Threshold = 0,
Timeout = 0,
Type = "string",
},
Protocol = "string",
Provider = "string",
Psk = "string",
Secondary = new JuniperMist.Device.Inputs.GatewayTunnelConfigsSecondaryArgs
{
Hosts = new[]
{
"string",
},
InternalIps = new[]
{
"string",
},
ProbeIps = new[]
{
"string",
},
RemoteIds = new[]
{
"string",
},
WanNames = new[]
{
"string",
},
},
Version = "string",
} },
},
TunnelProviderOptions = new JuniperMist.Device.Inputs.GatewayTunnelProviderOptionsArgs
{
Jse = new JuniperMist.Device.Inputs.GatewayTunnelProviderOptionsJseArgs
{
Name = "string",
NumUsers = 0,
},
Zscaler = new JuniperMist.Device.Inputs.GatewayTunnelProviderOptionsZscalerArgs
{
AupAcceptanceRequired = false,
AupExpire = 0,
AupSslProxy = false,
DownloadMbps = 0,
EnableAup = false,
EnableCaution = false,
EnforceAuthentication = false,
Name = "string",
SubLocations = new[]
{
new JuniperMist.Device.Inputs.GatewayTunnelProviderOptionsZscalerSubLocationArgs
{
AupAcceptanceRequired = false,
AupExpire = 0,
AupSslProxy = false,
DownloadMbps = 0,
EnableAup = false,
EnableCaution = false,
EnforceAuthentication = false,
Subnets = new[]
{
"string",
},
UploadMbps = 0,
},
},
UploadMbps = 0,
UseXff = false,
},
},
Vars =
{
{ "string", "string" },
},
VrfConfig = new JuniperMist.Device.Inputs.GatewayVrfConfigArgs
{
Enabled = false,
},
VrfInstances =
{
{ "string", new JuniperMist.Device.Inputs.GatewayVrfInstancesArgs
{
Networks = new[]
{
"string",
},
} },
},
X = 0,
NtpServers = new[]
{
"string",
},
});
example, err := device.NewGateway(ctx, "gatewayResource", &device.GatewayArgs{
DeviceId: pulumi.String("string"),
SiteId: pulumi.String("string"),
IdpProfiles: device.GatewayIdpProfilesMap{
"string": &device.GatewayIdpProfilesArgs{
BaseProfile: pulumi.String("string"),
Id: pulumi.String("string"),
Name: pulumi.String("string"),
OrgId: pulumi.String("string"),
Overwrites: device.GatewayIdpProfilesOverwriteArray{
&device.GatewayIdpProfilesOverwriteArgs{
Action: pulumi.String("string"),
Matching: &device.GatewayIdpProfilesOverwriteMatchingArgs{
AttackNames: pulumi.StringArray{
pulumi.String("string"),
},
DstSubnets: pulumi.StringArray{
pulumi.String("string"),
},
Severities: pulumi.StringArray{
pulumi.String("string"),
},
},
Name: pulumi.String("string"),
},
},
},
},
DnsServers: pulumi.StringArray{
pulumi.String("string"),
},
OobIpConfig: &device.GatewayOobIpConfigArgs{
Gateway: pulumi.String("string"),
Ip: pulumi.String("string"),
Netmask: pulumi.String("string"),
Node1: &device.GatewayOobIpConfigNode1Args{
Gateway: pulumi.String("string"),
Ip: pulumi.String("string"),
Netmask: pulumi.String("string"),
Type: pulumi.String("string"),
UseMgmtVrf: pulumi.Bool(false),
UseMgmtVrfForHostOut: pulumi.Bool(false),
VlanId: pulumi.String("string"),
},
Type: pulumi.String("string"),
UseMgmtVrf: pulumi.Bool(false),
UseMgmtVrfForHostOut: pulumi.Bool(false),
VlanId: pulumi.String("string"),
},
DnsSuffixes: pulumi.StringArray{
pulumi.String("string"),
},
ExtraRoutes: device.GatewayExtraRoutesMap{
"string": &device.GatewayExtraRoutesArgs{
Via: pulumi.String("string"),
},
},
ExtraRoutes6: device.GatewayExtraRoutes6Map{
"string": &device.GatewayExtraRoutes6Args{
Via: pulumi.String("string"),
},
},
AdditionalConfigCmds: pulumi.StringArray{
pulumi.String("string"),
},
IpConfigs: device.GatewayIpConfigsMap{
"string": &device.GatewayIpConfigsArgs{
Ip: pulumi.String("string"),
Netmask: pulumi.String("string"),
SecondaryIps: pulumi.StringArray{
pulumi.String("string"),
},
Type: pulumi.String("string"),
},
},
Managed: pulumi.Bool(false),
MapId: pulumi.String("string"),
MspId: pulumi.String("string"),
Name: pulumi.String("string"),
Networks: device.GatewayNetworkArray{
&device.GatewayNetworkArgs{
Name: pulumi.String("string"),
Subnet: pulumi.String("string"),
InternalAccess: &device.GatewayNetworkInternalAccessArgs{
Enabled: pulumi.Bool(false),
},
DisallowMistServices: pulumi.Bool(false),
InternetAccess: &device.GatewayNetworkInternetAccessArgs{
CreateSimpleServicePolicy: pulumi.Bool(false),
DestinationNat: device.GatewayNetworkInternetAccessDestinationNatMap{
"string": &device.GatewayNetworkInternetAccessDestinationNatArgs{
InternalIp: pulumi.String("string"),
Name: pulumi.String("string"),
Port: pulumi.Int(0),
},
},
Enabled: pulumi.Bool(false),
Restricted: pulumi.Bool(false),
StaticNat: device.GatewayNetworkInternetAccessStaticNatMap{
"string": &device.GatewayNetworkInternetAccessStaticNatArgs{
InternalIp: pulumi.String("string"),
Name: pulumi.String("string"),
WanName: pulumi.String("string"),
},
},
},
Isolation: pulumi.Bool(false),
Multicast: &device.GatewayNetworkMulticastArgs{
DisableIgmp: pulumi.Bool(false),
Enabled: pulumi.Bool(false),
Groups: device.GatewayNetworkMulticastGroupsMap{
"string": &device.GatewayNetworkMulticastGroupsArgs{
RpIp: pulumi.String("string"),
},
},
},
Gateway6: pulumi.String("string"),
RoutedForNetworks: pulumi.StringArray{
pulumi.String("string"),
},
Gateway: pulumi.String("string"),
Subnet6: pulumi.String("string"),
Tenants: device.GatewayNetworkTenantsMap{
"string": &device.GatewayNetworkTenantsArgs{
Addresses: pulumi.StringArray{
pulumi.String("string"),
},
},
},
VlanId: pulumi.String("string"),
VpnAccess: device.GatewayNetworkVpnAccessMap{
"string": &device.GatewayNetworkVpnAccessArgs{
AdvertisedSubnet: pulumi.String("string"),
AllowPing: pulumi.Bool(false),
DestinationNat: device.GatewayNetworkVpnAccessDestinationNatMap{
"string": &device.GatewayNetworkVpnAccessDestinationNatArgs{
InternalIp: pulumi.String("string"),
Name: pulumi.String("string"),
Port: pulumi.Int(0),
},
},
NatPool: pulumi.String("string"),
NoReadvertiseToLanBgp: pulumi.Bool(false),
NoReadvertiseToLanOspf: pulumi.Bool(false),
NoReadvertiseToOverlay: pulumi.Bool(false),
OtherVrfs: pulumi.StringArray{
pulumi.String("string"),
},
Routed: pulumi.Bool(false),
SourceNat: &device.GatewayNetworkVpnAccessSourceNatArgs{
ExternalIp: pulumi.String("string"),
},
StaticNat: device.GatewayNetworkVpnAccessStaticNatMap{
"string": &device.GatewayNetworkVpnAccessStaticNatArgs{
InternalIp: pulumi.String("string"),
Name: pulumi.String("string"),
WanName: pulumi.String("string"),
},
},
SummarizedSubnet: pulumi.String("string"),
SummarizedSubnetToLanBgp: pulumi.String("string"),
SummarizedSubnetToLanOspf: pulumi.String("string"),
},
},
},
},
Notes: pulumi.String("string"),
Y: pulumi.Float64(0),
DhcpdConfig: &device.GatewayDhcpdConfigArgs{
Config: device.GatewayDhcpdConfigConfigMap{
"string": &device.GatewayDhcpdConfigConfigArgs{
DnsServers: pulumi.StringArray{
pulumi.String("string"),
},
DnsSuffixes: pulumi.StringArray{
pulumi.String("string"),
},
FixedBindings: device.GatewayDhcpdConfigConfigFixedBindingsMap{
"string": &device.GatewayDhcpdConfigConfigFixedBindingsArgs{
Ip: pulumi.String("string"),
Name: pulumi.String("string"),
},
},
Gateway: pulumi.String("string"),
IpEnd: pulumi.String("string"),
IpEnd6: pulumi.String("string"),
IpStart: pulumi.String("string"),
IpStart6: pulumi.String("string"),
LeaseTime: pulumi.Int(0),
Options: device.GatewayDhcpdConfigConfigOptionsMap{
"string": &device.GatewayDhcpdConfigConfigOptionsArgs{
Type: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
ServerIdOverride: pulumi.Bool(false),
Servers: pulumi.StringArray{
pulumi.String("string"),
},
Servers6s: pulumi.StringArray{
pulumi.String("string"),
},
Type: pulumi.String("string"),
Type6: pulumi.String("string"),
VendorEncapulated: device.GatewayDhcpdConfigConfigVendorEncapulatedMap{
"string": &device.GatewayDhcpdConfigConfigVendorEncapulatedArgs{
Type: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
},
},
Enabled: pulumi.Bool(false),
},
PathPreferences: device.GatewayPathPreferencesMap{
"string": &device.GatewayPathPreferencesArgs{
Paths: device.GatewayPathPreferencesPathArray{
&device.GatewayPathPreferencesPathArgs{
Cost: pulumi.Int(0),
Disabled: pulumi.Bool(false),
GatewayIp: pulumi.String("string"),
InternetAccess: pulumi.Bool(false),
Name: pulumi.String("string"),
Networks: pulumi.StringArray{
pulumi.String("string"),
},
TargetIps: pulumi.StringArray{
pulumi.String("string"),
},
Type: pulumi.String("string"),
WanName: pulumi.String("string"),
},
},
Strategy: pulumi.String("string"),
},
},
PortConfig: device.GatewayPortConfigMap{
"string": &device.GatewayPortConfigArgs{
Usage: pulumi.String("string"),
Networks: pulumi.StringArray{
pulumi.String("string"),
},
DslType: pulumi.String("string"),
Aggregated: pulumi.Bool(false),
OuterVlanId: pulumi.Int(0),
Description: pulumi.String("string"),
PortNetwork: pulumi.String("string"),
Disabled: pulumi.Bool(false),
PoeDisabled: pulumi.Bool(false),
DslVci: pulumi.Int(0),
DslVpi: pulumi.Int(0),
Duplex: pulumi.String("string"),
IpConfig: &device.GatewayPortConfigIpConfigArgs{
Dns: pulumi.StringArray{
pulumi.String("string"),
},
DnsSuffixes: pulumi.StringArray{
pulumi.String("string"),
},
Gateway: pulumi.String("string"),
Ip: pulumi.String("string"),
Netmask: pulumi.String("string"),
Network: pulumi.String("string"),
PoserPassword: pulumi.String("string"),
PppoeAuth: pulumi.String("string"),
PppoeUsername: pulumi.String("string"),
Type: pulumi.String("string"),
},
LteApn: pulumi.String("string"),
LteAuth: pulumi.String("string"),
LteBackup: pulumi.Bool(false),
LtePassword: pulumi.String("string"),
LteUsername: pulumi.String("string"),
Mtu: pulumi.Int(0),
Name: pulumi.String("string"),
AeDisableLacp: pulumi.Bool(false),
Critical: pulumi.Bool(false),
AeLacpForceUp: pulumi.Bool(false),
DisableAutoneg: pulumi.Bool(false),
PreserveDscp: pulumi.Bool(false),
Redundant: pulumi.Bool(false),
RethIdx: pulumi.Int(0),
RethNode: pulumi.String("string"),
RethNodes: pulumi.StringArray{
pulumi.String("string"),
},
Speed: pulumi.String("string"),
SsrNoVirtualMac: pulumi.Bool(false),
SvrPortRange: pulumi.String("string"),
TrafficShaping: &device.GatewayPortConfigTrafficShapingArgs{
ClassPercentages: pulumi.IntArray{
pulumi.Int(0),
},
Enabled: pulumi.Bool(false),
},
AeIdx: pulumi.String("string"),
VlanId: pulumi.Int(0),
VpnPaths: device.GatewayPortConfigVpnPathsMap{
"string": &device.GatewayPortConfigVpnPathsArgs{
BfdProfile: pulumi.String("string"),
BfdUseTunnelMode: pulumi.Bool(false),
LinkName: pulumi.String("string"),
Preference: pulumi.Int(0),
Role: pulumi.String("string"),
TrafficShaping: &device.GatewayPortConfigVpnPathsTrafficShapingArgs{
ClassPercentages: pulumi.IntArray{
pulumi.Int(0),
},
Enabled: pulumi.Bool(false),
},
},
},
WanArpPolicer: pulumi.String("string"),
WanExtIp: pulumi.String("string"),
WanExtraRoutes: device.GatewayPortConfigWanExtraRoutesMap{
"string": &device.GatewayPortConfigWanExtraRoutesArgs{
Via: pulumi.String("string"),
},
},
WanProbeOverride: &device.GatewayPortConfigWanProbeOverrideArgs{
Ips: pulumi.StringArray{
pulumi.String("string"),
},
ProbeProfile: pulumi.String("string"),
},
WanSourceNat: &device.GatewayPortConfigWanSourceNatArgs{
Disabled: pulumi.Bool(false),
NatPool: pulumi.String("string"),
},
WanType: pulumi.String("string"),
},
},
PortMirroring: &device.GatewayPortMirroringArgs{
PortMirror: &device.GatewayPortMirroringPortMirrorArgs{
FamilyType: pulumi.String("string"),
IngressPortIds: pulumi.StringArray{
pulumi.String("string"),
},
OutputPortId: pulumi.String("string"),
Rate: pulumi.Int(0),
RunLength: pulumi.Int(0),
},
},
RouterId: pulumi.String("string"),
RoutingPolicies: device.GatewayRoutingPoliciesMap{
"string": &device.GatewayRoutingPoliciesArgs{
Terms: device.GatewayRoutingPoliciesTermArray{
&device.GatewayRoutingPoliciesTermArgs{
Action: &device.GatewayRoutingPoliciesTermActionArgs{
Accept: pulumi.Bool(false),
AddCommunities: pulumi.StringArray{
pulumi.String("string"),
},
AddTargetVrfs: pulumi.StringArray{
pulumi.String("string"),
},
Communities: pulumi.StringArray{
pulumi.String("string"),
},
ExcludeAsPaths: pulumi.StringArray{
pulumi.String("string"),
},
ExcludeCommunities: pulumi.StringArray{
pulumi.String("string"),
},
ExportCommunitites: pulumi.StringArray{
pulumi.String("string"),
},
LocalPreference: pulumi.String("string"),
PrependAsPaths: pulumi.StringArray{
pulumi.String("string"),
},
},
Matching: &device.GatewayRoutingPoliciesTermMatchingArgs{
AsPaths: pulumi.StringArray{
pulumi.String("string"),
},
Communities: pulumi.StringArray{
pulumi.String("string"),
},
Networks: pulumi.StringArray{
pulumi.String("string"),
},
Prefixes: pulumi.StringArray{
pulumi.String("string"),
},
Protocols: pulumi.StringArray{
pulumi.String("string"),
},
RouteExists: &device.GatewayRoutingPoliciesTermMatchingRouteExistsArgs{
Route: pulumi.String("string"),
VrfName: pulumi.String("string"),
},
VpnNeighborMacs: pulumi.StringArray{
pulumi.String("string"),
},
VpnPathSla: &device.GatewayRoutingPoliciesTermMatchingVpnPathSlaArgs{
MaxJitter: pulumi.Int(0),
MaxLatency: pulumi.Int(0),
MaxLoss: pulumi.Int(0),
},
VpnPaths: pulumi.StringArray{
pulumi.String("string"),
},
},
},
},
},
},
ServicePolicies: device.GatewayServicePolicyArray{
&device.GatewayServicePolicyArgs{
Action: pulumi.String("string"),
Appqoe: &device.GatewayServicePolicyAppqoeArgs{
Enabled: pulumi.Bool(false),
},
Ewfs: device.GatewayServicePolicyEwfArray{
&device.GatewayServicePolicyEwfArgs{
AlertOnly: pulumi.Bool(false),
BlockMessage: pulumi.String("string"),
Enabled: pulumi.Bool(false),
Profile: pulumi.String("string"),
},
},
Idp: &device.GatewayServicePolicyIdpArgs{
AlertOnly: pulumi.Bool(false),
Enabled: pulumi.Bool(false),
IdpprofileId: pulumi.String("string"),
Profile: pulumi.String("string"),
},
LocalRouting: pulumi.Bool(false),
Name: pulumi.String("string"),
PathPreference: pulumi.String("string"),
ServicepolicyId: pulumi.String("string"),
Services: pulumi.StringArray{
pulumi.String("string"),
},
Tenants: pulumi.StringArray{
pulumi.String("string"),
},
},
},
BgpConfig: device.GatewayBgpConfigMap{
"string": &device.GatewayBgpConfigArgs{
AuthKey: pulumi.String("string"),
BfdMinimumInterval: pulumi.Int(0),
BfdMultiplier: pulumi.Int(0),
DisableBfd: pulumi.Bool(false),
Export: pulumi.String("string"),
ExportPolicy: pulumi.String("string"),
ExtendedV4Nexthop: pulumi.Bool(false),
GracefulRestartTime: pulumi.Int(0),
HoldTime: pulumi.Int(0),
Import: pulumi.String("string"),
ImportPolicy: pulumi.String("string"),
LocalAs: pulumi.Int(0),
NeighborAs: pulumi.Int(0),
Neighbors: device.GatewayBgpConfigNeighborsMap{
"string": &device.GatewayBgpConfigNeighborsArgs{
Disabled: pulumi.Bool(false),
ExportPolicy: pulumi.String("string"),
HoldTime: pulumi.Int(0),
ImportPolicy: pulumi.String("string"),
MultihopTtl: pulumi.Int(0),
NeighborAs: pulumi.Int(0),
},
},
Networks: pulumi.StringArray{
pulumi.String("string"),
},
NoReadvertiseToOverlay: pulumi.Bool(false),
TunnelName: pulumi.String("string"),
Type: pulumi.String("string"),
Via: pulumi.String("string"),
VpnName: pulumi.String("string"),
WanName: pulumi.String("string"),
},
},
TunnelConfigs: device.GatewayTunnelConfigsMap{
"string": &device.GatewayTunnelConfigsArgs{
AutoProvision: &device.GatewayTunnelConfigsAutoProvisionArgs{
Enable: pulumi.Bool(false),
Latlng: &device.GatewayTunnelConfigsAutoProvisionLatlngArgs{
Lat: pulumi.Float64(0),
Lng: pulumi.Float64(0),
},
Primary: &device.GatewayTunnelConfigsAutoProvisionPrimaryArgs{
NumHosts: pulumi.String("string"),
WanNames: pulumi.StringArray{
pulumi.String("string"),
},
},
Secondary: &device.GatewayTunnelConfigsAutoProvisionSecondaryArgs{
NumHosts: pulumi.String("string"),
WanNames: pulumi.StringArray{
pulumi.String("string"),
},
},
},
IkeLifetime: pulumi.Int(0),
IkeMode: pulumi.String("string"),
IkeProposals: device.GatewayTunnelConfigsIkeProposalArray{
&device.GatewayTunnelConfigsIkeProposalArgs{
AuthAlgo: pulumi.String("string"),
DhGroup: pulumi.String("string"),
EncAlgo: pulumi.String("string"),
},
},
IpsecLifetime: pulumi.Int(0),
IpsecProposals: device.GatewayTunnelConfigsIpsecProposalArray{
&device.GatewayTunnelConfigsIpsecProposalArgs{
AuthAlgo: pulumi.String("string"),
DhGroup: pulumi.String("string"),
EncAlgo: pulumi.String("string"),
},
},
LocalId: pulumi.String("string"),
Mode: pulumi.String("string"),
Networks: pulumi.StringArray{
pulumi.String("string"),
},
Primary: &device.GatewayTunnelConfigsPrimaryArgs{
Hosts: pulumi.StringArray{
pulumi.String("string"),
},
InternalIps: pulumi.StringArray{
pulumi.String("string"),
},
ProbeIps: pulumi.StringArray{
pulumi.String("string"),
},
RemoteIds: pulumi.StringArray{
pulumi.String("string"),
},
WanNames: pulumi.StringArray{
pulumi.String("string"),
},
},
Probe: &device.GatewayTunnelConfigsProbeArgs{
Interval: pulumi.Int(0),
Threshold: pulumi.Int(0),
Timeout: pulumi.Int(0),
Type: pulumi.String("string"),
},
Protocol: pulumi.String("string"),
Provider: pulumi.String("string"),
Psk: pulumi.String("string"),
Secondary: &device.GatewayTunnelConfigsSecondaryArgs{
Hosts: pulumi.StringArray{
pulumi.String("string"),
},
InternalIps: pulumi.StringArray{
pulumi.String("string"),
},
ProbeIps: pulumi.StringArray{
pulumi.String("string"),
},
RemoteIds: pulumi.StringArray{
pulumi.String("string"),
},
WanNames: pulumi.StringArray{
pulumi.String("string"),
},
},
Version: pulumi.String("string"),
},
},
TunnelProviderOptions: &device.GatewayTunnelProviderOptionsArgs{
Jse: &device.GatewayTunnelProviderOptionsJseArgs{
Name: pulumi.String("string"),
NumUsers: pulumi.Int(0),
},
Zscaler: &device.GatewayTunnelProviderOptionsZscalerArgs{
AupAcceptanceRequired: pulumi.Bool(false),
AupExpire: pulumi.Int(0),
AupSslProxy: pulumi.Bool(false),
DownloadMbps: pulumi.Int(0),
EnableAup: pulumi.Bool(false),
EnableCaution: pulumi.Bool(false),
EnforceAuthentication: pulumi.Bool(false),
Name: pulumi.String("string"),
SubLocations: device.GatewayTunnelProviderOptionsZscalerSubLocationArray{
&device.GatewayTunnelProviderOptionsZscalerSubLocationArgs{
AupAcceptanceRequired: pulumi.Bool(false),
AupExpire: pulumi.Int(0),
AupSslProxy: pulumi.Bool(false),
DownloadMbps: pulumi.Int(0),
EnableAup: pulumi.Bool(false),
EnableCaution: pulumi.Bool(false),
EnforceAuthentication: pulumi.Bool(false),
Subnets: pulumi.StringArray{
pulumi.String("string"),
},
UploadMbps: pulumi.Int(0),
},
},
UploadMbps: pulumi.Int(0),
UseXff: pulumi.Bool(false),
},
},
Vars: pulumi.StringMap{
"string": pulumi.String("string"),
},
VrfConfig: &device.GatewayVrfConfigArgs{
Enabled: pulumi.Bool(false),
},
VrfInstances: device.GatewayVrfInstancesMap{
"string": &device.GatewayVrfInstancesArgs{
Networks: pulumi.StringArray{
pulumi.String("string"),
},
},
},
X: pulumi.Float64(0),
NtpServers: pulumi.StringArray{
pulumi.String("string"),
},
})
var gatewayResource = new Gateway("gatewayResource", GatewayArgs.builder()
.deviceId("string")
.siteId("string")
.idpProfiles(Map.of("string", Map.ofEntries(
Map.entry("baseProfile", "string"),
Map.entry("id", "string"),
Map.entry("name", "string"),
Map.entry("orgId", "string"),
Map.entry("overwrites", Map.ofEntries(
Map.entry("action", "string"),
Map.entry("matching", Map.ofEntries(
Map.entry("attackNames", "string"),
Map.entry("dstSubnets", "string"),
Map.entry("severities", "string")
)),
Map.entry("name", "string")
))
)))
.dnsServers("string")
.oobIpConfig(GatewayOobIpConfigArgs.builder()
.gateway("string")
.ip("string")
.netmask("string")
.node1(GatewayOobIpConfigNode1Args.builder()
.gateway("string")
.ip("string")
.netmask("string")
.type("string")
.useMgmtVrf(false)
.useMgmtVrfForHostOut(false)
.vlanId("string")
.build())
.type("string")
.useMgmtVrf(false)
.useMgmtVrfForHostOut(false)
.vlanId("string")
.build())
.dnsSuffixes("string")
.extraRoutes(Map.of("string", Map.of("via", "string")))
.extraRoutes6(Map.of("string", Map.of("via", "string")))
.additionalConfigCmds("string")
.ipConfigs(Map.of("string", Map.ofEntries(
Map.entry("ip", "string"),
Map.entry("netmask", "string"),
Map.entry("secondaryIps", "string"),
Map.entry("type", "string")
)))
.managed(false)
.mapId("string")
.mspId("string")
.name("string")
.networks(GatewayNetworkArgs.builder()
.name("string")
.subnet("string")
.internalAccess(GatewayNetworkInternalAccessArgs.builder()
.enabled(false)
.build())
.disallowMistServices(false)
.internetAccess(GatewayNetworkInternetAccessArgs.builder()
.createSimpleServicePolicy(false)
.destinationNat(Map.of("string", Map.ofEntries(
Map.entry("internalIp", "string"),
Map.entry("name", "string"),
Map.entry("port", 0)
)))
.enabled(false)
.restricted(false)
.staticNat(Map.of("string", Map.ofEntries(
Map.entry("internalIp", "string"),
Map.entry("name", "string"),
Map.entry("wanName", "string")
)))
.build())
.isolation(false)
.multicast(GatewayNetworkMulticastArgs.builder()
.disableIgmp(false)
.enabled(false)
.groups(Map.of("string", Map.of("rpIp", "string")))
.build())
.gateway6("string")
.routedForNetworks("string")
.gateway("string")
.subnet6("string")
.tenants(Map.of("string", Map.of("addresses", "string")))
.vlanId("string")
.vpnAccess(Map.of("string", Map.ofEntries(
Map.entry("advertisedSubnet", "string"),
Map.entry("allowPing", false),
Map.entry("destinationNat", Map.of("string", Map.ofEntries(
Map.entry("internalIp", "string"),
Map.entry("name", "string"),
Map.entry("port", 0)
))),
Map.entry("natPool", "string"),
Map.entry("noReadvertiseToLanBgp", false),
Map.entry("noReadvertiseToLanOspf", false),
Map.entry("noReadvertiseToOverlay", false),
Map.entry("otherVrfs", "string"),
Map.entry("routed", false),
Map.entry("sourceNat", Map.of("externalIp", "string")),
Map.entry("staticNat", Map.of("string", Map.ofEntries(
Map.entry("internalIp", "string"),
Map.entry("name", "string"),
Map.entry("wanName", "string")
))),
Map.entry("summarizedSubnet", "string"),
Map.entry("summarizedSubnetToLanBgp", "string"),
Map.entry("summarizedSubnetToLanOspf", "string")
)))
.build())
.notes("string")
.y(0)
.dhcpdConfig(GatewayDhcpdConfigArgs.builder()
.config(Map.of("string", Map.ofEntries(
Map.entry("dnsServers", "string"),
Map.entry("dnsSuffixes", "string"),
Map.entry("fixedBindings", Map.of("string", Map.ofEntries(
Map.entry("ip", "string"),
Map.entry("name", "string")
))),
Map.entry("gateway", "string"),
Map.entry("ipEnd", "string"),
Map.entry("ipEnd6", "string"),
Map.entry("ipStart", "string"),
Map.entry("ipStart6", "string"),
Map.entry("leaseTime", 0),
Map.entry("options", Map.of("string", Map.ofEntries(
Map.entry("type", "string"),
Map.entry("value", "string")
))),
Map.entry("serverIdOverride", false),
Map.entry("servers", "string"),
Map.entry("servers6s", "string"),
Map.entry("type", "string"),
Map.entry("type6", "string"),
Map.entry("vendorEncapulated", Map.of("string", Map.ofEntries(
Map.entry("type", "string"),
Map.entry("value", "string")
)))
)))
.enabled(false)
.build())
.pathPreferences(Map.of("string", Map.ofEntries(
Map.entry("paths", Map.ofEntries(
Map.entry("cost", 0),
Map.entry("disabled", false),
Map.entry("gatewayIp", "string"),
Map.entry("internetAccess", false),
Map.entry("name", "string"),
Map.entry("networks", "string"),
Map.entry("targetIps", "string"),
Map.entry("type", "string"),
Map.entry("wanName", "string")
)),
Map.entry("strategy", "string")
)))
.portConfig(Map.of("string", Map.ofEntries(
Map.entry("usage", "string"),
Map.entry("networks", "string"),
Map.entry("dslType", "string"),
Map.entry("aggregated", false),
Map.entry("outerVlanId", 0),
Map.entry("description", "string"),
Map.entry("portNetwork", "string"),
Map.entry("disabled", false),
Map.entry("poeDisabled", false),
Map.entry("dslVci", 0),
Map.entry("dslVpi", 0),
Map.entry("duplex", "string"),
Map.entry("ipConfig", Map.ofEntries(
Map.entry("dns", "string"),
Map.entry("dnsSuffixes", "string"),
Map.entry("gateway", "string"),
Map.entry("ip", "string"),
Map.entry("netmask", "string"),
Map.entry("network", "string"),
Map.entry("poserPassword", "string"),
Map.entry("pppoeAuth", "string"),
Map.entry("pppoeUsername", "string"),
Map.entry("type", "string")
)),
Map.entry("lteApn", "string"),
Map.entry("lteAuth", "string"),
Map.entry("lteBackup", false),
Map.entry("ltePassword", "string"),
Map.entry("lteUsername", "string"),
Map.entry("mtu", 0),
Map.entry("name", "string"),
Map.entry("aeDisableLacp", false),
Map.entry("critical", false),
Map.entry("aeLacpForceUp", false),
Map.entry("disableAutoneg", false),
Map.entry("preserveDscp", false),
Map.entry("redundant", false),
Map.entry("rethIdx", 0),
Map.entry("rethNode", "string"),
Map.entry("rethNodes", "string"),
Map.entry("speed", "string"),
Map.entry("ssrNoVirtualMac", false),
Map.entry("svrPortRange", "string"),
Map.entry("trafficShaping", Map.ofEntries(
Map.entry("classPercentages", 0),
Map.entry("enabled", false)
)),
Map.entry("aeIdx", "string"),
Map.entry("vlanId", 0),
Map.entry("vpnPaths", Map.of("string", Map.ofEntries(
Map.entry("bfdProfile", "string"),
Map.entry("bfdUseTunnelMode", false),
Map.entry("linkName", "string"),
Map.entry("preference", 0),
Map.entry("role", "string"),
Map.entry("trafficShaping", Map.ofEntries(
Map.entry("classPercentages", 0),
Map.entry("enabled", false)
))
))),
Map.entry("wanArpPolicer", "string"),
Map.entry("wanExtIp", "string"),
Map.entry("wanExtraRoutes", Map.of("string", Map.of("via", "string"))),
Map.entry("wanProbeOverride", Map.ofEntries(
Map.entry("ips", "string"),
Map.entry("probeProfile", "string")
)),
Map.entry("wanSourceNat", Map.ofEntries(
Map.entry("disabled", false),
Map.entry("natPool", "string")
)),
Map.entry("wanType", "string")
)))
.portMirroring(GatewayPortMirroringArgs.builder()
.portMirror(GatewayPortMirroringPortMirrorArgs.builder()
.familyType("string")
.ingressPortIds("string")
.outputPortId("string")
.rate(0)
.runLength(0)
.build())
.build())
.routerId("string")
.routingPolicies(Map.of("string", Map.of("terms", Map.ofEntries(
Map.entry("action", Map.ofEntries(
Map.entry("accept", false),
Map.entry("addCommunities", "string"),
Map.entry("addTargetVrfs", "string"),
Map.entry("communities", "string"),
Map.entry("excludeAsPaths", "string"),
Map.entry("excludeCommunities", "string"),
Map.entry("exportCommunitites", "string"),
Map.entry("localPreference", "string"),
Map.entry("prependAsPaths", "string")
)),
Map.entry("matching", Map.ofEntries(
Map.entry("asPaths", "string"),
Map.entry("communities", "string"),
Map.entry("networks", "string"),
Map.entry("prefixes", "string"),
Map.entry("protocols", "string"),
Map.entry("routeExists", Map.ofEntries(
Map.entry("route", "string"),
Map.entry("vrfName", "string")
)),
Map.entry("vpnNeighborMacs", "string"),
Map.entry("vpnPathSla", Map.ofEntries(
Map.entry("maxJitter", 0),
Map.entry("maxLatency", 0),
Map.entry("maxLoss", 0)
)),
Map.entry("vpnPaths", "string")
))
))))
.servicePolicies(GatewayServicePolicyArgs.builder()
.action("string")
.appqoe(GatewayServicePolicyAppqoeArgs.builder()
.enabled(false)
.build())
.ewfs(GatewayServicePolicyEwfArgs.builder()
.alertOnly(false)
.blockMessage("string")
.enabled(false)
.profile("string")
.build())
.idp(GatewayServicePolicyIdpArgs.builder()
.alertOnly(false)
.enabled(false)
.idpprofileId("string")
.profile("string")
.build())
.localRouting(false)
.name("string")
.pathPreference("string")
.servicepolicyId("string")
.services("string")
.tenants("string")
.build())
.bgpConfig(Map.of("string", Map.ofEntries(
Map.entry("authKey", "string"),
Map.entry("bfdMinimumInterval", 0),
Map.entry("bfdMultiplier", 0),
Map.entry("disableBfd", false),
Map.entry("export", "string"),
Map.entry("exportPolicy", "string"),
Map.entry("extendedV4Nexthop", false),
Map.entry("gracefulRestartTime", 0),
Map.entry("holdTime", 0),
Map.entry("import", "string"),
Map.entry("importPolicy", "string"),
Map.entry("localAs", 0),
Map.entry("neighborAs", 0),
Map.entry("neighbors", Map.of("string", Map.ofEntries(
Map.entry("disabled", false),
Map.entry("exportPolicy", "string"),
Map.entry("holdTime", 0),
Map.entry("importPolicy", "string"),
Map.entry("multihopTtl", 0),
Map.entry("neighborAs", 0)
))),
Map.entry("networks", "string"),
Map.entry("noReadvertiseToOverlay", false),
Map.entry("tunnelName", "string"),
Map.entry("type", "string"),
Map.entry("via", "string"),
Map.entry("vpnName", "string"),
Map.entry("wanName", "string")
)))
.tunnelConfigs(Map.of("string", Map.ofEntries(
Map.entry("autoProvision", Map.ofEntries(
Map.entry("enable", false),
Map.entry("latlng", Map.ofEntries(
Map.entry("lat", 0),
Map.entry("lng", 0)
)),
Map.entry("primary", Map.ofEntries(
Map.entry("numHosts", "string"),
Map.entry("wanNames", "string")
)),
Map.entry("secondary", Map.ofEntries(
Map.entry("numHosts", "string"),
Map.entry("wanNames", "string")
))
)),
Map.entry("ikeLifetime", 0),
Map.entry("ikeMode", "string"),
Map.entry("ikeProposals", Map.ofEntries(
Map.entry("authAlgo", "string"),
Map.entry("dhGroup", "string"),
Map.entry("encAlgo", "string")
)),
Map.entry("ipsecLifetime", 0),
Map.entry("ipsecProposals", Map.ofEntries(
Map.entry("authAlgo", "string"),
Map.entry("dhGroup", "string"),
Map.entry("encAlgo", "string")
)),
Map.entry("localId", "string"),
Map.entry("mode", "string"),
Map.entry("networks", "string"),
Map.entry("primary", Map.ofEntries(
Map.entry("hosts", "string"),
Map.entry("internalIps", "string"),
Map.entry("probeIps", "string"),
Map.entry("remoteIds", "string"),
Map.entry("wanNames", "string")
)),
Map.entry("probe", Map.ofEntries(
Map.entry("interval", 0),
Map.entry("threshold", 0),
Map.entry("timeout", 0),
Map.entry("type", "string")
)),
Map.entry("protocol", "string"),
Map.entry("provider", "string"),
Map.entry("psk", "string"),
Map.entry("secondary", Map.ofEntries(
Map.entry("hosts", "string"),
Map.entry("internalIps", "string"),
Map.entry("probeIps", "string"),
Map.entry("remoteIds", "string"),
Map.entry("wanNames", "string")
)),
Map.entry("version", "string")
)))
.tunnelProviderOptions(GatewayTunnelProviderOptionsArgs.builder()
.jse(GatewayTunnelProviderOptionsJseArgs.builder()
.name("string")
.numUsers(0)
.build())
.zscaler(GatewayTunnelProviderOptionsZscalerArgs.builder()
.aupAcceptanceRequired(false)
.aupExpire(0)
.aupSslProxy(false)
.downloadMbps(0)
.enableAup(false)
.enableCaution(false)
.enforceAuthentication(false)
.name("string")
.subLocations(GatewayTunnelProviderOptionsZscalerSubLocationArgs.builder()
.aupAcceptanceRequired(false)
.aupExpire(0)
.aupSslProxy(false)
.downloadMbps(0)
.enableAup(false)
.enableCaution(false)
.enforceAuthentication(false)
.subnets("string")
.uploadMbps(0)
.build())
.uploadMbps(0)
.useXff(false)
.build())
.build())
.vars(Map.of("string", "string"))
.vrfConfig(GatewayVrfConfigArgs.builder()
.enabled(false)
.build())
.vrfInstances(Map.of("string", Map.of("networks", "string")))
.x(0)
.ntpServers("string")
.build());
gateway_resource = junipermist.device.Gateway("gatewayResource",
device_id="string",
site_id="string",
idp_profiles={
"string": {
"base_profile": "string",
"id": "string",
"name": "string",
"org_id": "string",
"overwrites": [{
"action": "string",
"matching": {
"attack_names": ["string"],
"dst_subnets": ["string"],
"severities": ["string"],
},
"name": "string",
}],
},
},
dns_servers=["string"],
oob_ip_config={
"gateway": "string",
"ip": "string",
"netmask": "string",
"node1": {
"gateway": "string",
"ip": "string",
"netmask": "string",
"type": "string",
"use_mgmt_vrf": False,
"use_mgmt_vrf_for_host_out": False,
"vlan_id": "string",
},
"type": "string",
"use_mgmt_vrf": False,
"use_mgmt_vrf_for_host_out": False,
"vlan_id": "string",
},
dns_suffixes=["string"],
extra_routes={
"string": {
"via": "string",
},
},
extra_routes6={
"string": {
"via": "string",
},
},
additional_config_cmds=["string"],
ip_configs={
"string": {
"ip": "string",
"netmask": "string",
"secondary_ips": ["string"],
"type": "string",
},
},
managed=False,
map_id="string",
msp_id="string",
name="string",
networks=[{
"name": "string",
"subnet": "string",
"internal_access": {
"enabled": False,
},
"disallow_mist_services": False,
"internet_access": {
"create_simple_service_policy": False,
"destination_nat": {
"string": {
"internal_ip": "string",
"name": "string",
"port": 0,
},
},
"enabled": False,
"restricted": False,
"static_nat": {
"string": {
"internal_ip": "string",
"name": "string",
"wan_name": "string",
},
},
},
"isolation": False,
"multicast": {
"disable_igmp": False,
"enabled": False,
"groups": {
"string": {
"rp_ip": "string",
},
},
},
"gateway6": "string",
"routed_for_networks": ["string"],
"gateway": "string",
"subnet6": "string",
"tenants": {
"string": {
"addresses": ["string"],
},
},
"vlan_id": "string",
"vpn_access": {
"string": {
"advertised_subnet": "string",
"allow_ping": False,
"destination_nat": {
"string": {
"internal_ip": "string",
"name": "string",
"port": 0,
},
},
"nat_pool": "string",
"no_readvertise_to_lan_bgp": False,
"no_readvertise_to_lan_ospf": False,
"no_readvertise_to_overlay": False,
"other_vrfs": ["string"],
"routed": False,
"source_nat": {
"external_ip": "string",
},
"static_nat": {
"string": {
"internal_ip": "string",
"name": "string",
"wan_name": "string",
},
},
"summarized_subnet": "string",
"summarized_subnet_to_lan_bgp": "string",
"summarized_subnet_to_lan_ospf": "string",
},
},
}],
notes="string",
y=0,
dhcpd_config={
"config": {
"string": {
"dns_servers": ["string"],
"dns_suffixes": ["string"],
"fixed_bindings": {
"string": {
"ip": "string",
"name": "string",
},
},
"gateway": "string",
"ip_end": "string",
"ip_end6": "string",
"ip_start": "string",
"ip_start6": "string",
"lease_time": 0,
"options": {
"string": {
"type": "string",
"value": "string",
},
},
"server_id_override": False,
"servers": ["string"],
"servers6s": ["string"],
"type": "string",
"type6": "string",
"vendor_encapulated": {
"string": {
"type": "string",
"value": "string",
},
},
},
},
"enabled": False,
},
path_preferences={
"string": {
"paths": [{
"cost": 0,
"disabled": False,
"gateway_ip": "string",
"internet_access": False,
"name": "string",
"networks": ["string"],
"target_ips": ["string"],
"type": "string",
"wan_name": "string",
}],
"strategy": "string",
},
},
port_config={
"string": {
"usage": "string",
"networks": ["string"],
"dsl_type": "string",
"aggregated": False,
"outer_vlan_id": 0,
"description": "string",
"port_network": "string",
"disabled": False,
"poe_disabled": False,
"dsl_vci": 0,
"dsl_vpi": 0,
"duplex": "string",
"ip_config": {
"dns": ["string"],
"dns_suffixes": ["string"],
"gateway": "string",
"ip": "string",
"netmask": "string",
"network": "string",
"poser_password": "string",
"pppoe_auth": "string",
"pppoe_username": "string",
"type": "string",
},
"lte_apn": "string",
"lte_auth": "string",
"lte_backup": False,
"lte_password": "string",
"lte_username": "string",
"mtu": 0,
"name": "string",
"ae_disable_lacp": False,
"critical": False,
"ae_lacp_force_up": False,
"disable_autoneg": False,
"preserve_dscp": False,
"redundant": False,
"reth_idx": 0,
"reth_node": "string",
"reth_nodes": ["string"],
"speed": "string",
"ssr_no_virtual_mac": False,
"svr_port_range": "string",
"traffic_shaping": {
"class_percentages": [0],
"enabled": False,
},
"ae_idx": "string",
"vlan_id": 0,
"vpn_paths": {
"string": {
"bfd_profile": "string",
"bfd_use_tunnel_mode": False,
"link_name": "string",
"preference": 0,
"role": "string",
"traffic_shaping": {
"class_percentages": [0],
"enabled": False,
},
},
},
"wan_arp_policer": "string",
"wan_ext_ip": "string",
"wan_extra_routes": {
"string": {
"via": "string",
},
},
"wan_probe_override": {
"ips": ["string"],
"probe_profile": "string",
},
"wan_source_nat": {
"disabled": False,
"nat_pool": "string",
},
"wan_type": "string",
},
},
port_mirroring={
"port_mirror": {
"family_type": "string",
"ingress_port_ids": ["string"],
"output_port_id": "string",
"rate": 0,
"run_length": 0,
},
},
router_id="string",
routing_policies={
"string": {
"terms": [{
"action": {
"accept": False,
"add_communities": ["string"],
"add_target_vrfs": ["string"],
"communities": ["string"],
"exclude_as_paths": ["string"],
"exclude_communities": ["string"],
"export_communitites": ["string"],
"local_preference": "string",
"prepend_as_paths": ["string"],
},
"matching": {
"as_paths": ["string"],
"communities": ["string"],
"networks": ["string"],
"prefixes": ["string"],
"protocols": ["string"],
"route_exists": {
"route": "string",
"vrf_name": "string",
},
"vpn_neighbor_macs": ["string"],
"vpn_path_sla": {
"max_jitter": 0,
"max_latency": 0,
"max_loss": 0,
},
"vpn_paths": ["string"],
},
}],
},
},
service_policies=[{
"action": "string",
"appqoe": {
"enabled": False,
},
"ewfs": [{
"alert_only": False,
"block_message": "string",
"enabled": False,
"profile": "string",
}],
"idp": {
"alert_only": False,
"enabled": False,
"idpprofile_id": "string",
"profile": "string",
},
"local_routing": False,
"name": "string",
"path_preference": "string",
"servicepolicy_id": "string",
"services": ["string"],
"tenants": ["string"],
}],
bgp_config={
"string": {
"auth_key": "string",
"bfd_minimum_interval": 0,
"bfd_multiplier": 0,
"disable_bfd": False,
"export": "string",
"export_policy": "string",
"extended_v4_nexthop": False,
"graceful_restart_time": 0,
"hold_time": 0,
"import_": "string",
"import_policy": "string",
"local_as": 0,
"neighbor_as": 0,
"neighbors": {
"string": {
"disabled": False,
"export_policy": "string",
"hold_time": 0,
"import_policy": "string",
"multihop_ttl": 0,
"neighbor_as": 0,
},
},
"networks": ["string"],
"no_readvertise_to_overlay": False,
"tunnel_name": "string",
"type": "string",
"via": "string",
"vpn_name": "string",
"wan_name": "string",
},
},
tunnel_configs={
"string": {
"auto_provision": {
"enable": False,
"latlng": {
"lat": 0,
"lng": 0,
},
"primary": {
"num_hosts": "string",
"wan_names": ["string"],
},
"secondary": {
"num_hosts": "string",
"wan_names": ["string"],
},
},
"ike_lifetime": 0,
"ike_mode": "string",
"ike_proposals": [{
"auth_algo": "string",
"dh_group": "string",
"enc_algo": "string",
}],
"ipsec_lifetime": 0,
"ipsec_proposals": [{
"auth_algo": "string",
"dh_group": "string",
"enc_algo": "string",
}],
"local_id": "string",
"mode": "string",
"networks": ["string"],
"primary": {
"hosts": ["string"],
"internal_ips": ["string"],
"probe_ips": ["string"],
"remote_ids": ["string"],
"wan_names": ["string"],
},
"probe": {
"interval": 0,
"threshold": 0,
"timeout": 0,
"type": "string",
},
"protocol": "string",
"provider": "string",
"psk": "string",
"secondary": {
"hosts": ["string"],
"internal_ips": ["string"],
"probe_ips": ["string"],
"remote_ids": ["string"],
"wan_names": ["string"],
},
"version": "string",
},
},
tunnel_provider_options={
"jse": {
"name": "string",
"num_users": 0,
},
"zscaler": {
"aup_acceptance_required": False,
"aup_expire": 0,
"aup_ssl_proxy": False,
"download_mbps": 0,
"enable_aup": False,
"enable_caution": False,
"enforce_authentication": False,
"name": "string",
"sub_locations": [{
"aup_acceptance_required": False,
"aup_expire": 0,
"aup_ssl_proxy": False,
"download_mbps": 0,
"enable_aup": False,
"enable_caution": False,
"enforce_authentication": False,
"subnets": ["string"],
"upload_mbps": 0,
}],
"upload_mbps": 0,
"use_xff": False,
},
},
vars={
"string": "string",
},
vrf_config={
"enabled": False,
},
vrf_instances={
"string": {
"networks": ["string"],
},
},
x=0,
ntp_servers=["string"])
const gatewayResource = new junipermist.device.Gateway("gatewayResource", {
deviceId: "string",
siteId: "string",
idpProfiles: {
string: {
baseProfile: "string",
id: "string",
name: "string",
orgId: "string",
overwrites: [{
action: "string",
matching: {
attackNames: ["string"],
dstSubnets: ["string"],
severities: ["string"],
},
name: "string",
}],
},
},
dnsServers: ["string"],
oobIpConfig: {
gateway: "string",
ip: "string",
netmask: "string",
node1: {
gateway: "string",
ip: "string",
netmask: "string",
type: "string",
useMgmtVrf: false,
useMgmtVrfForHostOut: false,
vlanId: "string",
},
type: "string",
useMgmtVrf: false,
useMgmtVrfForHostOut: false,
vlanId: "string",
},
dnsSuffixes: ["string"],
extraRoutes: {
string: {
via: "string",
},
},
extraRoutes6: {
string: {
via: "string",
},
},
additionalConfigCmds: ["string"],
ipConfigs: {
string: {
ip: "string",
netmask: "string",
secondaryIps: ["string"],
type: "string",
},
},
managed: false,
mapId: "string",
mspId: "string",
name: "string",
networks: [{
name: "string",
subnet: "string",
internalAccess: {
enabled: false,
},
disallowMistServices: false,
internetAccess: {
createSimpleServicePolicy: false,
destinationNat: {
string: {
internalIp: "string",
name: "string",
port: 0,
},
},
enabled: false,
restricted: false,
staticNat: {
string: {
internalIp: "string",
name: "string",
wanName: "string",
},
},
},
isolation: false,
multicast: {
disableIgmp: false,
enabled: false,
groups: {
string: {
rpIp: "string",
},
},
},
gateway6: "string",
routedForNetworks: ["string"],
gateway: "string",
subnet6: "string",
tenants: {
string: {
addresses: ["string"],
},
},
vlanId: "string",
vpnAccess: {
string: {
advertisedSubnet: "string",
allowPing: false,
destinationNat: {
string: {
internalIp: "string",
name: "string",
port: 0,
},
},
natPool: "string",
noReadvertiseToLanBgp: false,
noReadvertiseToLanOspf: false,
noReadvertiseToOverlay: false,
otherVrfs: ["string"],
routed: false,
sourceNat: {
externalIp: "string",
},
staticNat: {
string: {
internalIp: "string",
name: "string",
wanName: "string",
},
},
summarizedSubnet: "string",
summarizedSubnetToLanBgp: "string",
summarizedSubnetToLanOspf: "string",
},
},
}],
notes: "string",
y: 0,
dhcpdConfig: {
config: {
string: {
dnsServers: ["string"],
dnsSuffixes: ["string"],
fixedBindings: {
string: {
ip: "string",
name: "string",
},
},
gateway: "string",
ipEnd: "string",
ipEnd6: "string",
ipStart: "string",
ipStart6: "string",
leaseTime: 0,
options: {
string: {
type: "string",
value: "string",
},
},
serverIdOverride: false,
servers: ["string"],
servers6s: ["string"],
type: "string",
type6: "string",
vendorEncapulated: {
string: {
type: "string",
value: "string",
},
},
},
},
enabled: false,
},
pathPreferences: {
string: {
paths: [{
cost: 0,
disabled: false,
gatewayIp: "string",
internetAccess: false,
name: "string",
networks: ["string"],
targetIps: ["string"],
type: "string",
wanName: "string",
}],
strategy: "string",
},
},
portConfig: {
string: {
usage: "string",
networks: ["string"],
dslType: "string",
aggregated: false,
outerVlanId: 0,
description: "string",
portNetwork: "string",
disabled: false,
poeDisabled: false,
dslVci: 0,
dslVpi: 0,
duplex: "string",
ipConfig: {
dns: ["string"],
dnsSuffixes: ["string"],
gateway: "string",
ip: "string",
netmask: "string",
network: "string",
poserPassword: "string",
pppoeAuth: "string",
pppoeUsername: "string",
type: "string",
},
lteApn: "string",
lteAuth: "string",
lteBackup: false,
ltePassword: "string",
lteUsername: "string",
mtu: 0,
name: "string",
aeDisableLacp: false,
critical: false,
aeLacpForceUp: false,
disableAutoneg: false,
preserveDscp: false,
redundant: false,
rethIdx: 0,
rethNode: "string",
rethNodes: ["string"],
speed: "string",
ssrNoVirtualMac: false,
svrPortRange: "string",
trafficShaping: {
classPercentages: [0],
enabled: false,
},
aeIdx: "string",
vlanId: 0,
vpnPaths: {
string: {
bfdProfile: "string",
bfdUseTunnelMode: false,
linkName: "string",
preference: 0,
role: "string",
trafficShaping: {
classPercentages: [0],
enabled: false,
},
},
},
wanArpPolicer: "string",
wanExtIp: "string",
wanExtraRoutes: {
string: {
via: "string",
},
},
wanProbeOverride: {
ips: ["string"],
probeProfile: "string",
},
wanSourceNat: {
disabled: false,
natPool: "string",
},
wanType: "string",
},
},
portMirroring: {
portMirror: {
familyType: "string",
ingressPortIds: ["string"],
outputPortId: "string",
rate: 0,
runLength: 0,
},
},
routerId: "string",
routingPolicies: {
string: {
terms: [{
action: {
accept: false,
addCommunities: ["string"],
addTargetVrfs: ["string"],
communities: ["string"],
excludeAsPaths: ["string"],
excludeCommunities: ["string"],
exportCommunitites: ["string"],
localPreference: "string",
prependAsPaths: ["string"],
},
matching: {
asPaths: ["string"],
communities: ["string"],
networks: ["string"],
prefixes: ["string"],
protocols: ["string"],
routeExists: {
route: "string",
vrfName: "string",
},
vpnNeighborMacs: ["string"],
vpnPathSla: {
maxJitter: 0,
maxLatency: 0,
maxLoss: 0,
},
vpnPaths: ["string"],
},
}],
},
},
servicePolicies: [{
action: "string",
appqoe: {
enabled: false,
},
ewfs: [{
alertOnly: false,
blockMessage: "string",
enabled: false,
profile: "string",
}],
idp: {
alertOnly: false,
enabled: false,
idpprofileId: "string",
profile: "string",
},
localRouting: false,
name: "string",
pathPreference: "string",
servicepolicyId: "string",
services: ["string"],
tenants: ["string"],
}],
bgpConfig: {
string: {
authKey: "string",
bfdMinimumInterval: 0,
bfdMultiplier: 0,
disableBfd: false,
"export": "string",
exportPolicy: "string",
extendedV4Nexthop: false,
gracefulRestartTime: 0,
holdTime: 0,
"import": "string",
importPolicy: "string",
localAs: 0,
neighborAs: 0,
neighbors: {
string: {
disabled: false,
exportPolicy: "string",
holdTime: 0,
importPolicy: "string",
multihopTtl: 0,
neighborAs: 0,
},
},
networks: ["string"],
noReadvertiseToOverlay: false,
tunnelName: "string",
type: "string",
via: "string",
vpnName: "string",
wanName: "string",
},
},
tunnelConfigs: {
string: {
autoProvision: {
enable: false,
latlng: {
lat: 0,
lng: 0,
},
primary: {
numHosts: "string",
wanNames: ["string"],
},
secondary: {
numHosts: "string",
wanNames: ["string"],
},
},
ikeLifetime: 0,
ikeMode: "string",
ikeProposals: [{
authAlgo: "string",
dhGroup: "string",
encAlgo: "string",
}],
ipsecLifetime: 0,
ipsecProposals: [{
authAlgo: "string",
dhGroup: "string",
encAlgo: "string",
}],
localId: "string",
mode: "string",
networks: ["string"],
primary: {
hosts: ["string"],
internalIps: ["string"],
probeIps: ["string"],
remoteIds: ["string"],
wanNames: ["string"],
},
probe: {
interval: 0,
threshold: 0,
timeout: 0,
type: "string",
},
protocol: "string",
provider: "string",
psk: "string",
secondary: {
hosts: ["string"],
internalIps: ["string"],
probeIps: ["string"],
remoteIds: ["string"],
wanNames: ["string"],
},
version: "string",
},
},
tunnelProviderOptions: {
jse: {
name: "string",
numUsers: 0,
},
zscaler: {
aupAcceptanceRequired: false,
aupExpire: 0,
aupSslProxy: false,
downloadMbps: 0,
enableAup: false,
enableCaution: false,
enforceAuthentication: false,
name: "string",
subLocations: [{
aupAcceptanceRequired: false,
aupExpire: 0,
aupSslProxy: false,
downloadMbps: 0,
enableAup: false,
enableCaution: false,
enforceAuthentication: false,
subnets: ["string"],
uploadMbps: 0,
}],
uploadMbps: 0,
useXff: false,
},
},
vars: {
string: "string",
},
vrfConfig: {
enabled: false,
},
vrfInstances: {
string: {
networks: ["string"],
},
},
x: 0,
ntpServers: ["string"],
});
type: junipermist:device:Gateway
properties:
additionalConfigCmds:
- string
bgpConfig:
string:
authKey: string
bfdMinimumInterval: 0
bfdMultiplier: 0
disableBfd: false
export: string
exportPolicy: string
extendedV4Nexthop: false
gracefulRestartTime: 0
holdTime: 0
import: string
importPolicy: string
localAs: 0
neighborAs: 0
neighbors:
string:
disabled: false
exportPolicy: string
holdTime: 0
importPolicy: string
multihopTtl: 0
neighborAs: 0
networks:
- string
noReadvertiseToOverlay: false
tunnelName: string
type: string
via: string
vpnName: string
wanName: string
deviceId: string
dhcpdConfig:
config:
string:
dnsServers:
- string
dnsSuffixes:
- string
fixedBindings:
string:
ip: string
name: string
gateway: string
ipEnd: string
ipEnd6: string
ipStart: string
ipStart6: string
leaseTime: 0
options:
string:
type: string
value: string
serverIdOverride: false
servers:
- string
servers6s:
- string
type: string
type6: string
vendorEncapulated:
string:
type: string
value: string
enabled: false
dnsServers:
- string
dnsSuffixes:
- string
extraRoutes:
string:
via: string
extraRoutes6:
string:
via: string
idpProfiles:
string:
baseProfile: string
id: string
name: string
orgId: string
overwrites:
- action: string
matching:
attackNames:
- string
dstSubnets:
- string
severities:
- string
name: string
ipConfigs:
string:
ip: string
netmask: string
secondaryIps:
- string
type: string
managed: false
mapId: string
mspId: string
name: string
networks:
- disallowMistServices: false
gateway: string
gateway6: string
internalAccess:
enabled: false
internetAccess:
createSimpleServicePolicy: false
destinationNat:
string:
internalIp: string
name: string
port: 0
enabled: false
restricted: false
staticNat:
string:
internalIp: string
name: string
wanName: string
isolation: false
multicast:
disableIgmp: false
enabled: false
groups:
string:
rpIp: string
name: string
routedForNetworks:
- string
subnet: string
subnet6: string
tenants:
string:
addresses:
- string
vlanId: string
vpnAccess:
string:
advertisedSubnet: string
allowPing: false
destinationNat:
string:
internalIp: string
name: string
port: 0
natPool: string
noReadvertiseToLanBgp: false
noReadvertiseToLanOspf: false
noReadvertiseToOverlay: false
otherVrfs:
- string
routed: false
sourceNat:
externalIp: string
staticNat:
string:
internalIp: string
name: string
wanName: string
summarizedSubnet: string
summarizedSubnetToLanBgp: string
summarizedSubnetToLanOspf: string
notes: string
ntpServers:
- string
oobIpConfig:
gateway: string
ip: string
netmask: string
node1:
gateway: string
ip: string
netmask: string
type: string
useMgmtVrf: false
useMgmtVrfForHostOut: false
vlanId: string
type: string
useMgmtVrf: false
useMgmtVrfForHostOut: false
vlanId: string
pathPreferences:
string:
paths:
- cost: 0
disabled: false
gatewayIp: string
internetAccess: false
name: string
networks:
- string
targetIps:
- string
type: string
wanName: string
strategy: string
portConfig:
string:
aeDisableLacp: false
aeIdx: string
aeLacpForceUp: false
aggregated: false
critical: false
description: string
disableAutoneg: false
disabled: false
dslType: string
dslVci: 0
dslVpi: 0
duplex: string
ipConfig:
dns:
- string
dnsSuffixes:
- string
gateway: string
ip: string
netmask: string
network: string
poserPassword: string
pppoeAuth: string
pppoeUsername: string
type: string
lteApn: string
lteAuth: string
lteBackup: false
ltePassword: string
lteUsername: string
mtu: 0
name: string
networks:
- string
outerVlanId: 0
poeDisabled: false
portNetwork: string
preserveDscp: false
redundant: false
rethIdx: 0
rethNode: string
rethNodes:
- string
speed: string
ssrNoVirtualMac: false
svrPortRange: string
trafficShaping:
classPercentages:
- 0
enabled: false
usage: string
vlanId: 0
vpnPaths:
string:
bfdProfile: string
bfdUseTunnelMode: false
linkName: string
preference: 0
role: string
trafficShaping:
classPercentages:
- 0
enabled: false
wanArpPolicer: string
wanExtIp: string
wanExtraRoutes:
string:
via: string
wanProbeOverride:
ips:
- string
probeProfile: string
wanSourceNat:
disabled: false
natPool: string
wanType: string
portMirroring:
portMirror:
familyType: string
ingressPortIds:
- string
outputPortId: string
rate: 0
runLength: 0
routerId: string
routingPolicies:
string:
terms:
- action:
accept: false
addCommunities:
- string
addTargetVrfs:
- string
communities:
- string
excludeAsPaths:
- string
excludeCommunities:
- string
exportCommunitites:
- string
localPreference: string
prependAsPaths:
- string
matching:
asPaths:
- string
communities:
- string
networks:
- string
prefixes:
- string
protocols:
- string
routeExists:
route: string
vrfName: string
vpnNeighborMacs:
- string
vpnPathSla:
maxJitter: 0
maxLatency: 0
maxLoss: 0
vpnPaths:
- string
servicePolicies:
- action: string
appqoe:
enabled: false
ewfs:
- alertOnly: false
blockMessage: string
enabled: false
profile: string
idp:
alertOnly: false
enabled: false
idpprofileId: string
profile: string
localRouting: false
name: string
pathPreference: string
servicepolicyId: string
services:
- string
tenants:
- string
siteId: string
tunnelConfigs:
string:
autoProvision:
enable: false
latlng:
lat: 0
lng: 0
primary:
numHosts: string
wanNames:
- string
secondary:
numHosts: string
wanNames:
- string
ikeLifetime: 0
ikeMode: string
ikeProposals:
- authAlgo: string
dhGroup: string
encAlgo: string
ipsecLifetime: 0
ipsecProposals:
- authAlgo: string
dhGroup: string
encAlgo: string
localId: string
mode: string
networks:
- string
primary:
hosts:
- string
internalIps:
- string
probeIps:
- string
remoteIds:
- string
wanNames:
- string
probe:
interval: 0
threshold: 0
timeout: 0
type: string
protocol: string
provider: string
psk: string
secondary:
hosts:
- string
internalIps:
- string
probeIps:
- string
remoteIds:
- string
wanNames:
- string
version: string
tunnelProviderOptions:
jse:
name: string
numUsers: 0
zscaler:
aupAcceptanceRequired: false
aupExpire: 0
aupSslProxy: false
downloadMbps: 0
enableAup: false
enableCaution: false
enforceAuthentication: false
name: string
subLocations:
- aupAcceptanceRequired: false
aupExpire: 0
aupSslProxy: false
downloadMbps: 0
enableAup: false
enableCaution: false
enforceAuthentication: false
subnets:
- string
uploadMbps: 0
uploadMbps: 0
useXff: false
vars:
string: string
vrfConfig:
enabled: false
vrfInstances:
string:
networks:
- string
x: 0
"y": 0
Gateway Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The Gateway resource accepts the following input properties:
- Device
Id string - Site
Id string - Additional
Config List<string>Cmds - additional CLI commands to append to the generated Junos config Note: no check is done
- Bgp
Config Dictionary<string, Pulumi.Juniper Mist. Device. Inputs. Gateway Bgp Config Args> - Dhcpd
Config Pulumi.Juniper Mist. Device. Inputs. Gateway Dhcpd Config - Dns
Servers List<string> - Global dns settings. To keep compatibility, dns settings in
ip_configandoob_ip_configwill overwrite this setting - Dns
Suffixes List<string> - Global dns settings. To keep compatibility, dns settings in
ip_configandoob_ip_configwill overwrite this setting - Extra
Routes Dictionary<string, Pulumi.Juniper Mist. Device. Inputs. Gateway Extra Routes Args> - Property key is the destination CIDR (e.g. "10.0.0.0/8")
- Extra
Routes6 Dictionary<string, Pulumi.Juniper Mist. Device. Inputs. Gateway Extra Routes6Args> - Property key is the destination CIDR (e.g. "2a02:1234:420a:10c9::/64")
- Idp
Profiles Dictionary<string, Pulumi.Juniper Mist. Device. Inputs. Gateway Idp Profiles Args> - Property key is the profile name
- Ip
Configs Dictionary<string, Pulumi.Juniper Mist. Device. Inputs. Gateway Ip Configs Args> - Property key is the network name
- Managed bool
- Map
Id string - map where the device belongs to
- Msp
Id string - Name string
- Networks
List<Pulumi.
Juniper Mist. Device. Inputs. Gateway Network> - Notes string
- Ntp
Servers List<string> - Oob
Ip Pulumi.Config Juniper Mist. Device. Inputs. Gateway Oob Ip Config - out-of-band (vme/em0/fxp0) IP config
- Path
Preferences Dictionary<string, Pulumi.Juniper Mist. Device. Inputs. Gateway Path Preferences Args> - Property key is the path name
- Port
Config Dictionary<string, Pulumi.Juniper Mist. Device. Inputs. Gateway Port Config Args> - Property key is the port name or range (e.g. "ge-0/0/0-10")
- Port
Mirroring Pulumi.Juniper Mist. Device. Inputs. Gateway Port Mirroring - Router
Id string - auto assigned if not set
- Routing
Policies Dictionary<string, Pulumi.Juniper Mist. Device. Inputs. Gateway Routing Policies Args> - Property key is the routing policy name
- Service
Policies List<Pulumi.Juniper Mist. Device. Inputs. Gateway Service Policy> - Tunnel
Configs Dictionary<string, Pulumi.Juniper Mist. Device. Inputs. Gateway Tunnel Configs Args> - Property key is the tunnel name
- Tunnel
Provider Pulumi.Options Juniper Mist. Device. Inputs. Gateway Tunnel Provider Options - Vars Dictionary<string, string>
- a dictionary of name->value, the vars can then be used in Wlans. This can overwrite those from Site Vars
- Vrf
Config Pulumi.Juniper Mist. Device. Inputs. Gateway Vrf Config - Vrf
Instances Dictionary<string, Pulumi.Juniper Mist. Device. Inputs. Gateway Vrf Instances Args> - Property key is the network name
- X double
- x in pixel
- Y double
- y in pixel
- Device
Id string - Site
Id string - Additional
Config []stringCmds - additional CLI commands to append to the generated Junos config Note: no check is done
- Bgp
Config map[string]GatewayBgp Config Args - Dhcpd
Config GatewayDhcpd Config Args - Dns
Servers []string - Global dns settings. To keep compatibility, dns settings in
ip_configandoob_ip_configwill overwrite this setting - Dns
Suffixes []string - Global dns settings. To keep compatibility, dns settings in
ip_configandoob_ip_configwill overwrite this setting - Extra
Routes map[string]GatewayExtra Routes Args - Property key is the destination CIDR (e.g. "10.0.0.0/8")
- Extra
Routes6 map[string]GatewayExtra Routes6Args - Property key is the destination CIDR (e.g. "2a02:1234:420a:10c9::/64")
- Idp
Profiles map[string]GatewayIdp Profiles Args - Property key is the profile name
- Ip
Configs map[string]GatewayIp Configs Args - Property key is the network name
- Managed bool
- Map
Id string - map where the device belongs to
- Msp
Id string - Name string
- Networks
[]Gateway
Network Args - Notes string
- Ntp
Servers []string - Oob
Ip GatewayConfig Oob Ip Config Args - out-of-band (vme/em0/fxp0) IP config
- Path
Preferences map[string]GatewayPath Preferences Args - Property key is the path name
- Port
Config map[string]GatewayPort Config Args - Property key is the port name or range (e.g. "ge-0/0/0-10")
- Port
Mirroring GatewayPort Mirroring Args - Router
Id string - auto assigned if not set
- Routing
Policies map[string]GatewayRouting Policies Args - Property key is the routing policy name
- Service
Policies []GatewayService Policy Args - Tunnel
Configs map[string]GatewayTunnel Configs Args - Property key is the tunnel name
- Tunnel
Provider GatewayOptions Tunnel Provider Options Args - Vars map[string]string
- a dictionary of name->value, the vars can then be used in Wlans. This can overwrite those from Site Vars
- Vrf
Config GatewayVrf Config Args - Vrf
Instances map[string]GatewayVrf Instances Args - Property key is the network name
- X float64
- x in pixel
- Y float64
- y in pixel
- device
Id String - site
Id String - additional
Config List<String>Cmds - additional CLI commands to append to the generated Junos config Note: no check is done
- bgp
Config Map<String,GatewayBgp Config Args> - dhcpd
Config GatewayDhcpd Config - dns
Servers List<String> - Global dns settings. To keep compatibility, dns settings in
ip_configandoob_ip_configwill overwrite this setting - dns
Suffixes List<String> - Global dns settings. To keep compatibility, dns settings in
ip_configandoob_ip_configwill overwrite this setting - extra
Routes Map<String,GatewayExtra Routes Args> - Property key is the destination CIDR (e.g. "10.0.0.0/8")
- extra
Routes6 Map<String,GatewayExtra Routes6Args> - Property key is the destination CIDR (e.g. "2a02:1234:420a:10c9::/64")
- idp
Profiles Map<String,GatewayIdp Profiles Args> - Property key is the profile name
- ip
Configs Map<String,GatewayIp Configs Args> - Property key is the network name
- managed Boolean
- map
Id String - map where the device belongs to
- msp
Id String - name String
- networks
List<Gateway
Network> - notes String
- ntp
Servers List<String> - oob
Ip GatewayConfig Oob Ip Config - out-of-band (vme/em0/fxp0) IP config
- path
Preferences Map<String,GatewayPath Preferences Args> - Property key is the path name
- port
Config Map<String,GatewayPort Config Args> - Property key is the port name or range (e.g. "ge-0/0/0-10")
- port
Mirroring GatewayPort Mirroring - router
Id String - auto assigned if not set
- routing
Policies Map<String,GatewayRouting Policies Args> - Property key is the routing policy name
- service
Policies List<GatewayService Policy> - tunnel
Configs Map<String,GatewayTunnel Configs Args> - Property key is the tunnel name
- tunnel
Provider GatewayOptions Tunnel Provider Options - vars Map<String,String>
- a dictionary of name->value, the vars can then be used in Wlans. This can overwrite those from Site Vars
- vrf
Config GatewayVrf Config - vrf
Instances Map<String,GatewayVrf Instances Args> - Property key is the network name
- x Double
- x in pixel
- y Double
- y in pixel
- device
Id string - site
Id string - additional
Config string[]Cmds - additional CLI commands to append to the generated Junos config Note: no check is done
- bgp
Config {[key: string]: GatewayBgp Config Args} - dhcpd
Config GatewayDhcpd Config - dns
Servers string[] - Global dns settings. To keep compatibility, dns settings in
ip_configandoob_ip_configwill overwrite this setting - dns
Suffixes string[] - Global dns settings. To keep compatibility, dns settings in
ip_configandoob_ip_configwill overwrite this setting - extra
Routes {[key: string]: GatewayExtra Routes Args} - Property key is the destination CIDR (e.g. "10.0.0.0/8")
- extra
Routes6 {[key: string]: GatewayExtra Routes6Args} - Property key is the destination CIDR (e.g. "2a02:1234:420a:10c9::/64")
- idp
Profiles {[key: string]: GatewayIdp Profiles Args} - Property key is the profile name
- ip
Configs {[key: string]: GatewayIp Configs Args} - Property key is the network name
- managed boolean
- map
Id string - map where the device belongs to
- msp
Id string - name string
- networks
Gateway
Network[] - notes string
- ntp
Servers string[] - oob
Ip GatewayConfig Oob Ip Config - out-of-band (vme/em0/fxp0) IP config
- path
Preferences {[key: string]: GatewayPath Preferences Args} - Property key is the path name
- port
Config {[key: string]: GatewayPort Config Args} - Property key is the port name or range (e.g. "ge-0/0/0-10")
- port
Mirroring GatewayPort Mirroring - router
Id string - auto assigned if not set
- routing
Policies {[key: string]: GatewayRouting Policies Args} - Property key is the routing policy name
- service
Policies GatewayService Policy[] - tunnel
Configs {[key: string]: GatewayTunnel Configs Args} - Property key is the tunnel name
- tunnel
Provider GatewayOptions Tunnel Provider Options - vars {[key: string]: string}
- a dictionary of name->value, the vars can then be used in Wlans. This can overwrite those from Site Vars
- vrf
Config GatewayVrf Config - vrf
Instances {[key: string]: GatewayVrf Instances Args} - Property key is the network name
- x number
- x in pixel
- y number
- y in pixel
- device_
id str - site_
id str - additional_
config_ Sequence[str]cmds - additional CLI commands to append to the generated Junos config Note: no check is done
- bgp_
config Mapping[str, GatewayBgp Config Args] - dhcpd_
config GatewayDhcpd Config Args - dns_
servers Sequence[str] - Global dns settings. To keep compatibility, dns settings in
ip_configandoob_ip_configwill overwrite this setting - dns_
suffixes Sequence[str] - Global dns settings. To keep compatibility, dns settings in
ip_configandoob_ip_configwill overwrite this setting - extra_
routes Mapping[str, GatewayExtra Routes Args] - Property key is the destination CIDR (e.g. "10.0.0.0/8")
- extra_
routes6 Mapping[str, GatewayExtra Routes6Args] - Property key is the destination CIDR (e.g. "2a02:1234:420a:10c9::/64")
- idp_
profiles Mapping[str, GatewayIdp Profiles Args] - Property key is the profile name
- ip_
configs Mapping[str, GatewayIp Configs Args] - Property key is the network name
- managed bool
- map_
id str - map where the device belongs to
- msp_
id str - name str
- networks
Sequence[Gateway
Network Args] - notes str
- ntp_
servers Sequence[str] - oob_
ip_ Gatewayconfig Oob Ip Config Args - out-of-band (vme/em0/fxp0) IP config
- path_
preferences Mapping[str, GatewayPath Preferences Args] - Property key is the path name
- port_
config Mapping[str, GatewayPort Config Args] - Property key is the port name or range (e.g. "ge-0/0/0-10")
- port_
mirroring GatewayPort Mirroring Args - router_
id str - auto assigned if not set
- routing_
policies Mapping[str, GatewayRouting Policies Args] - Property key is the routing policy name
- service_
policies Sequence[GatewayService Policy Args] - tunnel_
configs Mapping[str, GatewayTunnel Configs Args] - Property key is the tunnel name
- tunnel_
provider_ Gatewayoptions Tunnel Provider Options Args - vars Mapping[str, str]
- a dictionary of name->value, the vars can then be used in Wlans. This can overwrite those from Site Vars
- vrf_
config GatewayVrf Config Args - vrf_
instances Mapping[str, GatewayVrf Instances Args] - Property key is the network name
- x float
- x in pixel
- y float
- y in pixel
- device
Id String - site
Id String - additional
Config List<String>Cmds - additional CLI commands to append to the generated Junos config Note: no check is done
- bgp
Config Map<Property Map> - dhcpd
Config Property Map - dns
Servers List<String> - Global dns settings. To keep compatibility, dns settings in
ip_configandoob_ip_configwill overwrite this setting - dns
Suffixes List<String> - Global dns settings. To keep compatibility, dns settings in
ip_configandoob_ip_configwill overwrite this setting - extra
Routes Map<Property Map> - Property key is the destination CIDR (e.g. "10.0.0.0/8")
- extra
Routes6 Map<Property Map> - Property key is the destination CIDR (e.g. "2a02:1234:420a:10c9::/64")
- idp
Profiles Map<Property Map> - Property key is the profile name
- ip
Configs Map<Property Map> - Property key is the network name
- managed Boolean
- map
Id String - map where the device belongs to
- msp
Id String - name String
- networks List<Property Map>
- notes String
- ntp
Servers List<String> - oob
Ip Property MapConfig - out-of-band (vme/em0/fxp0) IP config
- path
Preferences Map<Property Map> - Property key is the path name
- port
Config Map<Property Map> - Property key is the port name or range (e.g. "ge-0/0/0-10")
- port
Mirroring Property Map - router
Id String - auto assigned if not set
- routing
Policies Map<Property Map> - Property key is the routing policy name
- service
Policies List<Property Map> - tunnel
Configs Map<Property Map> - Property key is the tunnel name
- tunnel
Provider Property MapOptions - vars Map<String>
- a dictionary of name->value, the vars can then be used in Wlans. This can overwrite those from Site Vars
- vrf
Config Property Map - vrf
Instances Map<Property Map> - Property key is the network name
- x Number
- x in pixel
- y Number
- y in pixel
Outputs
All input properties are implicitly available as output properties. Additionally, the Gateway resource produces the following output properties:
- id str
- The provider-assigned unique ID for this managed resource.
- image1_
url str - image2_
url str - image3_
url str - mac str
- device MAC address
- model str
- device Model
- org_
id str - serial str
- device Serial
- type str
- Device Type. enum:
gateway
Look up Existing Gateway Resource
Get an existing Gateway resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: GatewayState, opts?: CustomResourceOptions): Gateway@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
additional_config_cmds: Optional[Sequence[str]] = None,
bgp_config: Optional[Mapping[str, GatewayBgpConfigArgs]] = None,
device_id: Optional[str] = None,
dhcpd_config: Optional[GatewayDhcpdConfigArgs] = None,
dns_servers: Optional[Sequence[str]] = None,
dns_suffixes: Optional[Sequence[str]] = None,
extra_routes: Optional[Mapping[str, GatewayExtraRoutesArgs]] = None,
extra_routes6: Optional[Mapping[str, GatewayExtraRoutes6Args]] = None,
idp_profiles: Optional[Mapping[str, GatewayIdpProfilesArgs]] = None,
image1_url: Optional[str] = None,
image2_url: Optional[str] = None,
image3_url: Optional[str] = None,
ip_configs: Optional[Mapping[str, GatewayIpConfigsArgs]] = None,
mac: Optional[str] = None,
managed: Optional[bool] = None,
map_id: Optional[str] = None,
model: Optional[str] = None,
msp_id: Optional[str] = None,
name: Optional[str] = None,
networks: Optional[Sequence[GatewayNetworkArgs]] = None,
notes: Optional[str] = None,
ntp_servers: Optional[Sequence[str]] = None,
oob_ip_config: Optional[GatewayOobIpConfigArgs] = None,
org_id: Optional[str] = None,
path_preferences: Optional[Mapping[str, GatewayPathPreferencesArgs]] = None,
port_config: Optional[Mapping[str, GatewayPortConfigArgs]] = None,
port_mirroring: Optional[GatewayPortMirroringArgs] = None,
router_id: Optional[str] = None,
routing_policies: Optional[Mapping[str, GatewayRoutingPoliciesArgs]] = None,
serial: Optional[str] = None,
service_policies: Optional[Sequence[GatewayServicePolicyArgs]] = None,
site_id: Optional[str] = None,
tunnel_configs: Optional[Mapping[str, GatewayTunnelConfigsArgs]] = None,
tunnel_provider_options: Optional[GatewayTunnelProviderOptionsArgs] = None,
type: Optional[str] = None,
vars: Optional[Mapping[str, str]] = None,
vrf_config: Optional[GatewayVrfConfigArgs] = None,
vrf_instances: Optional[Mapping[str, GatewayVrfInstancesArgs]] = None,
x: Optional[float] = None,
y: Optional[float] = None) -> Gatewayfunc GetGateway(ctx *Context, name string, id IDInput, state *GatewayState, opts ...ResourceOption) (*Gateway, error)public static Gateway Get(string name, Input<string> id, GatewayState? state, CustomResourceOptions? opts = null)public static Gateway get(String name, Output<String> id, GatewayState state, CustomResourceOptions options)Resource lookup is not supported in YAML- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Additional
Config List<string>Cmds - additional CLI commands to append to the generated Junos config Note: no check is done
- Bgp
Config Dictionary<string, Pulumi.Juniper Mist. Device. Inputs. Gateway Bgp Config Args> - Device
Id string - Dhcpd
Config Pulumi.Juniper Mist. Device. Inputs. Gateway Dhcpd Config - Dns
Servers List<string> - Global dns settings. To keep compatibility, dns settings in
ip_configandoob_ip_configwill overwrite this setting - Dns
Suffixes List<string> - Global dns settings. To keep compatibility, dns settings in
ip_configandoob_ip_configwill overwrite this setting - Extra
Routes Dictionary<string, Pulumi.Juniper Mist. Device. Inputs. Gateway Extra Routes Args> - Property key is the destination CIDR (e.g. "10.0.0.0/8")
- Extra
Routes6 Dictionary<string, Pulumi.Juniper Mist. Device. Inputs. Gateway Extra Routes6Args> - Property key is the destination CIDR (e.g. "2a02:1234:420a:10c9::/64")
- Idp
Profiles Dictionary<string, Pulumi.Juniper Mist. Device. Inputs. Gateway Idp Profiles Args> - Property key is the profile name
- Image1Url string
- Image2Url string
- Image3Url string
- Ip
Configs Dictionary<string, Pulumi.Juniper Mist. Device. Inputs. Gateway Ip Configs Args> - Property key is the network name
- Mac string
- device MAC address
- Managed bool
- Map
Id string - map where the device belongs to
- Model string
- device Model
- Msp
Id string - Name string
- Networks
List<Pulumi.
Juniper Mist. Device. Inputs. Gateway Network> - Notes string
- Ntp
Servers List<string> - Oob
Ip Pulumi.Config Juniper Mist. Device. Inputs. Gateway Oob Ip Config - out-of-band (vme/em0/fxp0) IP config
- Org
Id string - Path
Preferences Dictionary<string, Pulumi.Juniper Mist. Device. Inputs. Gateway Path Preferences Args> - Property key is the path name
- Port
Config Dictionary<string, Pulumi.Juniper Mist. Device. Inputs. Gateway Port Config Args> - Property key is the port name or range (e.g. "ge-0/0/0-10")
- Port
Mirroring Pulumi.Juniper Mist. Device. Inputs. Gateway Port Mirroring - Router
Id string - auto assigned if not set
- Routing
Policies Dictionary<string, Pulumi.Juniper Mist. Device. Inputs. Gateway Routing Policies Args> - Property key is the routing policy name
- Serial string
- device Serial
- Service
Policies List<Pulumi.Juniper Mist. Device. Inputs. Gateway Service Policy> - Site
Id string - Tunnel
Configs Dictionary<string, Pulumi.Juniper Mist. Device. Inputs. Gateway Tunnel Configs Args> - Property key is the tunnel name
- Tunnel
Provider Pulumi.Options Juniper Mist. Device. Inputs. Gateway Tunnel Provider Options - Type string
- Device Type. enum:
gateway - Vars Dictionary<string, string>
- a dictionary of name->value, the vars can then be used in Wlans. This can overwrite those from Site Vars
- Vrf
Config Pulumi.Juniper Mist. Device. Inputs. Gateway Vrf Config - Vrf
Instances Dictionary<string, Pulumi.Juniper Mist. Device. Inputs. Gateway Vrf Instances Args> - Property key is the network name
- X double
- x in pixel
- Y double
- y in pixel
- Additional
Config []stringCmds - additional CLI commands to append to the generated Junos config Note: no check is done
- Bgp
Config map[string]GatewayBgp Config Args - Device
Id string - Dhcpd
Config GatewayDhcpd Config Args - Dns
Servers []string - Global dns settings. To keep compatibility, dns settings in
ip_configandoob_ip_configwill overwrite this setting - Dns
Suffixes []string - Global dns settings. To keep compatibility, dns settings in
ip_configandoob_ip_configwill overwrite this setting - Extra
Routes map[string]GatewayExtra Routes Args - Property key is the destination CIDR (e.g. "10.0.0.0/8")
- Extra
Routes6 map[string]GatewayExtra Routes6Args - Property key is the destination CIDR (e.g. "2a02:1234:420a:10c9::/64")
- Idp
Profiles map[string]GatewayIdp Profiles Args - Property key is the profile name
- Image1Url string
- Image2Url string
- Image3Url string
- Ip
Configs map[string]GatewayIp Configs Args - Property key is the network name
- Mac string
- device MAC address
- Managed bool
- Map
Id string - map where the device belongs to
- Model string
- device Model
- Msp
Id string - Name string
- Networks
[]Gateway
Network Args - Notes string
- Ntp
Servers []string - Oob
Ip GatewayConfig Oob Ip Config Args - out-of-band (vme/em0/fxp0) IP config
- Org
Id string - Path
Preferences map[string]GatewayPath Preferences Args - Property key is the path name
- Port
Config map[string]GatewayPort Config Args - Property key is the port name or range (e.g. "ge-0/0/0-10")
- Port
Mirroring GatewayPort Mirroring Args - Router
Id string - auto assigned if not set
- Routing
Policies map[string]GatewayRouting Policies Args - Property key is the routing policy name
- Serial string
- device Serial
- Service
Policies []GatewayService Policy Args - Site
Id string - Tunnel
Configs map[string]GatewayTunnel Configs Args - Property key is the tunnel name
- Tunnel
Provider GatewayOptions Tunnel Provider Options Args - Type string
- Device Type. enum:
gateway - Vars map[string]string
- a dictionary of name->value, the vars can then be used in Wlans. This can overwrite those from Site Vars
- Vrf
Config GatewayVrf Config Args - Vrf
Instances map[string]GatewayVrf Instances Args - Property key is the network name
- X float64
- x in pixel
- Y float64
- y in pixel
- additional
Config List<String>Cmds - additional CLI commands to append to the generated Junos config Note: no check is done
- bgp
Config Map<String,GatewayBgp Config Args> - device
Id String - dhcpd
Config GatewayDhcpd Config - dns
Servers List<String> - Global dns settings. To keep compatibility, dns settings in
ip_configandoob_ip_configwill overwrite this setting - dns
Suffixes List<String> - Global dns settings. To keep compatibility, dns settings in
ip_configandoob_ip_configwill overwrite this setting - extra
Routes Map<String,GatewayExtra Routes Args> - Property key is the destination CIDR (e.g. "10.0.0.0/8")
- extra
Routes6 Map<String,GatewayExtra Routes6Args> - Property key is the destination CIDR (e.g. "2a02:1234:420a:10c9::/64")
- idp
Profiles Map<String,GatewayIdp Profiles Args> - Property key is the profile name
- image1Url String
- image2Url String
- image3Url String
- ip
Configs Map<String,GatewayIp Configs Args> - Property key is the network name
- mac String
- device MAC address
- managed Boolean
- map
Id String - map where the device belongs to
- model String
- device Model
- msp
Id String - name String
- networks
List<Gateway
Network> - notes String
- ntp
Servers List<String> - oob
Ip GatewayConfig Oob Ip Config - out-of-band (vme/em0/fxp0) IP config
- org
Id String - path
Preferences Map<String,GatewayPath Preferences Args> - Property key is the path name
- port
Config Map<String,GatewayPort Config Args> - Property key is the port name or range (e.g. "ge-0/0/0-10")
- port
Mirroring GatewayPort Mirroring - router
Id String - auto assigned if not set
- routing
Policies Map<String,GatewayRouting Policies Args> - Property key is the routing policy name
- serial String
- device Serial
- service
Policies List<GatewayService Policy> - site
Id String - tunnel
Configs Map<String,GatewayTunnel Configs Args> - Property key is the tunnel name
- tunnel
Provider GatewayOptions Tunnel Provider Options - type String
- Device Type. enum:
gateway - vars Map<String,String>
- a dictionary of name->value, the vars can then be used in Wlans. This can overwrite those from Site Vars
- vrf
Config GatewayVrf Config - vrf
Instances Map<String,GatewayVrf Instances Args> - Property key is the network name
- x Double
- x in pixel
- y Double
- y in pixel
- additional
Config string[]Cmds - additional CLI commands to append to the generated Junos config Note: no check is done
- bgp
Config {[key: string]: GatewayBgp Config Args} - device
Id string - dhcpd
Config GatewayDhcpd Config - dns
Servers string[] - Global dns settings. To keep compatibility, dns settings in
ip_configandoob_ip_configwill overwrite this setting - dns
Suffixes string[] - Global dns settings. To keep compatibility, dns settings in
ip_configandoob_ip_configwill overwrite this setting - extra
Routes {[key: string]: GatewayExtra Routes Args} - Property key is the destination CIDR (e.g. "10.0.0.0/8")
- extra
Routes6 {[key: string]: GatewayExtra Routes6Args} - Property key is the destination CIDR (e.g. "2a02:1234:420a:10c9::/64")
- idp
Profiles {[key: string]: GatewayIdp Profiles Args} - Property key is the profile name
- image1Url string
- image2Url string
- image3Url string
- ip
Configs {[key: string]: GatewayIp Configs Args} - Property key is the network name
- mac string
- device MAC address
- managed boolean
- map
Id string - map where the device belongs to
- model string
- device Model
- msp
Id string - name string
- networks
Gateway
Network[] - notes string
- ntp
Servers string[] - oob
Ip GatewayConfig Oob Ip Config - out-of-band (vme/em0/fxp0) IP config
- org
Id string - path
Preferences {[key: string]: GatewayPath Preferences Args} - Property key is the path name
- port
Config {[key: string]: GatewayPort Config Args} - Property key is the port name or range (e.g. "ge-0/0/0-10")
- port
Mirroring GatewayPort Mirroring - router
Id string - auto assigned if not set
- routing
Policies {[key: string]: GatewayRouting Policies Args} - Property key is the routing policy name
- serial string
- device Serial
- service
Policies GatewayService Policy[] - site
Id string - tunnel
Configs {[key: string]: GatewayTunnel Configs Args} - Property key is the tunnel name
- tunnel
Provider GatewayOptions Tunnel Provider Options - type string
- Device Type. enum:
gateway - vars {[key: string]: string}
- a dictionary of name->value, the vars can then be used in Wlans. This can overwrite those from Site Vars
- vrf
Config GatewayVrf Config - vrf
Instances {[key: string]: GatewayVrf Instances Args} - Property key is the network name
- x number
- x in pixel
- y number
- y in pixel
- additional_
config_ Sequence[str]cmds - additional CLI commands to append to the generated Junos config Note: no check is done
- bgp_
config Mapping[str, GatewayBgp Config Args] - device_
id str - dhcpd_
config GatewayDhcpd Config Args - dns_
servers Sequence[str] - Global dns settings. To keep compatibility, dns settings in
ip_configandoob_ip_configwill overwrite this setting - dns_
suffixes Sequence[str] - Global dns settings. To keep compatibility, dns settings in
ip_configandoob_ip_configwill overwrite this setting - extra_
routes Mapping[str, GatewayExtra Routes Args] - Property key is the destination CIDR (e.g. "10.0.0.0/8")
- extra_
routes6 Mapping[str, GatewayExtra Routes6Args] - Property key is the destination CIDR (e.g. "2a02:1234:420a:10c9::/64")
- idp_
profiles Mapping[str, GatewayIdp Profiles Args] - Property key is the profile name
- image1_
url str - image2_
url str - image3_
url str - ip_
configs Mapping[str, GatewayIp Configs Args] - Property key is the network name
- mac str
- device MAC address
- managed bool
- map_
id str - map where the device belongs to
- model str
- device Model
- msp_
id str - name str
- networks
Sequence[Gateway
Network Args] - notes str
- ntp_
servers Sequence[str] - oob_
ip_ Gatewayconfig Oob Ip Config Args - out-of-band (vme/em0/fxp0) IP config
- org_
id str - path_
preferences Mapping[str, GatewayPath Preferences Args] - Property key is the path name
- port_
config Mapping[str, GatewayPort Config Args] - Property key is the port name or range (e.g. "ge-0/0/0-10")
- port_
mirroring GatewayPort Mirroring Args - router_
id str - auto assigned if not set
- routing_
policies Mapping[str, GatewayRouting Policies Args] - Property key is the routing policy name
- serial str
- device Serial
- service_
policies Sequence[GatewayService Policy Args] - site_
id str - tunnel_
configs Mapping[str, GatewayTunnel Configs Args] - Property key is the tunnel name
- tunnel_
provider_ Gatewayoptions Tunnel Provider Options Args - type str
- Device Type. enum:
gateway - vars Mapping[str, str]
- a dictionary of name->value, the vars can then be used in Wlans. This can overwrite those from Site Vars
- vrf_
config GatewayVrf Config Args - vrf_
instances Mapping[str, GatewayVrf Instances Args] - Property key is the network name
- x float
- x in pixel
- y float
- y in pixel
- additional
Config List<String>Cmds - additional CLI commands to append to the generated Junos config Note: no check is done
- bgp
Config Map<Property Map> - device
Id String - dhcpd
Config Property Map - dns
Servers List<String> - Global dns settings. To keep compatibility, dns settings in
ip_configandoob_ip_configwill overwrite this setting - dns
Suffixes List<String> - Global dns settings. To keep compatibility, dns settings in
ip_configandoob_ip_configwill overwrite this setting - extra
Routes Map<Property Map> - Property key is the destination CIDR (e.g. "10.0.0.0/8")
- extra
Routes6 Map<Property Map> - Property key is the destination CIDR (e.g. "2a02:1234:420a:10c9::/64")
- idp
Profiles Map<Property Map> - Property key is the profile name
- image1Url String
- image2Url String
- image3Url String
- ip
Configs Map<Property Map> - Property key is the network name
- mac String
- device MAC address
- managed Boolean
- map
Id String - map where the device belongs to
- model String
- device Model
- msp
Id String - name String
- networks List<Property Map>
- notes String
- ntp
Servers List<String> - oob
Ip Property MapConfig - out-of-band (vme/em0/fxp0) IP config
- org
Id String - path
Preferences Map<Property Map> - Property key is the path name
- port
Config Map<Property Map> - Property key is the port name or range (e.g. "ge-0/0/0-10")
- port
Mirroring Property Map - router
Id String - auto assigned if not set
- routing
Policies Map<Property Map> - Property key is the routing policy name
- serial String
- device Serial
- service
Policies List<Property Map> - site
Id String - tunnel
Configs Map<Property Map> - Property key is the tunnel name
- tunnel
Provider Property MapOptions - type String
- Device Type. enum:
gateway - vars Map<String>
- a dictionary of name->value, the vars can then be used in Wlans. This can overwrite those from Site Vars
- vrf
Config Property Map - vrf
Instances Map<Property Map> - Property key is the network name
- x Number
- x in pixel
- y Number
- y in pixel
Supporting Types
GatewayBgpConfig, GatewayBgpConfigArgs
- Auth
Key string - Bfd
Minimum intInterval - when bfd_multiplier is configured alone. Default:
- 1000 if
type==external - 350
type==internal
- 1000 if
- Bfd
Multiplier int - when bfd_minimum_interval_is_configured alone
- Disable
Bfd bool - BFD provides faster path failure detection and is enabled by default
- Export string
- Export
Policy string - default export policies if no per-neighbor policies defined
- Extended
V4Nexthop bool - by default, either inet/net6 unicast depending on neighbor IP family (v4 or v6) for v6 neighbors, to exchange v4 nexthop, which allows dual-stack support, enable this
- Graceful
Restart intTime 0means disable- Hold
Time int - Import string
- Import
Policy string - default import policies if no per-neighbor policies defined
- Local
As int - Neighbor
As int - Neighbors
Dictionary<string, Pulumi.
Juniper Mist. Device. Inputs. Gateway Bgp Config Neighbors> - if per-neighbor as is desired. Property key is the neighbor address
- Networks List<string>
- if
type!=externalorvia==wannetworks where we expect BGP neighbor to connect to/from - No
Readvertise boolTo Overlay - by default, we'll re-advertise all learned BGP routers toward overlay
- Tunnel
Name string - if
type==tunnel - Type string
- enum:
external,internal - Via string
- network name. enum:
lan,tunnel,vpn,wan - Vpn
Name string - Wan
Name string - if
via==wan
- Auth
Key string - Bfd
Minimum intInterval - when bfd_multiplier is configured alone. Default:
- 1000 if
type==external - 350
type==internal
- 1000 if
- Bfd
Multiplier int - when bfd_minimum_interval_is_configured alone
- Disable
Bfd bool - BFD provides faster path failure detection and is enabled by default
- Export string
- Export
Policy string - default export policies if no per-neighbor policies defined
- Extended
V4Nexthop bool - by default, either inet/net6 unicast depending on neighbor IP family (v4 or v6) for v6 neighbors, to exchange v4 nexthop, which allows dual-stack support, enable this
- Graceful
Restart intTime 0means disable- Hold
Time int - Import string
- Import
Policy string - default import policies if no per-neighbor policies defined
- Local
As int - Neighbor
As int - Neighbors
map[string]Gateway
Bgp Config Neighbors - if per-neighbor as is desired. Property key is the neighbor address
- Networks []string
- if
type!=externalorvia==wannetworks where we expect BGP neighbor to connect to/from - No
Readvertise boolTo Overlay - by default, we'll re-advertise all learned BGP routers toward overlay
- Tunnel
Name string - if
type==tunnel - Type string
- enum:
external,internal - Via string
- network name. enum:
lan,tunnel,vpn,wan - Vpn
Name string - Wan
Name string - if
via==wan
- auth
Key String - bfd
Minimum IntegerInterval - when bfd_multiplier is configured alone. Default:
- 1000 if
type==external - 350
type==internal
- 1000 if
- bfd
Multiplier Integer - when bfd_minimum_interval_is_configured alone
- disable
Bfd Boolean - BFD provides faster path failure detection and is enabled by default
- export String
- export
Policy String - default export policies if no per-neighbor policies defined
- extended
V4Nexthop Boolean - by default, either inet/net6 unicast depending on neighbor IP family (v4 or v6) for v6 neighbors, to exchange v4 nexthop, which allows dual-stack support, enable this
- graceful
Restart IntegerTime 0means disable- hold
Time Integer - import
Policy String - default import policies if no per-neighbor policies defined
- import_ String
- local
As Integer - neighbor
As Integer - neighbors
Map<String,Gateway
Bgp Config Neighbors> - if per-neighbor as is desired. Property key is the neighbor address
- networks List<String>
- if
type!=externalorvia==wannetworks where we expect BGP neighbor to connect to/from - no
Readvertise BooleanTo Overlay - by default, we'll re-advertise all learned BGP routers toward overlay
- tunnel
Name String - if
type==tunnel - type String
- enum:
external,internal - via String
- network name. enum:
lan,tunnel,vpn,wan - vpn
Name String - wan
Name String - if
via==wan
- auth
Key string - bfd
Minimum numberInterval - when bfd_multiplier is configured alone. Default:
- 1000 if
type==external - 350
type==internal
- 1000 if
- bfd
Multiplier number - when bfd_minimum_interval_is_configured alone
- disable
Bfd boolean - BFD provides faster path failure detection and is enabled by default
- export string
- export
Policy string - default export policies if no per-neighbor policies defined
- extended
V4Nexthop boolean - by default, either inet/net6 unicast depending on neighbor IP family (v4 or v6) for v6 neighbors, to exchange v4 nexthop, which allows dual-stack support, enable this
- graceful
Restart numberTime 0means disable- hold
Time number - import string
- import
Policy string - default import policies if no per-neighbor policies defined
- local
As number - neighbor
As number - neighbors
{[key: string]: Gateway
Bgp Config Neighbors} - if per-neighbor as is desired. Property key is the neighbor address
- networks string[]
- if
type!=externalorvia==wannetworks where we expect BGP neighbor to connect to/from - no
Readvertise booleanTo Overlay - by default, we'll re-advertise all learned BGP routers toward overlay
- tunnel
Name string - if
type==tunnel - type string
- enum:
external,internal - via string
- network name. enum:
lan,tunnel,vpn,wan - vpn
Name string - wan
Name string - if
via==wan
- auth_
key str - bfd_
minimum_ intinterval - when bfd_multiplier is configured alone. Default:
- 1000 if
type==external - 350
type==internal
- 1000 if
- bfd_
multiplier int - when bfd_minimum_interval_is_configured alone
- disable_
bfd bool - BFD provides faster path failure detection and is enabled by default
- export str
- export_
policy str - default export policies if no per-neighbor policies defined
- extended_
v4_ boolnexthop - by default, either inet/net6 unicast depending on neighbor IP family (v4 or v6) for v6 neighbors, to exchange v4 nexthop, which allows dual-stack support, enable this
- graceful_
restart_ inttime 0means disable- hold_
time int - import_ str
- import_
policy str - default import policies if no per-neighbor policies defined
- local_
as int - neighbor_
as int - neighbors
Mapping[str, Gateway
Bgp Config Neighbors] - if per-neighbor as is desired. Property key is the neighbor address
- networks Sequence[str]
- if
type!=externalorvia==wannetworks where we expect BGP neighbor to connect to/from - no_
readvertise_ boolto_ overlay - by default, we'll re-advertise all learned BGP routers toward overlay
- tunnel_
name str - if
type==tunnel - type str
- enum:
external,internal - via str
- network name. enum:
lan,tunnel,vpn,wan - vpn_
name str - wan_
name str - if
via==wan
- auth
Key String - bfd
Minimum NumberInterval - when bfd_multiplier is configured alone. Default:
- 1000 if
type==external - 350
type==internal
- 1000 if
- bfd
Multiplier Number - when bfd_minimum_interval_is_configured alone
- disable
Bfd Boolean - BFD provides faster path failure detection and is enabled by default
- export String
- export
Policy String - default export policies if no per-neighbor policies defined
- extended
V4Nexthop Boolean - by default, either inet/net6 unicast depending on neighbor IP family (v4 or v6) for v6 neighbors, to exchange v4 nexthop, which allows dual-stack support, enable this
- graceful
Restart NumberTime 0means disable- hold
Time Number - import String
- import
Policy String - default import policies if no per-neighbor policies defined
- local
As Number - neighbor
As Number - neighbors Map<Property Map>
- if per-neighbor as is desired. Property key is the neighbor address
- networks List<String>
- if
type!=externalorvia==wannetworks where we expect BGP neighbor to connect to/from - no
Readvertise BooleanTo Overlay - by default, we'll re-advertise all learned BGP routers toward overlay
- tunnel
Name String - if
type==tunnel - type String
- enum:
external,internal - via String
- network name. enum:
lan,tunnel,vpn,wan - vpn
Name String - wan
Name String - if
via==wan
GatewayBgpConfigNeighbors, GatewayBgpConfigNeighborsArgs
- Disabled bool
- If true, the BGP session to this neighbor will be administratively disabled/shutdown
- Export
Policy string - Hold
Time int - Import
Policy string - Multihop
Ttl int - assuming BGP neighbor is directly connected
- Neighbor
As int
- Disabled bool
- If true, the BGP session to this neighbor will be administratively disabled/shutdown
- Export
Policy string - Hold
Time int - Import
Policy string - Multihop
Ttl int - assuming BGP neighbor is directly connected
- Neighbor
As int
- disabled Boolean
- If true, the BGP session to this neighbor will be administratively disabled/shutdown
- export
Policy String - hold
Time Integer - import
Policy String - multihop
Ttl Integer - assuming BGP neighbor is directly connected
- neighbor
As Integer
- disabled boolean
- If true, the BGP session to this neighbor will be administratively disabled/shutdown
- export
Policy string - hold
Time number - import
Policy string - multihop
Ttl number - assuming BGP neighbor is directly connected
- neighbor
As number
- disabled bool
- If true, the BGP session to this neighbor will be administratively disabled/shutdown
- export_
policy str - hold_
time int - import_
policy str - multihop_
ttl int - assuming BGP neighbor is directly connected
- neighbor_
as int
- disabled Boolean
- If true, the BGP session to this neighbor will be administratively disabled/shutdown
- export
Policy String - hold
Time Number - import
Policy String - multihop
Ttl Number - assuming BGP neighbor is directly connected
- neighbor
As Number
GatewayDhcpdConfig, GatewayDhcpdConfigArgs
GatewayDhcpdConfigConfig, GatewayDhcpdConfigConfigArgs
- Dns
Servers List<string> - if
type==localortype6==local- optional, if not defined, system one will be used - Dns
Suffixes List<string> - if
type==localortype6==local- optional, if not defined, system one will be used - Fixed
Bindings Dictionary<string, Pulumi.Juniper Mist. Device. Inputs. Gateway Dhcpd Config Config Fixed Bindings> - if
type==localortype6==local. Property key is the MAC Address. Format is[0-9a-f]{12}(e.g "5684dae9ac8b") - Gateway string
- if
type==local- optional,ipwill be used if not provided - Ip
End string - if
type==local - Ip
End6 string - if
type6==local - Ip
Start string - if
type==local - Ip
Start6 string - if
type6==local - Lease
Time int - in seconds, lease time has to be between 3600 [1hr] - 604800 [1 week], default is 86400 [1 day]
- Options
Dictionary<string, Pulumi.
Juniper Mist. Device. Inputs. Gateway Dhcpd Config Config Options> - if
type==localortype6==local. Property key is the DHCP option number - Server
Id boolOverride server_id_override==truemeans the device, when acts as DHCP relay and forwards DHCP responses from DHCP server to clients, should overwrite the Sever Identifier option (i.e. DHCP option 54) in DHCP responses with its own IP address.- Servers List<string>
- if
type==relay - Servers6s List<string>
- if
type6==relay - Type string
- enum:
local(DHCP Server),none,relay(DHCP Relay) - Type6 string
- enum:
local(DHCP Server),none,relay(DHCP Relay) - Vendor
Encapulated Dictionary<string, Pulumi.Juniper Mist. Device. Inputs. Gateway Dhcpd Config Config Vendor Encapulated> - if
type==localortype6==local. Property key is :, with- enterprise number: 1-65535 (https://www.iana.org/assignments/enterprise-numbers/enterprise-numbers)
- sub option code: 1-255, sub-option code'
- Dns
Servers []string - if
type==localortype6==local- optional, if not defined, system one will be used - Dns
Suffixes []string - if
type==localortype6==local- optional, if not defined, system one will be used - Fixed
Bindings map[string]GatewayDhcpd Config Config Fixed Bindings - if
type==localortype6==local. Property key is the MAC Address. Format is[0-9a-f]{12}(e.g "5684dae9ac8b") - Gateway string
- if
type==local- optional,ipwill be used if not provided - Ip
End string - if
type==local - Ip
End6 string - if
type6==local - Ip
Start string - if
type==local - Ip
Start6 string - if
type6==local - Lease
Time int - in seconds, lease time has to be between 3600 [1hr] - 604800 [1 week], default is 86400 [1 day]
- Options
map[string]Gateway
Dhcpd Config Config Options - if
type==localortype6==local. Property key is the DHCP option number - Server
Id boolOverride server_id_override==truemeans the device, when acts as DHCP relay and forwards DHCP responses from DHCP server to clients, should overwrite the Sever Identifier option (i.e. DHCP option 54) in DHCP responses with its own IP address.- Servers []string
- if
type==relay - Servers6s []string
- if
type6==relay - Type string
- enum:
local(DHCP Server),none,relay(DHCP Relay) - Type6 string
- enum:
local(DHCP Server),none,relay(DHCP Relay) - Vendor
Encapulated map[string]GatewayDhcpd Config Config Vendor Encapulated - if
type==localortype6==local. Property key is :, with- enterprise number: 1-65535 (https://www.iana.org/assignments/enterprise-numbers/enterprise-numbers)
- sub option code: 1-255, sub-option code'
- dns
Servers List<String> - if
type==localortype6==local- optional, if not defined, system one will be used - dns
Suffixes List<String> - if
type==localortype6==local- optional, if not defined, system one will be used - fixed
Bindings Map<String,GatewayDhcpd Config Config Fixed Bindings> - if
type==localortype6==local. Property key is the MAC Address. Format is[0-9a-f]{12}(e.g "5684dae9ac8b") - gateway String
- if
type==local- optional,ipwill be used if not provided - ip
End String - if
type==local - ip
End6 String - if
type6==local - ip
Start String - if
type==local - ip
Start6 String - if
type6==local - lease
Time Integer - in seconds, lease time has to be between 3600 [1hr] - 604800 [1 week], default is 86400 [1 day]
- options
Map<String,Gateway
Dhcpd Config Config Options> - if
type==localortype6==local. Property key is the DHCP option number - server
Id BooleanOverride server_id_override==truemeans the device, when acts as DHCP relay and forwards DHCP responses from DHCP server to clients, should overwrite the Sever Identifier option (i.e. DHCP option 54) in DHCP responses with its own IP address.- servers List<String>
- if
type==relay - servers6s List<String>
- if
type6==relay - type String
- enum:
local(DHCP Server),none,relay(DHCP Relay) - type6 String
- enum:
local(DHCP Server),none,relay(DHCP Relay) - vendor
Encapulated Map<String,GatewayDhcpd Config Config Vendor Encapulated> - if
type==localortype6==local. Property key is :, with- enterprise number: 1-65535 (https://www.iana.org/assignments/enterprise-numbers/enterprise-numbers)
- sub option code: 1-255, sub-option code'
- dns
Servers string[] - if
type==localortype6==local- optional, if not defined, system one will be used - dns
Suffixes string[] - if
type==localortype6==local- optional, if not defined, system one will be used - fixed
Bindings {[key: string]: GatewayDhcpd Config Config Fixed Bindings} - if
type==localortype6==local. Property key is the MAC Address. Format is[0-9a-f]{12}(e.g "5684dae9ac8b") - gateway string
- if
type==local- optional,ipwill be used if not provided - ip
End string - if
type==local - ip
End6 string - if
type6==local - ip
Start string - if
type==local - ip
Start6 string - if
type6==local - lease
Time number - in seconds, lease time has to be between 3600 [1hr] - 604800 [1 week], default is 86400 [1 day]
- options
{[key: string]: Gateway
Dhcpd Config Config Options} - if
type==localortype6==local. Property key is the DHCP option number - server
Id booleanOverride server_id_override==truemeans the device, when acts as DHCP relay and forwards DHCP responses from DHCP server to clients, should overwrite the Sever Identifier option (i.e. DHCP option 54) in DHCP responses with its own IP address.- servers string[]
- if
type==relay - servers6s string[]
- if
type6==relay - type string
- enum:
local(DHCP Server),none,relay(DHCP Relay) - type6 string
- enum:
local(DHCP Server),none,relay(DHCP Relay) - vendor
Encapulated {[key: string]: GatewayDhcpd Config Config Vendor Encapulated} - if
type==localortype6==local. Property key is :, with- enterprise number: 1-65535 (https://www.iana.org/assignments/enterprise-numbers/enterprise-numbers)
- sub option code: 1-255, sub-option code'
- dns_
servers Sequence[str] - if
type==localortype6==local- optional, if not defined, system one will be used - dns_
suffixes Sequence[str] - if
type==localortype6==local- optional, if not defined, system one will be used - fixed_
bindings Mapping[str, GatewayDhcpd Config Config Fixed Bindings] - if
type==localortype6==local. Property key is the MAC Address. Format is[0-9a-f]{12}(e.g "5684dae9ac8b") - gateway str
- if
type==local- optional,ipwill be used if not provided - ip_
end str - if
type==local - ip_
end6 str - if
type6==local - ip_
start str - if
type==local - ip_
start6 str - if
type6==local - lease_
time int - in seconds, lease time has to be between 3600 [1hr] - 604800 [1 week], default is 86400 [1 day]
- options
Mapping[str, Gateway
Dhcpd Config Config Options] - if
type==localortype6==local. Property key is the DHCP option number - server_
id_ booloverride server_id_override==truemeans the device, when acts as DHCP relay and forwards DHCP responses from DHCP server to clients, should overwrite the Sever Identifier option (i.e. DHCP option 54) in DHCP responses with its own IP address.- servers Sequence[str]
- if
type==relay - servers6s Sequence[str]
- if
type6==relay - type str
- enum:
local(DHCP Server),none,relay(DHCP Relay) - type6 str
- enum:
local(DHCP Server),none,relay(DHCP Relay) - vendor_
encapulated Mapping[str, GatewayDhcpd Config Config Vendor Encapulated] - if
type==localortype6==local. Property key is :, with- enterprise number: 1-65535 (https://www.iana.org/assignments/enterprise-numbers/enterprise-numbers)
- sub option code: 1-255, sub-option code'
- dns
Servers List<String> - if
type==localortype6==local- optional, if not defined, system one will be used - dns
Suffixes List<String> - if
type==localortype6==local- optional, if not defined, system one will be used - fixed
Bindings Map<Property Map> - if
type==localortype6==local. Property key is the MAC Address. Format is[0-9a-f]{12}(e.g "5684dae9ac8b") - gateway String
- if
type==local- optional,ipwill be used if not provided - ip
End String - if
type==local - ip
End6 String - if
type6==local - ip
Start String - if
type==local - ip
Start6 String - if
type6==local - lease
Time Number - in seconds, lease time has to be between 3600 [1hr] - 604800 [1 week], default is 86400 [1 day]
- options Map<Property Map>
- if
type==localortype6==local. Property key is the DHCP option number - server
Id BooleanOverride server_id_override==truemeans the device, when acts as DHCP relay and forwards DHCP responses from DHCP server to clients, should overwrite the Sever Identifier option (i.e. DHCP option 54) in DHCP responses with its own IP address.- servers List<String>
- if
type==relay - servers6s List<String>
- if
type6==relay - type String
- enum:
local(DHCP Server),none,relay(DHCP Relay) - type6 String
- enum:
local(DHCP Server),none,relay(DHCP Relay) - vendor
Encapulated Map<Property Map> - if
type==localortype6==local. Property key is :, with- enterprise number: 1-65535 (https://www.iana.org/assignments/enterprise-numbers/enterprise-numbers)
- sub option code: 1-255, sub-option code'
GatewayDhcpdConfigConfigFixedBindings, GatewayDhcpdConfigConfigFixedBindingsArgs
GatewayDhcpdConfigConfigOptions, GatewayDhcpdConfigConfigOptionsArgs
GatewayDhcpdConfigConfigVendorEncapulated, GatewayDhcpdConfigConfigVendorEncapulatedArgs
GatewayExtraRoutes, GatewayExtraRoutesArgs
- Via string
- Via string
- via String
- via string
- via str
- via String
GatewayExtraRoutes6, GatewayExtraRoutes6Args
- Via string
- Via string
- via String
- via string
- via str
- via String
GatewayIdpProfiles, GatewayIdpProfilesArgs
- Base
Profile string - enum:
critical,standard,strict - Id string
- Unique ID of the object instance in the Mist Organnization
- Name string
- Org
Id string - Overwrites
List<Pulumi.
Juniper Mist. Device. Inputs. Gateway Idp Profiles Overwrite>
- Base
Profile string - enum:
critical,standard,strict - Id string
- Unique ID of the object instance in the Mist Organnization
- Name string
- Org
Id string - Overwrites
[]Gateway
Idp Profiles Overwrite
- base
Profile String - enum:
critical,standard,strict - id String
- Unique ID of the object instance in the Mist Organnization
- name String
- org
Id String - overwrites
List<Gateway
Idp Profiles Overwrite>
- base
Profile string - enum:
critical,standard,strict - id string
- Unique ID of the object instance in the Mist Organnization
- name string
- org
Id string - overwrites
Gateway
Idp Profiles Overwrite[]
- base_
profile str - enum:
critical,standard,strict - id str
- Unique ID of the object instance in the Mist Organnization
- name str
- org_
id str - overwrites
Sequence[Gateway
Idp Profiles Overwrite]
- base
Profile String - enum:
critical,standard,strict - id String
- Unique ID of the object instance in the Mist Organnization
- name String
- org
Id String - overwrites List<Property Map>
GatewayIdpProfilesOverwrite, GatewayIdpProfilesOverwriteArgs
- Action string
- enum:
- alert (default)
- drop: siliently dropping packets
- close: notify client/server to close connection
- Matching
Pulumi.
Juniper Mist. Device. Inputs. Gateway Idp Profiles Overwrite Matching - Name string
- Action string
- enum:
- alert (default)
- drop: siliently dropping packets
- close: notify client/server to close connection
- Matching
Gateway
Idp Profiles Overwrite Matching - Name string
- action String
- enum:
- alert (default)
- drop: siliently dropping packets
- close: notify client/server to close connection
- matching
Gateway
Idp Profiles Overwrite Matching - name String
- action string
- enum:
- alert (default)
- drop: siliently dropping packets
- close: notify client/server to close connection
- matching
Gateway
Idp Profiles Overwrite Matching - name string
- action str
- enum:
- alert (default)
- drop: siliently dropping packets
- close: notify client/server to close connection
- matching
Gateway
Idp Profiles Overwrite Matching - name str
- action String
- enum:
- alert (default)
- drop: siliently dropping packets
- close: notify client/server to close connection
- matching Property Map
- name String
GatewayIdpProfilesOverwriteMatching, GatewayIdpProfilesOverwriteMatchingArgs
- Attack
Names List<string> - Dst
Subnets List<string> - Severities List<string>
- Attack
Names []string - Dst
Subnets []string - Severities []string
- attack
Names List<String> - dst
Subnets List<String> - severities List<String>
- attack
Names string[] - dst
Subnets string[] - severities string[]
- attack_
names Sequence[str] - dst_
subnets Sequence[str] - severities Sequence[str]
- attack
Names List<String> - dst
Subnets List<String> - severities List<String>
GatewayIpConfigs, GatewayIpConfigsArgs
- Ip string
- Netmask string
- Secondary
Ips List<string> - optional list of secondary IPs in CIDR format
- Type string
- enum:
dhcp,static
- Ip string
- Netmask string
- Secondary
Ips []string - optional list of secondary IPs in CIDR format
- Type string
- enum:
dhcp,static
- ip String
- netmask String
- secondary
Ips List<String> - optional list of secondary IPs in CIDR format
- type String
- enum:
dhcp,static
- ip string
- netmask string
- secondary
Ips string[] - optional list of secondary IPs in CIDR format
- type string
- enum:
dhcp,static
- ip str
- netmask str
- secondary_
ips Sequence[str] - optional list of secondary IPs in CIDR format
- type str
- enum:
dhcp,static
- ip String
- netmask String
- secondary
Ips List<String> - optional list of secondary IPs in CIDR format
- type String
- enum:
dhcp,static
GatewayNetwork, GatewayNetworkArgs
- Name string
- Subnet string
- Disallow
Mist boolServices - whether to disallow Mist Devices in the network
- Gateway string
- Gateway6 string
- Internal
Access Pulumi.Juniper Mist. Device. Inputs. Gateway Network Internal Access - Internet
Access Pulumi.Juniper Mist. Device. Inputs. Gateway Network Internet Access - whether this network has direct internet access
- Isolation bool
- whether to allow clients in the network to talk to each other
- Multicast
Pulumi.
Juniper Mist. Device. Inputs. Gateway Network Multicast - whether to enable multicast support (only PIM-sparse mode is supported)
- Routed
For List<string>Networks - for a Network (usually LAN), it can be routable to other networks (e.g. OSPF)
- Subnet6 string
- Tenants
Dictionary<string, Pulumi.
Juniper Mist. Device. Inputs. Gateway Network Tenants> - Vlan
Id string - Vpn
Access Dictionary<string, Pulumi.Juniper Mist. Device. Inputs. Gateway Network Vpn Access> - Property key is the VPN name. Whether this network can be accessed from vpn
- Name string
- Subnet string
- Disallow
Mist boolServices - whether to disallow Mist Devices in the network
- Gateway string
- Gateway6 string
- Internal
Access GatewayNetwork Internal Access - Internet
Access GatewayNetwork Internet Access - whether this network has direct internet access
- Isolation bool
- whether to allow clients in the network to talk to each other
- Multicast
Gateway
Network Multicast - whether to enable multicast support (only PIM-sparse mode is supported)
- Routed
For []stringNetworks - for a Network (usually LAN), it can be routable to other networks (e.g. OSPF)
- Subnet6 string
- Tenants
map[string]Gateway
Network Tenants - Vlan
Id string - Vpn
Access map[string]GatewayNetwork Vpn Access - Property key is the VPN name. Whether this network can be accessed from vpn
- name String
- subnet String
- disallow
Mist BooleanServices - whether to disallow Mist Devices in the network
- gateway String
- gateway6 String
- internal
Access GatewayNetwork Internal Access - internet
Access GatewayNetwork Internet Access - whether this network has direct internet access
- isolation Boolean
- whether to allow clients in the network to talk to each other
- multicast
Gateway
Network Multicast - whether to enable multicast support (only PIM-sparse mode is supported)
- routed
For List<String>Networks - for a Network (usually LAN), it can be routable to other networks (e.g. OSPF)
- subnet6 String
- tenants
Map<String,Gateway
Network Tenants> - vlan
Id String - vpn
Access Map<String,GatewayNetwork Vpn Access> - Property key is the VPN name. Whether this network can be accessed from vpn
- name string
- subnet string
- disallow
Mist booleanServices - whether to disallow Mist Devices in the network
- gateway string
- gateway6 string
- internal
Access GatewayNetwork Internal Access - internet
Access GatewayNetwork Internet Access - whether this network has direct internet access
- isolation boolean
- whether to allow clients in the network to talk to each other
- multicast
Gateway
Network Multicast - whether to enable multicast support (only PIM-sparse mode is supported)
- routed
For string[]Networks - for a Network (usually LAN), it can be routable to other networks (e.g. OSPF)
- subnet6 string
- tenants
{[key: string]: Gateway
Network Tenants} - vlan
Id string - vpn
Access {[key: string]: GatewayNetwork Vpn Access} - Property key is the VPN name. Whether this network can be accessed from vpn
- name str
- subnet str
- disallow_
mist_ boolservices - whether to disallow Mist Devices in the network
- gateway str
- gateway6 str
- internal_
access GatewayNetwork Internal Access - internet_
access GatewayNetwork Internet Access - whether this network has direct internet access
- isolation bool
- whether to allow clients in the network to talk to each other
- multicast
Gateway
Network Multicast - whether to enable multicast support (only PIM-sparse mode is supported)
- routed_
for_ Sequence[str]networks - for a Network (usually LAN), it can be routable to other networks (e.g. OSPF)
- subnet6 str
- tenants
Mapping[str, Gateway
Network Tenants] - vlan_
id str - vpn_
access Mapping[str, GatewayNetwork Vpn Access] - Property key is the VPN name. Whether this network can be accessed from vpn
- name String
- subnet String
- disallow
Mist BooleanServices - whether to disallow Mist Devices in the network
- gateway String
- gateway6 String
- internal
Access Property Map - internet
Access Property Map - whether this network has direct internet access
- isolation Boolean
- whether to allow clients in the network to talk to each other
- multicast Property Map
- whether to enable multicast support (only PIM-sparse mode is supported)
- routed
For List<String>Networks - for a Network (usually LAN), it can be routable to other networks (e.g. OSPF)
- subnet6 String
- tenants Map<Property Map>
- vlan
Id String - vpn
Access Map<Property Map> - Property key is the VPN name. Whether this network can be accessed from vpn
GatewayNetworkInternalAccess, GatewayNetworkInternalAccessArgs
- Enabled bool
- Enabled bool
- enabled Boolean
- enabled boolean
- enabled bool
- enabled Boolean
GatewayNetworkInternetAccess, GatewayNetworkInternetAccessArgs
- Create
Simple boolService Policy - Destination
Nat Dictionary<string, Pulumi.Juniper Mist. Device. Inputs. Gateway Network Internet Access Destination Nat> - Property key may be an IP/Port (i.e. "63.16.0.3:443"), or a port (i.e. ":2222")
- Enabled bool
- Restricted bool
- by default, all access is allowed, to only allow certain traffic, make
restricted=trueand define service_policies - Static
Nat Dictionary<string, Pulumi.Juniper Mist. Device. Inputs. Gateway Network Internet Access Static Nat> - Property key may be an IP Address (i.e. "172.16.0.1"), and IP Address and Port (i.e. "172.16.0.1:8443") or a CIDR (i.e. "172.16.0.12/20")
- Create
Simple boolService Policy - Destination
Nat map[string]GatewayNetwork Internet Access Destination Nat - Property key may be an IP/Port (i.e. "63.16.0.3:443"), or a port (i.e. ":2222")
- Enabled bool
- Restricted bool
- by default, all access is allowed, to only allow certain traffic, make
restricted=trueand define service_policies - Static
Nat map[string]GatewayNetwork Internet Access Static Nat - Property key may be an IP Address (i.e. "172.16.0.1"), and IP Address and Port (i.e. "172.16.0.1:8443") or a CIDR (i.e. "172.16.0.12/20")
- create
Simple BooleanService Policy - destination
Nat Map<String,GatewayNetwork Internet Access Destination Nat> - Property key may be an IP/Port (i.e. "63.16.0.3:443"), or a port (i.e. ":2222")
- enabled Boolean
- restricted Boolean
- by default, all access is allowed, to only allow certain traffic, make
restricted=trueand define service_policies - static
Nat Map<String,GatewayNetwork Internet Access Static Nat> - Property key may be an IP Address (i.e. "172.16.0.1"), and IP Address and Port (i.e. "172.16.0.1:8443") or a CIDR (i.e. "172.16.0.12/20")
- create
Simple booleanService Policy - destination
Nat {[key: string]: GatewayNetwork Internet Access Destination Nat} - Property key may be an IP/Port (i.e. "63.16.0.3:443"), or a port (i.e. ":2222")
- enabled boolean
- restricted boolean
- by default, all access is allowed, to only allow certain traffic, make
restricted=trueand define service_policies - static
Nat {[key: string]: GatewayNetwork Internet Access Static Nat} - Property key may be an IP Address (i.e. "172.16.0.1"), and IP Address and Port (i.e. "172.16.0.1:8443") or a CIDR (i.e. "172.16.0.12/20")
- create_
simple_ boolservice_ policy - destination_
nat Mapping[str, GatewayNetwork Internet Access Destination Nat] - Property key may be an IP/Port (i.e. "63.16.0.3:443"), or a port (i.e. ":2222")
- enabled bool
- restricted bool
- by default, all access is allowed, to only allow certain traffic, make
restricted=trueand define service_policies - static_
nat Mapping[str, GatewayNetwork Internet Access Static Nat] - Property key may be an IP Address (i.e. "172.16.0.1"), and IP Address and Port (i.e. "172.16.0.1:8443") or a CIDR (i.e. "172.16.0.12/20")
- create
Simple BooleanService Policy - destination
Nat Map<Property Map> - Property key may be an IP/Port (i.e. "63.16.0.3:443"), or a port (i.e. ":2222")
- enabled Boolean
- restricted Boolean
- by default, all access is allowed, to only allow certain traffic, make
restricted=trueand define service_policies - static
Nat Map<Property Map> - Property key may be an IP Address (i.e. "172.16.0.1"), and IP Address and Port (i.e. "172.16.0.1:8443") or a CIDR (i.e. "172.16.0.12/20")
GatewayNetworkInternetAccessDestinationNat, GatewayNetworkInternetAccessDestinationNatArgs
- Internal
Ip string - Name string
- Port int
- Internal
Ip string - Name string
- Port int
- internal
Ip String - name String
- port Integer
- internal
Ip string - name string
- port number
- internal_
ip str - name str
- port int
- internal
Ip String - name String
- port Number
GatewayNetworkInternetAccessStaticNat, GatewayNetworkInternetAccessStaticNatArgs
- Internal
Ip string - Name string
- Wan
Name string - If not set, we configure the nat policies against all WAN ports for simplicity
- Internal
Ip string - Name string
- Wan
Name string - If not set, we configure the nat policies against all WAN ports for simplicity
- internal
Ip String - name String
- wan
Name String - If not set, we configure the nat policies against all WAN ports for simplicity
- internal
Ip string - name string
- wan
Name string - If not set, we configure the nat policies against all WAN ports for simplicity
- internal_
ip str - name str
- wan_
name str - If not set, we configure the nat policies against all WAN ports for simplicity
- internal
Ip String - name String
- wan
Name String - If not set, we configure the nat policies against all WAN ports for simplicity
GatewayNetworkMulticast, GatewayNetworkMulticastArgs
- Disable
Igmp bool - if the network will only be the soruce of the multicast traffic, IGMP can be disabled
- Enabled bool
- Groups
Dictionary<string, Pulumi.
Juniper Mist. Device. Inputs. Gateway Network Multicast Groups> - Group address to RP (rendezvous point) mapping. Property Key is the CIDR (example "225.1.0.3/32")
- Disable
Igmp bool - if the network will only be the soruce of the multicast traffic, IGMP can be disabled
- Enabled bool
- Groups
map[string]Gateway
Network Multicast Groups - Group address to RP (rendezvous point) mapping. Property Key is the CIDR (example "225.1.0.3/32")
- disable
Igmp Boolean - if the network will only be the soruce of the multicast traffic, IGMP can be disabled
- enabled Boolean
- groups
Map<String,Gateway
Network Multicast Groups> - Group address to RP (rendezvous point) mapping. Property Key is the CIDR (example "225.1.0.3/32")
- disable
Igmp boolean - if the network will only be the soruce of the multicast traffic, IGMP can be disabled
- enabled boolean
- groups
{[key: string]: Gateway
Network Multicast Groups} - Group address to RP (rendezvous point) mapping. Property Key is the CIDR (example "225.1.0.3/32")
- disable_
igmp bool - if the network will only be the soruce of the multicast traffic, IGMP can be disabled
- enabled bool
- groups
Mapping[str, Gateway
Network Multicast Groups] - Group address to RP (rendezvous point) mapping. Property Key is the CIDR (example "225.1.0.3/32")
- disable
Igmp Boolean - if the network will only be the soruce of the multicast traffic, IGMP can be disabled
- enabled Boolean
- groups Map<Property Map>
- Group address to RP (rendezvous point) mapping. Property Key is the CIDR (example "225.1.0.3/32")
GatewayNetworkMulticastGroups, GatewayNetworkMulticastGroupsArgs
- Rp
Ip string - RP (rendezvous point) IP Address
- Rp
Ip string - RP (rendezvous point) IP Address
- rp
Ip String - RP (rendezvous point) IP Address
- rp
Ip string - RP (rendezvous point) IP Address
- rp_
ip str - RP (rendezvous point) IP Address
- rp
Ip String - RP (rendezvous point) IP Address
GatewayNetworkTenants, GatewayNetworkTenantsArgs
- Addresses List<string>
- Addresses []string
- addresses List<String>
- addresses string[]
- addresses Sequence[str]
- addresses List<String>
GatewayNetworkVpnAccess, GatewayNetworkVpnAccessArgs
- Advertised
Subnet string - if
routed==true, whether to advertise an aggregated subnet toward HUB this is useful when there are multiple networks on SPOKE's side - Allow
Ping bool - whether to allow ping from vpn into this routed network
- Destination
Nat Dictionary<string, Pulumi.Juniper Mist. Device. Inputs. Gateway Network Vpn Access Destination Nat> - Property key may be an IP/Port (i.e. "63.16.0.3:443"), or a port (i.e. ":2222")
- Nat
Pool string - if
routed==false(usually at Spoke), but some hosts needs to be reachable from Hub, a subnet is required to create and advertise the route to Hub - No
Readvertise boolTo Lan Bgp - toward LAN-side BGP peers
- No
Readvertise boolTo Lan Ospf - toward LAN-side OSPF peers
- No
Readvertise boolTo Overlay - toward overlay how HUB should deal with routes it received from Spokes
- Other
Vrfs List<string> - by default, the routes are only readvertised toward the same vrf on spoke to allow it to be leaked to other vrfs
- Routed bool
- whether this network is routable
- Source
Nat Pulumi.Juniper Mist. Device. Inputs. Gateway Network Vpn Access Source Nat - if
routed==false(usually at Spoke), but some hosts needs to be reachable from Hub - Static
Nat Dictionary<string, Pulumi.Juniper Mist. Device. Inputs. Gateway Network Vpn Access Static Nat> - Property key may be an IP Address (i.e. "172.16.0.1"), and IP Address and Port (i.e. "172.16.0.1:8443") or a CIDR (i.e. "172.16.0.12/20")
- Summarized
Subnet string - toward overlay how HUB should deal with routes it received from Spokes
- Summarized
Subnet stringTo Lan Bgp - toward LAN-side BGP peers
- Summarized
Subnet stringTo Lan Ospf - toward LAN-side OSPF peers
- Advertised
Subnet string - if
routed==true, whether to advertise an aggregated subnet toward HUB this is useful when there are multiple networks on SPOKE's side - Allow
Ping bool - whether to allow ping from vpn into this routed network
- Destination
Nat map[string]GatewayNetwork Vpn Access Destination Nat - Property key may be an IP/Port (i.e. "63.16.0.3:443"), or a port (i.e. ":2222")
- Nat
Pool string - if
routed==false(usually at Spoke), but some hosts needs to be reachable from Hub, a subnet is required to create and advertise the route to Hub - No
Readvertise boolTo Lan Bgp - toward LAN-side BGP peers
- No
Readvertise boolTo Lan Ospf - toward LAN-side OSPF peers
- No
Readvertise boolTo Overlay - toward overlay how HUB should deal with routes it received from Spokes
- Other
Vrfs []string - by default, the routes are only readvertised toward the same vrf on spoke to allow it to be leaked to other vrfs
- Routed bool
- whether this network is routable
- Source
Nat GatewayNetwork Vpn Access Source Nat - if
routed==false(usually at Spoke), but some hosts needs to be reachable from Hub - Static
Nat map[string]GatewayNetwork Vpn Access Static Nat - Property key may be an IP Address (i.e. "172.16.0.1"), and IP Address and Port (i.e. "172.16.0.1:8443") or a CIDR (i.e. "172.16.0.12/20")
- Summarized
Subnet string - toward overlay how HUB should deal with routes it received from Spokes
- Summarized
Subnet stringTo Lan Bgp - toward LAN-side BGP peers
- Summarized
Subnet stringTo Lan Ospf - toward LAN-side OSPF peers
- advertised
Subnet String - if
routed==true, whether to advertise an aggregated subnet toward HUB this is useful when there are multiple networks on SPOKE's side - allow
Ping Boolean - whether to allow ping from vpn into this routed network
- destination
Nat Map<String,GatewayNetwork Vpn Access Destination Nat> - Property key may be an IP/Port (i.e. "63.16.0.3:443"), or a port (i.e. ":2222")
- nat
Pool String - if
routed==false(usually at Spoke), but some hosts needs to be reachable from Hub, a subnet is required to create and advertise the route to Hub - no
Readvertise BooleanTo Lan Bgp - toward LAN-side BGP peers
- no
Readvertise BooleanTo Lan Ospf - toward LAN-side OSPF peers
- no
Readvertise BooleanTo Overlay - toward overlay how HUB should deal with routes it received from Spokes
- other
Vrfs List<String> - by default, the routes are only readvertised toward the same vrf on spoke to allow it to be leaked to other vrfs
- routed Boolean
- whether this network is routable
- source
Nat GatewayNetwork Vpn Access Source Nat - if
routed==false(usually at Spoke), but some hosts needs to be reachable from Hub - static
Nat Map<String,GatewayNetwork Vpn Access Static Nat> - Property key may be an IP Address (i.e. "172.16.0.1"), and IP Address and Port (i.e. "172.16.0.1:8443") or a CIDR (i.e. "172.16.0.12/20")
- summarized
Subnet String - toward overlay how HUB should deal with routes it received from Spokes
- summarized
Subnet StringTo Lan Bgp - toward LAN-side BGP peers
- summarized
Subnet StringTo Lan Ospf - toward LAN-side OSPF peers
- advertised
Subnet string - if
routed==true, whether to advertise an aggregated subnet toward HUB this is useful when there are multiple networks on SPOKE's side - allow
Ping boolean - whether to allow ping from vpn into this routed network
- destination
Nat {[key: string]: GatewayNetwork Vpn Access Destination Nat} - Property key may be an IP/Port (i.e. "63.16.0.3:443"), or a port (i.e. ":2222")
- nat
Pool string - if
routed==false(usually at Spoke), but some hosts needs to be reachable from Hub, a subnet is required to create and advertise the route to Hub - no
Readvertise booleanTo Lan Bgp - toward LAN-side BGP peers
- no
Readvertise booleanTo Lan Ospf - toward LAN-side OSPF peers
- no
Readvertise booleanTo Overlay - toward overlay how HUB should deal with routes it received from Spokes
- other
Vrfs string[] - by default, the routes are only readvertised toward the same vrf on spoke to allow it to be leaked to other vrfs
- routed boolean
- whether this network is routable
- source
Nat GatewayNetwork Vpn Access Source Nat - if
routed==false(usually at Spoke), but some hosts needs to be reachable from Hub - static
Nat {[key: string]: GatewayNetwork Vpn Access Static Nat} - Property key may be an IP Address (i.e. "172.16.0.1"), and IP Address and Port (i.e. "172.16.0.1:8443") or a CIDR (i.e. "172.16.0.12/20")
- summarized
Subnet string - toward overlay how HUB should deal with routes it received from Spokes
- summarized
Subnet stringTo Lan Bgp - toward LAN-side BGP peers
- summarized
Subnet stringTo Lan Ospf - toward LAN-side OSPF peers
- advertised_
subnet str - if
routed==true, whether to advertise an aggregated subnet toward HUB this is useful when there are multiple networks on SPOKE's side - allow_
ping bool - whether to allow ping from vpn into this routed network
- destination_
nat Mapping[str, GatewayNetwork Vpn Access Destination Nat] - Property key may be an IP/Port (i.e. "63.16.0.3:443"), or a port (i.e. ":2222")
- nat_
pool str - if
routed==false(usually at Spoke), but some hosts needs to be reachable from Hub, a subnet is required to create and advertise the route to Hub - no_
readvertise_ boolto_ lan_ bgp - toward LAN-side BGP peers
- no_
readvertise_ boolto_ lan_ ospf - toward LAN-side OSPF peers
- no_
readvertise_ boolto_ overlay - toward overlay how HUB should deal with routes it received from Spokes
- other_
vrfs Sequence[str] - by default, the routes are only readvertised toward the same vrf on spoke to allow it to be leaked to other vrfs
- routed bool
- whether this network is routable
- source_
nat GatewayNetwork Vpn Access Source Nat - if
routed==false(usually at Spoke), but some hosts needs to be reachable from Hub - static_
nat Mapping[str, GatewayNetwork Vpn Access Static Nat] - Property key may be an IP Address (i.e. "172.16.0.1"), and IP Address and Port (i.e. "172.16.0.1:8443") or a CIDR (i.e. "172.16.0.12/20")
- summarized_
subnet str - toward overlay how HUB should deal with routes it received from Spokes
- summarized_
subnet_ strto_ lan_ bgp - toward LAN-side BGP peers
- summarized_
subnet_ strto_ lan_ ospf - toward LAN-side OSPF peers
- advertised
Subnet String - if
routed==true, whether to advertise an aggregated subnet toward HUB this is useful when there are multiple networks on SPOKE's side - allow
Ping Boolean - whether to allow ping from vpn into this routed network
- destination
Nat Map<Property Map> - Property key may be an IP/Port (i.e. "63.16.0.3:443"), or a port (i.e. ":2222")
- nat
Pool String - if
routed==false(usually at Spoke), but some hosts needs to be reachable from Hub, a subnet is required to create and advertise the route to Hub - no
Readvertise BooleanTo Lan Bgp - toward LAN-side BGP peers
- no
Readvertise BooleanTo Lan Ospf - toward LAN-side OSPF peers
- no
Readvertise BooleanTo Overlay - toward overlay how HUB should deal with routes it received from Spokes
- other
Vrfs List<String> - by default, the routes are only readvertised toward the same vrf on spoke to allow it to be leaked to other vrfs
- routed Boolean
- whether this network is routable
- source
Nat Property Map - if
routed==false(usually at Spoke), but some hosts needs to be reachable from Hub - static
Nat Map<Property Map> - Property key may be an IP Address (i.e. "172.16.0.1"), and IP Address and Port (i.e. "172.16.0.1:8443") or a CIDR (i.e. "172.16.0.12/20")
- summarized
Subnet String - toward overlay how HUB should deal with routes it received from Spokes
- summarized
Subnet StringTo Lan Bgp - toward LAN-side BGP peers
- summarized
Subnet StringTo Lan Ospf - toward LAN-side OSPF peers
GatewayNetworkVpnAccessDestinationNat, GatewayNetworkVpnAccessDestinationNatArgs
- Internal
Ip string - Name string
- Port int
- Internal
Ip string - Name string
- Port int
- internal
Ip String - name String
- port Integer
- internal
Ip string - name string
- port number
- internal_
ip str - name str
- port int
- internal
Ip String - name String
- port Number
GatewayNetworkVpnAccessSourceNat, GatewayNetworkVpnAccessSourceNatArgs
- External
Ip string
- External
Ip string
- external
Ip String
- external
Ip string
- external_
ip str
- external
Ip String
GatewayNetworkVpnAccessStaticNat, GatewayNetworkVpnAccessStaticNatArgs
- Internal
Ip string - Name string
- Wan
Name string - If not set, we configure the nat policies against all WAN ports for simplicity
- Internal
Ip string - Name string
- Wan
Name string - If not set, we configure the nat policies against all WAN ports for simplicity
- internal
Ip String - name String
- wan
Name String - If not set, we configure the nat policies against all WAN ports for simplicity
- internal
Ip string - name string
- wan
Name string - If not set, we configure the nat policies against all WAN ports for simplicity
- internal_
ip str - name str
- wan_
name str - If not set, we configure the nat policies against all WAN ports for simplicity
- internal
Ip String - name String
- wan
Name String - If not set, we configure the nat policies against all WAN ports for simplicity
GatewayOobIpConfig, GatewayOobIpConfigArgs
- Gateway string
- if
type==static - Ip string
- if
type==static - Netmask string
- if
type==static - Node1
Pulumi.
Juniper Mist. Device. Inputs. Gateway Oob Ip Config Node1 - for HA Cluster, node1 can have different IP Config
- Type string
- enum:
dhcp,static - Use
Mgmt boolVrf - if supported on the platform. If enabled, DNS will be using this routing-instance, too
- Use
Mgmt boolVrf For Host Out - for host-out traffic (NTP/TACPLUS/RADIUS/SYSLOG/SNMP), if alternative source network/ip is desired
- Vlan
Id string
- Gateway string
- if
type==static - Ip string
- if
type==static - Netmask string
- if
type==static - Node1
Gateway
Oob Ip Config Node1 - for HA Cluster, node1 can have different IP Config
- Type string
- enum:
dhcp,static - Use
Mgmt boolVrf - if supported on the platform. If enabled, DNS will be using this routing-instance, too
- Use
Mgmt boolVrf For Host Out - for host-out traffic (NTP/TACPLUS/RADIUS/SYSLOG/SNMP), if alternative source network/ip is desired
- Vlan
Id string
- gateway String
- if
type==static - ip String
- if
type==static - netmask String
- if
type==static - node1
Gateway
Oob Ip Config Node1 - for HA Cluster, node1 can have different IP Config
- type String
- enum:
dhcp,static - use
Mgmt BooleanVrf - if supported on the platform. If enabled, DNS will be using this routing-instance, too
- use
Mgmt BooleanVrf For Host Out - for host-out traffic (NTP/TACPLUS/RADIUS/SYSLOG/SNMP), if alternative source network/ip is desired
- vlan
Id String
- gateway string
- if
type==static - ip string
- if
type==static - netmask string
- if
type==static - node1
Gateway
Oob Ip Config Node1 - for HA Cluster, node1 can have different IP Config
- type string
- enum:
dhcp,static - use
Mgmt booleanVrf - if supported on the platform. If enabled, DNS will be using this routing-instance, too
- use
Mgmt booleanVrf For Host Out - for host-out traffic (NTP/TACPLUS/RADIUS/SYSLOG/SNMP), if alternative source network/ip is desired
- vlan
Id string
- gateway str
- if
type==static - ip str
- if
type==static - netmask str
- if
type==static - node1
Gateway
Oob Ip Config Node1 - for HA Cluster, node1 can have different IP Config
- type str
- enum:
dhcp,static - use_
mgmt_ boolvrf - if supported on the platform. If enabled, DNS will be using this routing-instance, too
- use_
mgmt_ boolvrf_ for_ host_ out - for host-out traffic (NTP/TACPLUS/RADIUS/SYSLOG/SNMP), if alternative source network/ip is desired
- vlan_
id str
- gateway String
- if
type==static - ip String
- if
type==static - netmask String
- if
type==static - node1 Property Map
- for HA Cluster, node1 can have different IP Config
- type String
- enum:
dhcp,static - use
Mgmt BooleanVrf - if supported on the platform. If enabled, DNS will be using this routing-instance, too
- use
Mgmt BooleanVrf For Host Out - for host-out traffic (NTP/TACPLUS/RADIUS/SYSLOG/SNMP), if alternative source network/ip is desired
- vlan
Id String
GatewayOobIpConfigNode1, GatewayOobIpConfigNode1Args
- Gateway string
- if
type==static - Ip string
- Netmask string
- used only if
subnetis not specified innetworks - Type string
- enum:
dhcp,static - Use
Mgmt boolVrf - if supported on the platform. If enabled, DNS will be using this routing-instance, too
- Use
Mgmt boolVrf For Host Out - whether to use
mgmt_junosfor host-out traffic (NTP/TACPLUS/RADIUS/SYSLOG/SNMP), if alternative source network/ip is desired - Vlan
Id string
- Gateway string
- if
type==static - Ip string
- Netmask string
- used only if
subnetis not specified innetworks - Type string
- enum:
dhcp,static - Use
Mgmt boolVrf - if supported on the platform. If enabled, DNS will be using this routing-instance, too
- Use
Mgmt boolVrf For Host Out - whether to use
mgmt_junosfor host-out traffic (NTP/TACPLUS/RADIUS/SYSLOG/SNMP), if alternative source network/ip is desired - Vlan
Id string
- gateway String
- if
type==static - ip String
- netmask String
- used only if
subnetis not specified innetworks - type String
- enum:
dhcp,static - use
Mgmt BooleanVrf - if supported on the platform. If enabled, DNS will be using this routing-instance, too
- use
Mgmt BooleanVrf For Host Out - whether to use
mgmt_junosfor host-out traffic (NTP/TACPLUS/RADIUS/SYSLOG/SNMP), if alternative source network/ip is desired - vlan
Id String
- gateway string
- if
type==static - ip string
- netmask string
- used only if
subnetis not specified innetworks - type string
- enum:
dhcp,static - use
Mgmt booleanVrf - if supported on the platform. If enabled, DNS will be using this routing-instance, too
- use
Mgmt booleanVrf For Host Out - whether to use
mgmt_junosfor host-out traffic (NTP/TACPLUS/RADIUS/SYSLOG/SNMP), if alternative source network/ip is desired - vlan
Id string
- gateway str
- if
type==static - ip str
- netmask str
- used only if
subnetis not specified innetworks - type str
- enum:
dhcp,static - use_
mgmt_ boolvrf - if supported on the platform. If enabled, DNS will be using this routing-instance, too
- use_
mgmt_ boolvrf_ for_ host_ out - whether to use
mgmt_junosfor host-out traffic (NTP/TACPLUS/RADIUS/SYSLOG/SNMP), if alternative source network/ip is desired - vlan_
id str
- gateway String
- if
type==static - ip String
- netmask String
- used only if
subnetis not specified innetworks - type String
- enum:
dhcp,static - use
Mgmt BooleanVrf - if supported on the platform. If enabled, DNS will be using this routing-instance, too
- use
Mgmt BooleanVrf For Host Out - whether to use
mgmt_junosfor host-out traffic (NTP/TACPLUS/RADIUS/SYSLOG/SNMP), if alternative source network/ip is desired - vlan
Id String
GatewayPathPreferences, GatewayPathPreferencesArgs
- Paths
List<Pulumi.
Juniper Mist. Device. Inputs. Gateway Path Preferences Path> - Strategy string
- enum:
ecmp,ordered,weighted
- Paths
[]Gateway
Path Preferences Path - Strategy string
- enum:
ecmp,ordered,weighted
- paths
List<Gateway
Path Preferences Path> - strategy String
- enum:
ecmp,ordered,weighted
- paths
Gateway
Path Preferences Path[] - strategy string
- enum:
ecmp,ordered,weighted
- paths
Sequence[Gateway
Path Preferences Path] - strategy str
- enum:
ecmp,ordered,weighted
- paths List<Property Map>
- strategy String
- enum:
ecmp,ordered,weighted
GatewayPathPreferencesPath, GatewayPathPreferencesPathArgs
- Cost int
- Disabled bool
- For SSR Only.
true, if this specific path is undesired - Gateway
Ip string - only if
type==local, if a different gateway is desired - Internet
Access bool - only if
type==vpn, if this vpn path can be used for internet - Name string
- required when
type==vpn: the name of the VPN Path to usetype==wan: the name of the WAN interface to use'
- Networks List<string>
- required when
type==local - Target
Ips List<string> - if
type==local, if destination IP is to be replaced - Type string
- enum:
local,tunnel,vpn,wan - Wan
Name string - optional if
type==vpn
- Cost int
- Disabled bool
- For SSR Only.
true, if this specific path is undesired - Gateway
Ip string - only if
type==local, if a different gateway is desired - Internet
Access bool - only if
type==vpn, if this vpn path can be used for internet - Name string
- required when
type==vpn: the name of the VPN Path to usetype==wan: the name of the WAN interface to use'
- Networks []string
- required when
type==local - Target
Ips []string - if
type==local, if destination IP is to be replaced - Type string
- enum:
local,tunnel,vpn,wan - Wan
Name string - optional if
type==vpn
- cost Integer
- disabled Boolean
- For SSR Only.
true, if this specific path is undesired - gateway
Ip String - only if
type==local, if a different gateway is desired - internet
Access Boolean - only if
type==vpn, if this vpn path can be used for internet - name String
- required when
type==vpn: the name of the VPN Path to usetype==wan: the name of the WAN interface to use'
- networks List<String>
- required when
type==local - target
Ips List<String> - if
type==local, if destination IP is to be replaced - type String
- enum:
local,tunnel,vpn,wan - wan
Name String - optional if
type==vpn
- cost number
- disabled boolean
- For SSR Only.
true, if this specific path is undesired - gateway
Ip string - only if
type==local, if a different gateway is desired - internet
Access boolean - only if
type==vpn, if this vpn path can be used for internet - name string
- required when
type==vpn: the name of the VPN Path to usetype==wan: the name of the WAN interface to use'
- networks string[]
- required when
type==local - target
Ips string[] - if
type==local, if destination IP is to be replaced - type string
- enum:
local,tunnel,vpn,wan - wan
Name string - optional if
type==vpn
- cost int
- disabled bool
- For SSR Only.
true, if this specific path is undesired - gateway_
ip str - only if
type==local, if a different gateway is desired - internet_
access bool - only if
type==vpn, if this vpn path can be used for internet - name str
- required when
type==vpn: the name of the VPN Path to usetype==wan: the name of the WAN interface to use'
- networks Sequence[str]
- required when
type==local - target_
ips Sequence[str] - if
type==local, if destination IP is to be replaced - type str
- enum:
local,tunnel,vpn,wan - wan_
name str - optional if
type==vpn
- cost Number
- disabled Boolean
- For SSR Only.
true, if this specific path is undesired - gateway
Ip String - only if
type==local, if a different gateway is desired - internet
Access Boolean - only if
type==vpn, if this vpn path can be used for internet - name String
- required when
type==vpn: the name of the VPN Path to usetype==wan: the name of the WAN interface to use'
- networks List<String>
- required when
type==local - target
Ips List<String> - if
type==local, if destination IP is to be replaced - type String
- enum:
local,tunnel,vpn,wan - wan
Name String - optional if
type==vpn
GatewayPortConfig, GatewayPortConfigArgs
- Usage string
- port usage name. enum:
ha_control,ha_data,lan,wan - Ae
Disable boolLacp - if
aggregated==true. To disable LCP support for the AE interface - Ae
Idx string - if
aggregated==true. Users could force to use the designated AE name (must be an integer between 0 and 127) - Ae
Lacp boolForce Up - For SRX Only, if
aggregated==true.Sets the state of the interface as UP when the peer has limited LACP capability.\n Use case: When a device connected to this AE port is ZTPing for the first time, it will not have LACP configured on the other end\n Note: Turning this on will enable force-up on one of the interfaces in the bundle only - Aggregated bool
- Critical bool
- if want to generate port up/down alarm, set it to true
- Description string
- Disable
Autoneg bool - Disabled bool
- port admin up (true) / down (false)
- Dsl
Type string - if
wan_type==dsl. enum:adsl,vdsl - Dsl
Vci int - if
wan_type==dsl16 bit int - Dsl
Vpi int - if
wan_type==dsl8 bit int - Duplex string
- enum:
auto,full,half - Ip
Config Pulumi.Juniper Mist. Device. Inputs. Gateway Port Config Ip Config - Junos IP Config
- Lte
Apn string - if
wan_type==lte - Lte
Auth string - if
wan_type==lte. enum:chap,none,pap - Lte
Backup bool - Lte
Password string - if
wan_type==lte - Lte
Username string - if
wan_type==lte - Mtu int
- Name string
- name that we'll use to derive config
- Networks List<string>
- if
usage==lan - Outer
Vlan intId - for Q-in-Q
- Poe
Disabled bool - Port
Network string - if
usage==lan - Preserve
Dscp bool - whether to preserve dscp when sending traffic over VPN (SSR-only)
- Redundant bool
- if HA mode
- Reth
Idx int - if HA mode
- Reth
Node string - if HA mode
- Reth
Nodes List<string> - SSR only - supporting vlan-based redundancy (matching the size of
networks) - Speed string
- Ssr
No boolVirtual Mac - when SSR is running as VM, this is required on certain hosting platforms
- Svr
Port stringRange - for SSR only
- Traffic
Shaping Pulumi.Juniper Mist. Device. Inputs. Gateway Port Config Traffic Shaping - Vlan
Id int - if WAN interface is on a VLAN
- Vpn
Paths Dictionary<string, Pulumi.Juniper Mist. Device. Inputs. Gateway Port Config Vpn Paths> - Property key is the VPN name
- Wan
Arp stringPolicer - when
wan_type==broadband. enum:default,max,recommended - Wan
Ext stringIp - optional, if spoke should reach this port by a different IP
- Wan
Extra Dictionary<string, Pulumi.Routes Juniper Mist. Device. Inputs. Gateway Port Config Wan Extra Routes> - Property Key is the destianation CIDR (e.g "100.100.100.0/24")
- Wan
Probe Pulumi.Override Juniper Mist. Device. Inputs. Gateway Port Config Wan Probe Override - if
usage==wan - Wan
Source Pulumi.Nat Juniper Mist. Device. Inputs. Gateway Port Config Wan Source Nat - optional, by default, source-NAT is performed on all WAN Ports using the interface-ip
- Wan
Type string - if
usage==wan. enum:broadband,dsl,lte
- Usage string
- port usage name. enum:
ha_control,ha_data,lan,wan - Ae
Disable boolLacp - if
aggregated==true. To disable LCP support for the AE interface - Ae
Idx string - if
aggregated==true. Users could force to use the designated AE name (must be an integer between 0 and 127) - Ae
Lacp boolForce Up - For SRX Only, if
aggregated==true.Sets the state of the interface as UP when the peer has limited LACP capability.\n Use case: When a device connected to this AE port is ZTPing for the first time, it will not have LACP configured on the other end\n Note: Turning this on will enable force-up on one of the interfaces in the bundle only - Aggregated bool
- Critical bool
- if want to generate port up/down alarm, set it to true
- Description string
- Disable
Autoneg bool - Disabled bool
- port admin up (true) / down (false)
- Dsl
Type string - if
wan_type==dsl. enum:adsl,vdsl - Dsl
Vci int - if
wan_type==dsl16 bit int - Dsl
Vpi int - if
wan_type==dsl8 bit int - Duplex string
- enum:
auto,full,half - Ip
Config GatewayPort Config Ip Config - Junos IP Config
- Lte
Apn string - if
wan_type==lte - Lte
Auth string - if
wan_type==lte. enum:chap,none,pap - Lte
Backup bool - Lte
Password string - if
wan_type==lte - Lte
Username string - if
wan_type==lte - Mtu int
- Name string
- name that we'll use to derive config
- Networks []string
- if
usage==lan - Outer
Vlan intId - for Q-in-Q
- Poe
Disabled bool - Port
Network string - if
usage==lan - Preserve
Dscp bool - whether to preserve dscp when sending traffic over VPN (SSR-only)
- Redundant bool
- if HA mode
- Reth
Idx int - if HA mode
- Reth
Node string - if HA mode
- Reth
Nodes []string - SSR only - supporting vlan-based redundancy (matching the size of
networks) - Speed string
- Ssr
No boolVirtual Mac - when SSR is running as VM, this is required on certain hosting platforms
- Svr
Port stringRange - for SSR only
- Traffic
Shaping GatewayPort Config Traffic Shaping - Vlan
Id int - if WAN interface is on a VLAN
- Vpn
Paths map[string]GatewayPort Config Vpn Paths - Property key is the VPN name
- Wan
Arp stringPolicer - when
wan_type==broadband. enum:default,max,recommended - Wan
Ext stringIp - optional, if spoke should reach this port by a different IP
- Wan
Extra map[string]GatewayRoutes Port Config Wan Extra Routes - Property Key is the destianation CIDR (e.g "100.100.100.0/24")
- Wan
Probe GatewayOverride Port Config Wan Probe Override - if
usage==wan - Wan
Source GatewayNat Port Config Wan Source Nat - optional, by default, source-NAT is performed on all WAN Ports using the interface-ip
- Wan
Type string - if
usage==wan. enum:broadband,dsl,lte
- usage String
- port usage name. enum:
ha_control,ha_data,lan,wan - ae
Disable BooleanLacp - if
aggregated==true. To disable LCP support for the AE interface - ae
Idx String - if
aggregated==true. Users could force to use the designated AE name (must be an integer between 0 and 127) - ae
Lacp BooleanForce Up - For SRX Only, if
aggregated==true.Sets the state of the interface as UP when the peer has limited LACP capability.\n Use case: When a device connected to this AE port is ZTPing for the first time, it will not have LACP configured on the other end\n Note: Turning this on will enable force-up on one of the interfaces in the bundle only - aggregated Boolean
- critical Boolean
- if want to generate port up/down alarm, set it to true
- description String
- disable
Autoneg Boolean - disabled Boolean
- port admin up (true) / down (false)
- dsl
Type String - if
wan_type==dsl. enum:adsl,vdsl - dsl
Vci Integer - if
wan_type==dsl16 bit int - dsl
Vpi Integer - if
wan_type==dsl8 bit int - duplex String
- enum:
auto,full,half - ip
Config GatewayPort Config Ip Config - Junos IP Config
- lte
Apn String - if
wan_type==lte - lte
Auth String - if
wan_type==lte. enum:chap,none,pap - lte
Backup Boolean - lte
Password String - if
wan_type==lte - lte
Username String - if
wan_type==lte - mtu Integer
- name String
- name that we'll use to derive config
- networks List<String>
- if
usage==lan - outer
Vlan IntegerId - for Q-in-Q
- poe
Disabled Boolean - port
Network String - if
usage==lan - preserve
Dscp Boolean - whether to preserve dscp when sending traffic over VPN (SSR-only)
- redundant Boolean
- if HA mode
- reth
Idx Integer - if HA mode
- reth
Node String - if HA mode
- reth
Nodes List<String> - SSR only - supporting vlan-based redundancy (matching the size of
networks) - speed String
- ssr
No BooleanVirtual Mac - when SSR is running as VM, this is required on certain hosting platforms
- svr
Port StringRange - for SSR only
- traffic
Shaping GatewayPort Config Traffic Shaping - vlan
Id Integer - if WAN interface is on a VLAN
- vpn
Paths Map<String,GatewayPort Config Vpn Paths> - Property key is the VPN name
- wan
Arp StringPolicer - when
wan_type==broadband. enum:default,max,recommended - wan
Ext StringIp - optional, if spoke should reach this port by a different IP
- wan
Extra Map<String,GatewayRoutes Port Config Wan Extra Routes> - Property Key is the destianation CIDR (e.g "100.100.100.0/24")
- wan
Probe GatewayOverride Port Config Wan Probe Override - if
usage==wan - wan
Source GatewayNat Port Config Wan Source Nat - optional, by default, source-NAT is performed on all WAN Ports using the interface-ip
- wan
Type String - if
usage==wan. enum:broadband,dsl,lte
- usage string
- port usage name. enum:
ha_control,ha_data,lan,wan - ae
Disable booleanLacp - if
aggregated==true. To disable LCP support for the AE interface - ae
Idx string - if
aggregated==true. Users could force to use the designated AE name (must be an integer between 0 and 127) - ae
Lacp booleanForce Up - For SRX Only, if
aggregated==true.Sets the state of the interface as UP when the peer has limited LACP capability.\n Use case: When a device connected to this AE port is ZTPing for the first time, it will not have LACP configured on the other end\n Note: Turning this on will enable force-up on one of the interfaces in the bundle only - aggregated boolean
- critical boolean
- if want to generate port up/down alarm, set it to true
- description string
- disable
Autoneg boolean - disabled boolean
- port admin up (true) / down (false)
- dsl
Type string - if
wan_type==dsl. enum:adsl,vdsl - dsl
Vci number - if
wan_type==dsl16 bit int - dsl
Vpi number - if
wan_type==dsl8 bit int - duplex string
- enum:
auto,full,half - ip
Config GatewayPort Config Ip Config - Junos IP Config
- lte
Apn string - if
wan_type==lte - lte
Auth string - if
wan_type==lte. enum:chap,none,pap - lte
Backup boolean - lte
Password string - if
wan_type==lte - lte
Username string - if
wan_type==lte - mtu number
- name string
- name that we'll use to derive config
- networks string[]
- if
usage==lan - outer
Vlan numberId - for Q-in-Q
- poe
Disabled boolean - port
Network string - if
usage==lan - preserve
Dscp boolean - whether to preserve dscp when sending traffic over VPN (SSR-only)
- redundant boolean
- if HA mode
- reth
Idx number - if HA mode
- reth
Node string - if HA mode
- reth
Nodes string[] - SSR only - supporting vlan-based redundancy (matching the size of
networks) - speed string
- ssr
No booleanVirtual Mac - when SSR is running as VM, this is required on certain hosting platforms
- svr
Port stringRange - for SSR only
- traffic
Shaping GatewayPort Config Traffic Shaping - vlan
Id number - if WAN interface is on a VLAN
- vpn
Paths {[key: string]: GatewayPort Config Vpn Paths} - Property key is the VPN name
- wan
Arp stringPolicer - when
wan_type==broadband. enum:default,max,recommended - wan
Ext stringIp - optional, if spoke should reach this port by a different IP
- wan
Extra {[key: string]: GatewayRoutes Port Config Wan Extra Routes} - Property Key is the destianation CIDR (e.g "100.100.100.0/24")
- wan
Probe GatewayOverride Port Config Wan Probe Override - if
usage==wan - wan
Source GatewayNat Port Config Wan Source Nat - optional, by default, source-NAT is performed on all WAN Ports using the interface-ip
- wan
Type string - if
usage==wan. enum:broadband,dsl,lte
- usage str
- port usage name. enum:
ha_control,ha_data,lan,wan - ae_
disable_ boollacp - if
aggregated==true. To disable LCP support for the AE interface - ae_
idx str - if
aggregated==true. Users could force to use the designated AE name (must be an integer between 0 and 127) - ae_
lacp_ boolforce_ up - For SRX Only, if
aggregated==true.Sets the state of the interface as UP when the peer has limited LACP capability.\n Use case: When a device connected to this AE port is ZTPing for the first time, it will not have LACP configured on the other end\n Note: Turning this on will enable force-up on one of the interfaces in the bundle only - aggregated bool
- critical bool
- if want to generate port up/down alarm, set it to true
- description str
- disable_
autoneg bool - disabled bool
- port admin up (true) / down (false)
- dsl_
type str - if
wan_type==dsl. enum:adsl,vdsl - dsl_
vci int - if
wan_type==dsl16 bit int - dsl_
vpi int - if
wan_type==dsl8 bit int - duplex str
- enum:
auto,full,half - ip_
config GatewayPort Config Ip Config - Junos IP Config
- lte_
apn str - if
wan_type==lte - lte_
auth str - if
wan_type==lte. enum:chap,none,pap - lte_
backup bool - lte_
password str - if
wan_type==lte - lte_
username str - if
wan_type==lte - mtu int
- name str
- name that we'll use to derive config
- networks Sequence[str]
- if
usage==lan - outer_
vlan_ intid - for Q-in-Q
- poe_
disabled bool - port_
network str - if
usage==lan - preserve_
dscp bool - whether to preserve dscp when sending traffic over VPN (SSR-only)
- redundant bool
- if HA mode
- reth_
idx int - if HA mode
- reth_
node str - if HA mode
- reth_
nodes Sequence[str] - SSR only - supporting vlan-based redundancy (matching the size of
networks) - speed str
- ssr_
no_ boolvirtual_ mac - when SSR is running as VM, this is required on certain hosting platforms
- svr_
port_ strrange - for SSR only
- traffic_
shaping GatewayPort Config Traffic Shaping - vlan_
id int - if WAN interface is on a VLAN
- vpn_
paths Mapping[str, GatewayPort Config Vpn Paths] - Property key is the VPN name
- wan_
arp_ strpolicer - when
wan_type==broadband. enum:default,max,recommended - wan_
ext_ strip - optional, if spoke should reach this port by a different IP
- wan_
extra_ Mapping[str, Gatewayroutes Port Config Wan Extra Routes] - Property Key is the destianation CIDR (e.g "100.100.100.0/24")
- wan_
probe_ Gatewayoverride Port Config Wan Probe Override - if
usage==wan - wan_
source_ Gatewaynat Port Config Wan Source Nat - optional, by default, source-NAT is performed on all WAN Ports using the interface-ip
- wan_
type str - if
usage==wan. enum:broadband,dsl,lte
- usage String
- port usage name. enum:
ha_control,ha_data,lan,wan - ae
Disable BooleanLacp - if
aggregated==true. To disable LCP support for the AE interface - ae
Idx String - if
aggregated==true. Users could force to use the designated AE name (must be an integer between 0 and 127) - ae
Lacp BooleanForce Up - For SRX Only, if
aggregated==true.Sets the state of the interface as UP when the peer has limited LACP capability.\n Use case: When a device connected to this AE port is ZTPing for the first time, it will not have LACP configured on the other end\n Note: Turning this on will enable force-up on one of the interfaces in the bundle only - aggregated Boolean
- critical Boolean
- if want to generate port up/down alarm, set it to true
- description String
- disable
Autoneg Boolean - disabled Boolean
- port admin up (true) / down (false)
- dsl
Type String - if
wan_type==dsl. enum:adsl,vdsl - dsl
Vci Number - if
wan_type==dsl16 bit int - dsl
Vpi Number - if
wan_type==dsl8 bit int - duplex String
- enum:
auto,full,half - ip
Config Property Map - Junos IP Config
- lte
Apn String - if
wan_type==lte - lte
Auth String - if
wan_type==lte. enum:chap,none,pap - lte
Backup Boolean - lte
Password String - if
wan_type==lte - lte
Username String - if
wan_type==lte - mtu Number
- name String
- name that we'll use to derive config
- networks List<String>
- if
usage==lan - outer
Vlan NumberId - for Q-in-Q
- poe
Disabled Boolean - port
Network String - if
usage==lan - preserve
Dscp Boolean - whether to preserve dscp when sending traffic over VPN (SSR-only)
- redundant Boolean
- if HA mode
- reth
Idx Number - if HA mode
- reth
Node String - if HA mode
- reth
Nodes List<String> - SSR only - supporting vlan-based redundancy (matching the size of
networks) - speed String
- ssr
No BooleanVirtual Mac - when SSR is running as VM, this is required on certain hosting platforms
- svr
Port StringRange - for SSR only
- traffic
Shaping Property Map - vlan
Id Number - if WAN interface is on a VLAN
- vpn
Paths Map<Property Map> - Property key is the VPN name
- wan
Arp StringPolicer - when
wan_type==broadband. enum:default,max,recommended - wan
Ext StringIp - optional, if spoke should reach this port by a different IP
- wan
Extra Map<Property Map>Routes - Property Key is the destianation CIDR (e.g "100.100.100.0/24")
- wan
Probe Property MapOverride - if
usage==wan - wan
Source Property MapNat - optional, by default, source-NAT is performed on all WAN Ports using the interface-ip
- wan
Type String - if
usage==wan. enum:broadband,dsl,lte
GatewayPortConfigIpConfig, GatewayPortConfigIpConfigArgs
- Dns List<string>
- except for out-of_band interface (vme/em0/fxp0)
- Dns
Suffixes List<string> - except for out-of_band interface (vme/em0/fxp0)
- Gateway string
- except for out-of_band interface (vme/em0/fxp0)
- Ip string
- Netmask string
- used only if
subnetis not specified innetworks - Network string
- optional, the network to be used for mgmt
- Poser
Password string - if
type==pppoe - Pppoe
Auth string - if
type==pppoe. enum:chap,none,pap - Pppoe
Username string - if
type==pppoe - Type string
- enum:
dhcp,pppoe,static
- Dns []string
- except for out-of_band interface (vme/em0/fxp0)
- Dns
Suffixes []string - except for out-of_band interface (vme/em0/fxp0)
- Gateway string
- except for out-of_band interface (vme/em0/fxp0)
- Ip string
- Netmask string
- used only if
subnetis not specified innetworks - Network string
- optional, the network to be used for mgmt
- Poser
Password string - if
type==pppoe - Pppoe
Auth string - if
type==pppoe. enum:chap,none,pap - Pppoe
Username string - if
type==pppoe - Type string
- enum:
dhcp,pppoe,static
- dns List<String>
- except for out-of_band interface (vme/em0/fxp0)
- dns
Suffixes List<String> - except for out-of_band interface (vme/em0/fxp0)
- gateway String
- except for out-of_band interface (vme/em0/fxp0)
- ip String
- netmask String
- used only if
subnetis not specified innetworks - network String
- optional, the network to be used for mgmt
- poser
Password String - if
type==pppoe - pppoe
Auth String - if
type==pppoe. enum:chap,none,pap - pppoe
Username String - if
type==pppoe - type String
- enum:
dhcp,pppoe,static
- dns string[]
- except for out-of_band interface (vme/em0/fxp0)
- dns
Suffixes string[] - except for out-of_band interface (vme/em0/fxp0)
- gateway string
- except for out-of_band interface (vme/em0/fxp0)
- ip string
- netmask string
- used only if
subnetis not specified innetworks - network string
- optional, the network to be used for mgmt
- poser
Password string - if
type==pppoe - pppoe
Auth string - if
type==pppoe. enum:chap,none,pap - pppoe
Username string - if
type==pppoe - type string
- enum:
dhcp,pppoe,static
- dns Sequence[str]
- except for out-of_band interface (vme/em0/fxp0)
- dns_
suffixes Sequence[str] - except for out-of_band interface (vme/em0/fxp0)
- gateway str
- except for out-of_band interface (vme/em0/fxp0)
- ip str
- netmask str
- used only if
subnetis not specified innetworks - network str
- optional, the network to be used for mgmt
- poser_
password str - if
type==pppoe - pppoe_
auth str - if
type==pppoe. enum:chap,none,pap - pppoe_
username str - if
type==pppoe - type str
- enum:
dhcp,pppoe,static
- dns List<String>
- except for out-of_band interface (vme/em0/fxp0)
- dns
Suffixes List<String> - except for out-of_band interface (vme/em0/fxp0)
- gateway String
- except for out-of_band interface (vme/em0/fxp0)
- ip String
- netmask String
- used only if
subnetis not specified innetworks - network String
- optional, the network to be used for mgmt
- poser
Password String - if
type==pppoe - pppoe
Auth String - if
type==pppoe. enum:chap,none,pap - pppoe
Username String - if
type==pppoe - type String
- enum:
dhcp,pppoe,static
GatewayPortConfigTrafficShaping, GatewayPortConfigTrafficShapingArgs
- Class
Percentages List<int> - percentages for differet class of traffic: high / medium / low / best-effort sum must be equal to 100
- Enabled bool
- Class
Percentages []int - percentages for differet class of traffic: high / medium / low / best-effort sum must be equal to 100
- Enabled bool
- class
Percentages List<Integer> - percentages for differet class of traffic: high / medium / low / best-effort sum must be equal to 100
- enabled Boolean
- class
Percentages number[] - percentages for differet class of traffic: high / medium / low / best-effort sum must be equal to 100
- enabled boolean
- class_
percentages Sequence[int] - percentages for differet class of traffic: high / medium / low / best-effort sum must be equal to 100
- enabled bool
- class
Percentages List<Number> - percentages for differet class of traffic: high / medium / low / best-effort sum must be equal to 100
- enabled Boolean
GatewayPortConfigVpnPaths, GatewayPortConfigVpnPathsArgs
- Bfd
Profile string - Only if the VPN
type==hub_spoke. enum:broadband,lte - Bfd
Use boolTunnel Mode - Only if the VPN
type==hub_spoke. Whether to use tunnel mode. SSR only - Link
Name string - Only if the VPN
type==mesh - Preference int
- Only if the VPN
type==hub_spoke. For a given VPN, whenpath_selection.strategy==simple, the preference for a path (lower is preferred) - Role string
- Only if the VPN
type==hub_spoke. enum:hub,spoke - Traffic
Shaping Pulumi.Juniper Mist. Device. Inputs. Gateway Port Config Vpn Paths Traffic Shaping
- Bfd
Profile string - Only if the VPN
type==hub_spoke. enum:broadband,lte - Bfd
Use boolTunnel Mode - Only if the VPN
type==hub_spoke. Whether to use tunnel mode. SSR only - Link
Name string - Only if the VPN
type==mesh - Preference int
- Only if the VPN
type==hub_spoke. For a given VPN, whenpath_selection.strategy==simple, the preference for a path (lower is preferred) - Role string
- Only if the VPN
type==hub_spoke. enum:hub,spoke - Traffic
Shaping GatewayPort Config Vpn Paths Traffic Shaping
- bfd
Profile String - Only if the VPN
type==hub_spoke. enum:broadband,lte - bfd
Use BooleanTunnel Mode - Only if the VPN
type==hub_spoke. Whether to use tunnel mode. SSR only - link
Name String - Only if the VPN
type==mesh - preference Integer
- Only if the VPN
type==hub_spoke. For a given VPN, whenpath_selection.strategy==simple, the preference for a path (lower is preferred) - role String
- Only if the VPN
type==hub_spoke. enum:hub,spoke - traffic
Shaping GatewayPort Config Vpn Paths Traffic Shaping
- bfd
Profile string - Only if the VPN
type==hub_spoke. enum:broadband,lte - bfd
Use booleanTunnel Mode - Only if the VPN
type==hub_spoke. Whether to use tunnel mode. SSR only - link
Name string - Only if the VPN
type==mesh - preference number
- Only if the VPN
type==hub_spoke. For a given VPN, whenpath_selection.strategy==simple, the preference for a path (lower is preferred) - role string
- Only if the VPN
type==hub_spoke. enum:hub,spoke - traffic
Shaping GatewayPort Config Vpn Paths Traffic Shaping
- bfd_
profile str - Only if the VPN
type==hub_spoke. enum:broadband,lte - bfd_
use_ booltunnel_ mode - Only if the VPN
type==hub_spoke. Whether to use tunnel mode. SSR only - link_
name str - Only if the VPN
type==mesh - preference int
- Only if the VPN
type==hub_spoke. For a given VPN, whenpath_selection.strategy==simple, the preference for a path (lower is preferred) - role str
- Only if the VPN
type==hub_spoke. enum:hub,spoke - traffic_
shaping GatewayPort Config Vpn Paths Traffic Shaping
- bfd
Profile String - Only if the VPN
type==hub_spoke. enum:broadband,lte - bfd
Use BooleanTunnel Mode - Only if the VPN
type==hub_spoke. Whether to use tunnel mode. SSR only - link
Name String - Only if the VPN
type==mesh - preference Number
- Only if the VPN
type==hub_spoke. For a given VPN, whenpath_selection.strategy==simple, the preference for a path (lower is preferred) - role String
- Only if the VPN
type==hub_spoke. enum:hub,spoke - traffic
Shaping Property Map
GatewayPortConfigVpnPathsTrafficShaping, GatewayPortConfigVpnPathsTrafficShapingArgs
- Class
Percentages List<int> - percentages for differet class of traffic: high / medium / low / best-effort sum must be equal to 100
- Enabled bool
- Class
Percentages []int - percentages for differet class of traffic: high / medium / low / best-effort sum must be equal to 100
- Enabled bool
- class
Percentages List<Integer> - percentages for differet class of traffic: high / medium / low / best-effort sum must be equal to 100
- enabled Boolean
- class
Percentages number[] - percentages for differet class of traffic: high / medium / low / best-effort sum must be equal to 100
- enabled boolean
- class_
percentages Sequence[int] - percentages for differet class of traffic: high / medium / low / best-effort sum must be equal to 100
- enabled bool
- class
Percentages List<Number> - percentages for differet class of traffic: high / medium / low / best-effort sum must be equal to 100
- enabled Boolean
GatewayPortConfigWanExtraRoutes, GatewayPortConfigWanExtraRoutesArgs
- Via string
- Via string
- via String
- via string
- via str
- via String
GatewayPortConfigWanProbeOverride, GatewayPortConfigWanProbeOverrideArgs
- Ips List<string>
- Probe
Profile string - enum:
broadband,lte
- Ips []string
- Probe
Profile string - enum:
broadband,lte
- ips List<String>
- probe
Profile String - enum:
broadband,lte
- ips string[]
- probe
Profile string - enum:
broadband,lte
- ips Sequence[str]
- probe_
profile str - enum:
broadband,lte
- ips List<String>
- probe
Profile String - enum:
broadband,lte
GatewayPortConfigWanSourceNat, GatewayPortConfigWanSourceNatArgs
GatewayPortMirroring, GatewayPortMirroringArgs
GatewayPortMirroringPortMirror, GatewayPortMirroringPortMirrorArgs
- Family
Type string - Ingress
Port List<string>Ids - Output
Port stringId - Rate int
- Run
Length int
- Family
Type string - Ingress
Port []stringIds - Output
Port stringId - Rate int
- Run
Length int
- family
Type String - ingress
Port List<String>Ids - output
Port StringId - rate Integer
- run
Length Integer
- family
Type string - ingress
Port string[]Ids - output
Port stringId - rate number
- run
Length number
- family_
type str - ingress_
port_ Sequence[str]ids - output_
port_ strid - rate int
- run_
length int
- family
Type String - ingress
Port List<String>Ids - output
Port StringId - rate Number
- run
Length Number
GatewayRoutingPolicies, GatewayRoutingPoliciesArgs
- Terms
List<Pulumi.
Juniper Mist. Device. Inputs. Gateway Routing Policies Term> - zero or more criteria/filter can be specified to match the term, all criteria have to be met
- Terms
[]Gateway
Routing Policies Term - zero or more criteria/filter can be specified to match the term, all criteria have to be met
- terms
List<Gateway
Routing Policies Term> - zero or more criteria/filter can be specified to match the term, all criteria have to be met
- terms
Gateway
Routing Policies Term[] - zero or more criteria/filter can be specified to match the term, all criteria have to be met
- terms
Sequence[Gateway
Routing Policies Term] - zero or more criteria/filter can be specified to match the term, all criteria have to be met
- terms List<Property Map>
- zero or more criteria/filter can be specified to match the term, all criteria have to be met
GatewayRoutingPoliciesTerm, GatewayRoutingPoliciesTermArgs
- Action
Pulumi.
Juniper Mist. Device. Inputs. Gateway Routing Policies Term Action - when used as import policy
- Matching
Pulumi.
Juniper Mist. Device. Inputs. Gateway Routing Policies Term Matching - zero or more criteria/filter can be specified to match the term, all criteria have to be met
- Action
Gateway
Routing Policies Term Action - when used as import policy
- Matching
Gateway
Routing Policies Term Matching - zero or more criteria/filter can be specified to match the term, all criteria have to be met
- action
Gateway
Routing Policies Term Action - when used as import policy
- matching
Gateway
Routing Policies Term Matching - zero or more criteria/filter can be specified to match the term, all criteria have to be met
- action
Gateway
Routing Policies Term Action - when used as import policy
- matching
Gateway
Routing Policies Term Matching - zero or more criteria/filter can be specified to match the term, all criteria have to be met
- action
Gateway
Routing Policies Term Action - when used as import policy
- matching
Gateway
Routing Policies Term Matching - zero or more criteria/filter can be specified to match the term, all criteria have to be met
- action Property Map
- when used as import policy
- matching Property Map
- zero or more criteria/filter can be specified to match the term, all criteria have to be met
GatewayRoutingPoliciesTermAction, GatewayRoutingPoliciesTermActionArgs
- Accept bool
- Add
Communities List<string> - Add
Target List<string>Vrfs - for SSR, hub decides how VRF routes are leaked on spoke
- Communities List<string>
- when used as export policy, optional
- Exclude
As List<string>Paths - when used as export policy, optional. To exclude certain AS
- Exclude
Communities List<string> - Export
Communitites List<string> - when used as export policy, optional
- Local
Preference string - optional, for an import policy, local_preference can be changed
- Prepend
As List<string>Paths - when used as export policy, optional. By default, the local AS will be prepended, to change it
- Accept bool
- Add
Communities []string - Add
Target []stringVrfs - for SSR, hub decides how VRF routes are leaked on spoke
- Communities []string
- when used as export policy, optional
- Exclude
As []stringPaths - when used as export policy, optional. To exclude certain AS
- Exclude
Communities []string - Export
Communitites []string - when used as export policy, optional
- Local
Preference string - optional, for an import policy, local_preference can be changed
- Prepend
As []stringPaths - when used as export policy, optional. By default, the local AS will be prepended, to change it
- accept Boolean
- add
Communities List<String> - add
Target List<String>Vrfs - for SSR, hub decides how VRF routes are leaked on spoke
- communities List<String>
- when used as export policy, optional
- exclude
As List<String>Paths - when used as export policy, optional. To exclude certain AS
- exclude
Communities List<String> - export
Communitites List<String> - when used as export policy, optional
- local
Preference String - optional, for an import policy, local_preference can be changed
- prepend
As List<String>Paths - when used as export policy, optional. By default, the local AS will be prepended, to change it
- accept boolean
- add
Communities string[] - add
Target string[]Vrfs - for SSR, hub decides how VRF routes are leaked on spoke
- communities string[]
- when used as export policy, optional
- exclude
As string[]Paths - when used as export policy, optional. To exclude certain AS
- exclude
Communities string[] - export
Communitites string[] - when used as export policy, optional
- local
Preference string - optional, for an import policy, local_preference can be changed
- prepend
As string[]Paths - when used as export policy, optional. By default, the local AS will be prepended, to change it
- accept bool
- add_
communities Sequence[str] - add_
target_ Sequence[str]vrfs - for SSR, hub decides how VRF routes are leaked on spoke
- communities Sequence[str]
- when used as export policy, optional
- exclude_
as_ Sequence[str]paths - when used as export policy, optional. To exclude certain AS
- exclude_
communities Sequence[str] - export_
communitites Sequence[str] - when used as export policy, optional
- local_
preference str - optional, for an import policy, local_preference can be changed
- prepend_
as_ Sequence[str]paths - when used as export policy, optional. By default, the local AS will be prepended, to change it
- accept Boolean
- add
Communities List<String> - add
Target List<String>Vrfs - for SSR, hub decides how VRF routes are leaked on spoke
- communities List<String>
- when used as export policy, optional
- exclude
As List<String>Paths - when used as export policy, optional. To exclude certain AS
- exclude
Communities List<String> - export
Communitites List<String> - when used as export policy, optional
- local
Preference String - optional, for an import policy, local_preference can be changed
- prepend
As List<String>Paths - when used as export policy, optional. By default, the local AS will be prepended, to change it
GatewayRoutingPoliciesTermMatching, GatewayRoutingPoliciesTermMatchingArgs
- As
Paths List<string> - takes regular expression
- Communities List<string>
- Networks List<string>
- Prefixes List<string>
- zero or more criteria/filter can be specified to match the term, all criteria have to be met
- Protocols List<string>
direct,bgp,osp, ...- Route
Exists Pulumi.Juniper Mist. Device. Inputs. Gateway Routing Policies Term Matching Route Exists - Vpn
Neighbor List<string>Macs - overlay-facing criteria (used for bgp_config where via=vpn)
- Vpn
Path Pulumi.Sla Juniper Mist. Device. Inputs. Gateway Routing Policies Term Matching Vpn Path Sla - Vpn
Paths List<string> - overlay-facing criteria (used for bgp_config where via=vpn) ordered-
- As
Paths []string - takes regular expression
- Communities []string
- Networks []string
- Prefixes []string
- zero or more criteria/filter can be specified to match the term, all criteria have to be met
- Protocols []string
direct,bgp,osp, ...- Route
Exists GatewayRouting Policies Term Matching Route Exists - Vpn
Neighbor []stringMacs - overlay-facing criteria (used for bgp_config where via=vpn)
- Vpn
Path GatewaySla Routing Policies Term Matching Vpn Path Sla - Vpn
Paths []string - overlay-facing criteria (used for bgp_config where via=vpn) ordered-
- as
Paths List<String> - takes regular expression
- communities List<String>
- networks List<String>
- prefixes List<String>
- zero or more criteria/filter can be specified to match the term, all criteria have to be met
- protocols List<String>
direct,bgp,osp, ...- route
Exists GatewayRouting Policies Term Matching Route Exists - vpn
Neighbor List<String>Macs - overlay-facing criteria (used for bgp_config where via=vpn)
- vpn
Path GatewaySla Routing Policies Term Matching Vpn Path Sla - vpn
Paths List<String> - overlay-facing criteria (used for bgp_config where via=vpn) ordered-
- as
Paths string[] - takes regular expression
- communities string[]
- networks string[]
- prefixes string[]
- zero or more criteria/filter can be specified to match the term, all criteria have to be met
- protocols string[]
direct,bgp,osp, ...- route
Exists GatewayRouting Policies Term Matching Route Exists - vpn
Neighbor string[]Macs - overlay-facing criteria (used for bgp_config where via=vpn)
- vpn
Path GatewaySla Routing Policies Term Matching Vpn Path Sla - vpn
Paths string[] - overlay-facing criteria (used for bgp_config where via=vpn) ordered-
- as_
paths Sequence[str] - takes regular expression
- communities Sequence[str]
- networks Sequence[str]
- prefixes Sequence[str]
- zero or more criteria/filter can be specified to match the term, all criteria have to be met
- protocols Sequence[str]
direct,bgp,osp, ...- route_
exists GatewayRouting Policies Term Matching Route Exists - vpn_
neighbor_ Sequence[str]macs - overlay-facing criteria (used for bgp_config where via=vpn)
- vpn_
path_ Gatewaysla Routing Policies Term Matching Vpn Path Sla - vpn_
paths Sequence[str] - overlay-facing criteria (used for bgp_config where via=vpn) ordered-
- as
Paths List<String> - takes regular expression
- communities List<String>
- networks List<String>
- prefixes List<String>
- zero or more criteria/filter can be specified to match the term, all criteria have to be met
- protocols List<String>
direct,bgp,osp, ...- route
Exists Property Map - vpn
Neighbor List<String>Macs - overlay-facing criteria (used for bgp_config where via=vpn)
- vpn
Path Property MapSla - vpn
Paths List<String> - overlay-facing criteria (used for bgp_config where via=vpn) ordered-
GatewayRoutingPoliciesTermMatchingRouteExists, GatewayRoutingPoliciesTermMatchingRouteExistsArgs
GatewayRoutingPoliciesTermMatchingVpnPathSla, GatewayRoutingPoliciesTermMatchingVpnPathSlaArgs
- Max
Jitter int - Max
Latency int - Max
Loss int
- Max
Jitter int - Max
Latency int - Max
Loss int
- max
Jitter Integer - max
Latency Integer - max
Loss Integer
- max
Jitter number - max
Latency number - max
Loss number
- max_
jitter int - max_
latency int - max_
loss int
- max
Jitter Number - max
Latency Number - max
Loss Number
GatewayServicePolicy, GatewayServicePolicyArgs
- Action string
- Required when
servicepolicy_idis not defined, optional otherwise (override the servicepolicy action). enum:allow,deny - Appqoe
Pulumi.
Juniper Mist. Device. Inputs. Gateway Service Policy Appqoe - For SRX Only
- Ewfs
List<Pulumi.
Juniper Mist. Device. Inputs. Gateway Service Policy Ewf> - Idp
Pulumi.
Juniper Mist. Device. Inputs. Gateway Service Policy Idp - Local
Routing bool - access within the same VRF
- Name string
- Required when
servicepolicy_idis not defined, optional otherwise (override the servicepolicy name) - Path
Preference string - by default, we derive all paths available and use them
optionally, you can customize by using
path_preference - Servicepolicy
Id string - used to link servicepolicy defined at org level and overwrite some attributes
- Services List<string>
- Required when
servicepolicy_idis not defined. List of Applications / Desctinations - Tenants List<string>
- Required when
servicepolicy_idis not defined. List of Networks / Users
- Action string
- Required when
servicepolicy_idis not defined, optional otherwise (override the servicepolicy action). enum:allow,deny - Appqoe
Gateway
Service Policy Appqoe - For SRX Only
- Ewfs
[]Gateway
Service Policy Ewf - Idp
Gateway
Service Policy Idp - Local
Routing bool - access within the same VRF
- Name string
- Required when
servicepolicy_idis not defined, optional otherwise (override the servicepolicy name) - Path
Preference string - by default, we derive all paths available and use them
optionally, you can customize by using
path_preference - Servicepolicy
Id string - used to link servicepolicy defined at org level and overwrite some attributes
- Services []string
- Required when
servicepolicy_idis not defined. List of Applications / Desctinations - Tenants []string
- Required when
servicepolicy_idis not defined. List of Networks / Users
- action String
- Required when
servicepolicy_idis not defined, optional otherwise (override the servicepolicy action). enum:allow,deny - appqoe
Gateway
Service Policy Appqoe - For SRX Only
- ewfs
List<Gateway
Service Policy Ewf> - idp
Gateway
Service Policy Idp - local
Routing Boolean - access within the same VRF
- name String
- Required when
servicepolicy_idis not defined, optional otherwise (override the servicepolicy name) - path
Preference String - by default, we derive all paths available and use them
optionally, you can customize by using
path_preference - servicepolicy
Id String - used to link servicepolicy defined at org level and overwrite some attributes
- services List<String>
- Required when
servicepolicy_idis not defined. List of Applications / Desctinations - tenants List<String>
- Required when
servicepolicy_idis not defined. List of Networks / Users
- action string
- Required when
servicepolicy_idis not defined, optional otherwise (override the servicepolicy action). enum:allow,deny - appqoe
Gateway
Service Policy Appqoe - For SRX Only
- ewfs
Gateway
Service Policy Ewf[] - idp
Gateway
Service Policy Idp - local
Routing boolean - access within the same VRF
- name string
- Required when
servicepolicy_idis not defined, optional otherwise (override the servicepolicy name) - path
Preference string - by default, we derive all paths available and use them
optionally, you can customize by using
path_preference - servicepolicy
Id string - used to link servicepolicy defined at org level and overwrite some attributes
- services string[]
- Required when
servicepolicy_idis not defined. List of Applications / Desctinations - tenants string[]
- Required when
servicepolicy_idis not defined. List of Networks / Users
- action str
- Required when
servicepolicy_idis not defined, optional otherwise (override the servicepolicy action). enum:allow,deny - appqoe
Gateway
Service Policy Appqoe - For SRX Only
- ewfs
Sequence[Gateway
Service Policy Ewf] - idp
Gateway
Service Policy Idp - local_
routing bool - access within the same VRF
- name str
- Required when
servicepolicy_idis not defined, optional otherwise (override the servicepolicy name) - path_
preference str - by default, we derive all paths available and use them
optionally, you can customize by using
path_preference - servicepolicy_
id str - used to link servicepolicy defined at org level and overwrite some attributes
- services Sequence[str]
- Required when
servicepolicy_idis not defined. List of Applications / Desctinations - tenants Sequence[str]
- Required when
servicepolicy_idis not defined. List of Networks / Users
- action String
- Required when
servicepolicy_idis not defined, optional otherwise (override the servicepolicy action). enum:allow,deny - appqoe Property Map
- For SRX Only
- ewfs List<Property Map>
- idp Property Map
- local
Routing Boolean - access within the same VRF
- name String
- Required when
servicepolicy_idis not defined, optional otherwise (override the servicepolicy name) - path
Preference String - by default, we derive all paths available and use them
optionally, you can customize by using
path_preference - servicepolicy
Id String - used to link servicepolicy defined at org level and overwrite some attributes
- services List<String>
- Required when
servicepolicy_idis not defined. List of Applications / Desctinations - tenants List<String>
- Required when
servicepolicy_idis not defined. List of Networks / Users
GatewayServicePolicyAppqoe, GatewayServicePolicyAppqoeArgs
- Enabled bool
- Enabled bool
- enabled Boolean
- enabled boolean
- enabled bool
- enabled Boolean
GatewayServicePolicyEwf, GatewayServicePolicyEwfArgs
- Alert
Only bool - Block
Message string - Enabled bool
- Profile string
- enum:
critical,standard,strict
- Alert
Only bool - Block
Message string - Enabled bool
- Profile string
- enum:
critical,standard,strict
- alert
Only Boolean - block
Message String - enabled Boolean
- profile String
- enum:
critical,standard,strict
- alert
Only boolean - block
Message string - enabled boolean
- profile string
- enum:
critical,standard,strict
- alert_
only bool - block_
message str - enabled bool
- profile str
- enum:
critical,standard,strict
- alert
Only Boolean - block
Message String - enabled Boolean
- profile String
- enum:
critical,standard,strict
GatewayServicePolicyIdp, GatewayServicePolicyIdpArgs
- Alert
Only bool - Enabled bool
- Idpprofile
Id string - org_level IDP Profile can be used, this takes precedence over
profile - Profile string
strict(default) /standard/ or keys from from idp_profiles
- Alert
Only bool - Enabled bool
- Idpprofile
Id string - org_level IDP Profile can be used, this takes precedence over
profile - Profile string
strict(default) /standard/ or keys from from idp_profiles
- alert
Only Boolean - enabled Boolean
- idpprofile
Id String - org_level IDP Profile can be used, this takes precedence over
profile - profile String
strict(default) /standard/ or keys from from idp_profiles
- alert
Only boolean - enabled boolean
- idpprofile
Id string - org_level IDP Profile can be used, this takes precedence over
profile - profile string
strict(default) /standard/ or keys from from idp_profiles
- alert_
only bool - enabled bool
- idpprofile_
id str - org_level IDP Profile can be used, this takes precedence over
profile - profile str
strict(default) /standard/ or keys from from idp_profiles
- alert
Only Boolean - enabled Boolean
- idpprofile
Id String - org_level IDP Profile can be used, this takes precedence over
profile - profile String
strict(default) /standard/ or keys from from idp_profiles
GatewayTunnelConfigs, GatewayTunnelConfigsArgs
- Auto
Provision Pulumi.Juniper Mist. Device. Inputs. Gateway Tunnel Configs Auto Provision - Ike
Lifetime int - Only if
provider==custom-ipsec - Ike
Mode string - Only if
provider==custom-ipsec. enum:aggressive,main - Ike
Proposals List<Pulumi.Juniper Mist. Device. Inputs. Gateway Tunnel Configs Ike Proposal> - if
provider==custom-ipsec - Ipsec
Lifetime int - if
provider==custom-ipsec - Ipsec
Proposals List<Pulumi.Juniper Mist. Device. Inputs. Gateway Tunnel Configs Ipsec Proposal> - Only if
provider==custom-ipsec - Local
Id string - Only if:
provider==zscaler-ipsecprovider==jse-ipsecprovider==custom-ipsec
- Mode string
- enum:
active-active,active-standby - Networks List<string>
- networks reachable via this tunnel
- Primary
Pulumi.
Juniper Mist. Device. Inputs. Gateway Tunnel Configs Primary - Probe
Pulumi.
Juniper Mist. Device. Inputs. Gateway Tunnel Configs Probe - Only if
provider==custom-ipsec - Protocol string
- Only if
provider==custom-ipsec. enum:gre,ipsec - Provider string
- enum:
custom-ipsec,customer-gre,jse-ipsec,zscaler-gre,zscaler-ipsec - Psk string
- Only if:
provider==zscaler-ipsecprovider==jse-ipsecprovider==custom-ipsec
- Secondary
Pulumi.
Juniper Mist. Device. Inputs. Gateway Tunnel Configs Secondary - Version string
- Only if
provider==custom-greorprovider==custom-ipsec. enum:1,2
- Auto
Provision GatewayTunnel Configs Auto Provision - Ike
Lifetime int - Only if
provider==custom-ipsec - Ike
Mode string - Only if
provider==custom-ipsec. enum:aggressive,main - Ike
Proposals []GatewayTunnel Configs Ike Proposal - if
provider==custom-ipsec - Ipsec
Lifetime int - if
provider==custom-ipsec - Ipsec
Proposals []GatewayTunnel Configs Ipsec Proposal - Only if
provider==custom-ipsec - Local
Id string - Only if:
provider==zscaler-ipsecprovider==jse-ipsecprovider==custom-ipsec
- Mode string
- enum:
active-active,active-standby - Networks []string
- networks reachable via this tunnel
- Primary
Gateway
Tunnel Configs Primary - Probe
Gateway
Tunnel Configs Probe - Only if
provider==custom-ipsec - Protocol string
- Only if
provider==custom-ipsec. enum:gre,ipsec - Provider string
- enum:
custom-ipsec,customer-gre,jse-ipsec,zscaler-gre,zscaler-ipsec - Psk string
- Only if:
provider==zscaler-ipsecprovider==jse-ipsecprovider==custom-ipsec
- Secondary
Gateway
Tunnel Configs Secondary - Version string
- Only if
provider==custom-greorprovider==custom-ipsec. enum:1,2
- auto
Provision GatewayTunnel Configs Auto Provision - ike
Lifetime Integer - Only if
provider==custom-ipsec - ike
Mode String - Only if
provider==custom-ipsec. enum:aggressive,main - ike
Proposals List<GatewayTunnel Configs Ike Proposal> - if
provider==custom-ipsec - ipsec
Lifetime Integer - if
provider==custom-ipsec - ipsec
Proposals List<GatewayTunnel Configs Ipsec Proposal> - Only if
provider==custom-ipsec - local
Id String - Only if:
provider==zscaler-ipsecprovider==jse-ipsecprovider==custom-ipsec
- mode String
- enum:
active-active,active-standby - networks List<String>
- networks reachable via this tunnel
- primary
Gateway
Tunnel Configs Primary - probe
Gateway
Tunnel Configs Probe - Only if
provider==custom-ipsec - protocol String
- Only if
provider==custom-ipsec. enum:gre,ipsec - provider String
- enum:
custom-ipsec,customer-gre,jse-ipsec,zscaler-gre,zscaler-ipsec - psk String
- Only if:
provider==zscaler-ipsecprovider==jse-ipsecprovider==custom-ipsec
- secondary
Gateway
Tunnel Configs Secondary - version String
- Only if
provider==custom-greorprovider==custom-ipsec. enum:1,2
- auto
Provision GatewayTunnel Configs Auto Provision - ike
Lifetime number - Only if
provider==custom-ipsec - ike
Mode string - Only if
provider==custom-ipsec. enum:aggressive,main - ike
Proposals GatewayTunnel Configs Ike Proposal[] - if
provider==custom-ipsec - ipsec
Lifetime number - if
provider==custom-ipsec - ipsec
Proposals GatewayTunnel Configs Ipsec Proposal[] - Only if
provider==custom-ipsec - local
Id string - Only if:
provider==zscaler-ipsecprovider==jse-ipsecprovider==custom-ipsec
- mode string
- enum:
active-active,active-standby - networks string[]
- networks reachable via this tunnel
- primary
Gateway
Tunnel Configs Primary - probe
Gateway
Tunnel Configs Probe - Only if
provider==custom-ipsec - protocol string
- Only if
provider==custom-ipsec. enum:gre,ipsec - provider string
- enum:
custom-ipsec,customer-gre,jse-ipsec,zscaler-gre,zscaler-ipsec - psk string
- Only if:
provider==zscaler-ipsecprovider==jse-ipsecprovider==custom-ipsec
- secondary
Gateway
Tunnel Configs Secondary - version string
- Only if
provider==custom-greorprovider==custom-ipsec. enum:1,2
- auto_
provision GatewayTunnel Configs Auto Provision - ike_
lifetime int - Only if
provider==custom-ipsec - ike_
mode str - Only if
provider==custom-ipsec. enum:aggressive,main - ike_
proposals Sequence[GatewayTunnel Configs Ike Proposal] - if
provider==custom-ipsec - ipsec_
lifetime int - if
provider==custom-ipsec - ipsec_
proposals Sequence[GatewayTunnel Configs Ipsec Proposal] - Only if
provider==custom-ipsec - local_
id str - Only if:
provider==zscaler-ipsecprovider==jse-ipsecprovider==custom-ipsec
- mode str
- enum:
active-active,active-standby - networks Sequence[str]
- networks reachable via this tunnel
- primary
Gateway
Tunnel Configs Primary - probe
Gateway
Tunnel Configs Probe - Only if
provider==custom-ipsec - protocol str
- Only if
provider==custom-ipsec. enum:gre,ipsec - provider str
- enum:
custom-ipsec,customer-gre,jse-ipsec,zscaler-gre,zscaler-ipsec - psk str
- Only if:
provider==zscaler-ipsecprovider==jse-ipsecprovider==custom-ipsec
- secondary
Gateway
Tunnel Configs Secondary - version str
- Only if
provider==custom-greorprovider==custom-ipsec. enum:1,2
- auto
Provision Property Map - ike
Lifetime Number - Only if
provider==custom-ipsec - ike
Mode String - Only if
provider==custom-ipsec. enum:aggressive,main - ike
Proposals List<Property Map> - if
provider==custom-ipsec - ipsec
Lifetime Number - if
provider==custom-ipsec - ipsec
Proposals List<Property Map> - Only if
provider==custom-ipsec - local
Id String - Only if:
provider==zscaler-ipsecprovider==jse-ipsecprovider==custom-ipsec
- mode String
- enum:
active-active,active-standby - networks List<String>
- networks reachable via this tunnel
- primary Property Map
- probe Property Map
- Only if
provider==custom-ipsec - protocol String
- Only if
provider==custom-ipsec. enum:gre,ipsec - provider String
- enum:
custom-ipsec,customer-gre,jse-ipsec,zscaler-gre,zscaler-ipsec - psk String
- Only if:
provider==zscaler-ipsecprovider==jse-ipsecprovider==custom-ipsec
- secondary Property Map
- version String
- Only if
provider==custom-greorprovider==custom-ipsec. enum:1,2
GatewayTunnelConfigsAutoProvision, GatewayTunnelConfigsAutoProvisionArgs
GatewayTunnelConfigsAutoProvisionLatlng, GatewayTunnelConfigsAutoProvisionLatlngArgs
GatewayTunnelConfigsAutoProvisionPrimary, GatewayTunnelConfigsAutoProvisionPrimaryArgs
GatewayTunnelConfigsAutoProvisionSecondary, GatewayTunnelConfigsAutoProvisionSecondaryArgs
GatewayTunnelConfigsIkeProposal, GatewayTunnelConfigsIkeProposalArgs
GatewayTunnelConfigsIpsecProposal, GatewayTunnelConfigsIpsecProposalArgs
GatewayTunnelConfigsPrimary, GatewayTunnelConfigsPrimaryArgs
- Hosts List<string>
- Internal
Ips List<string> - Only if:
provider==zscaler-greprovider==custom-gre
- Probe
Ips List<string> - Remote
Ids List<string> - Only if
provider==custom-ipsec - Wan
Names List<string>
- Hosts []string
- Internal
Ips []string - Only if:
provider==zscaler-greprovider==custom-gre
- Probe
Ips []string - Remote
Ids []string - Only if
provider==custom-ipsec - Wan
Names []string
- hosts List<String>
- internal
Ips List<String> - Only if:
provider==zscaler-greprovider==custom-gre
- probe
Ips List<String> - remote
Ids List<String> - Only if
provider==custom-ipsec - wan
Names List<String>
- hosts string[]
- internal
Ips string[] - Only if:
provider==zscaler-greprovider==custom-gre
- probe
Ips string[] - remote
Ids string[] - Only if
provider==custom-ipsec - wan
Names string[]
- hosts Sequence[str]
- internal_
ips Sequence[str] - Only if:
provider==zscaler-greprovider==custom-gre
- probe_
ips Sequence[str] - remote_
ids Sequence[str] - Only if
provider==custom-ipsec - wan_
names Sequence[str]
- hosts List<String>
- internal
Ips List<String> - Only if:
provider==zscaler-greprovider==custom-gre
- probe
Ips List<String> - remote
Ids List<String> - Only if
provider==custom-ipsec - wan
Names List<String>
GatewayTunnelConfigsProbe, GatewayTunnelConfigsProbeArgs
GatewayTunnelConfigsSecondary, GatewayTunnelConfigsSecondaryArgs
- Hosts List<string>
- Internal
Ips List<string> - Only if:
provider==zscaler-greprovider==custom-gre
- Probe
Ips List<string> - Remote
Ids List<string> - Only if
provider==custom-ipsec - Wan
Names List<string>
- Hosts []string
- Internal
Ips []string - Only if:
provider==zscaler-greprovider==custom-gre
- Probe
Ips []string - Remote
Ids []string - Only if
provider==custom-ipsec - Wan
Names []string
- hosts List<String>
- internal
Ips List<String> - Only if:
provider==zscaler-greprovider==custom-gre
- probe
Ips List<String> - remote
Ids List<String> - Only if
provider==custom-ipsec - wan
Names List<String>
- hosts string[]
- internal
Ips string[] - Only if:
provider==zscaler-greprovider==custom-gre
- probe
Ips string[] - remote
Ids string[] - Only if
provider==custom-ipsec - wan
Names string[]
- hosts Sequence[str]
- internal_
ips Sequence[str] - Only if:
provider==zscaler-greprovider==custom-gre
- probe_
ips Sequence[str] - remote_
ids Sequence[str] - Only if
provider==custom-ipsec - wan_
names Sequence[str]
- hosts List<String>
- internal
Ips List<String> - Only if:
provider==zscaler-greprovider==custom-gre
- probe
Ips List<String> - remote
Ids List<String> - Only if
provider==custom-ipsec - wan
Names List<String>
GatewayTunnelProviderOptions, GatewayTunnelProviderOptionsArgs
- Jse
Pulumi.
Juniper Mist. Device. Inputs. Gateway Tunnel Provider Options Jse - for jse-ipsec, this allow provisioning of adequate resource on JSE. Make sure adequate licenses are added
- Zscaler
Pulumi.
Juniper Mist. Device. Inputs. Gateway Tunnel Provider Options Zscaler - for zscaler-ipsec and zscaler-gre
- Jse
Gateway
Tunnel Provider Options Jse - for jse-ipsec, this allow provisioning of adequate resource on JSE. Make sure adequate licenses are added
- Zscaler
Gateway
Tunnel Provider Options Zscaler - for zscaler-ipsec and zscaler-gre
- jse
Gateway
Tunnel Provider Options Jse - for jse-ipsec, this allow provisioning of adequate resource on JSE. Make sure adequate licenses are added
- zscaler
Gateway
Tunnel Provider Options Zscaler - for zscaler-ipsec and zscaler-gre
- jse
Gateway
Tunnel Provider Options Jse - for jse-ipsec, this allow provisioning of adequate resource on JSE. Make sure adequate licenses are added
- zscaler
Gateway
Tunnel Provider Options Zscaler - for zscaler-ipsec and zscaler-gre
- jse
Gateway
Tunnel Provider Options Jse - for jse-ipsec, this allow provisioning of adequate resource on JSE. Make sure adequate licenses are added
- zscaler
Gateway
Tunnel Provider Options Zscaler - for zscaler-ipsec and zscaler-gre
- jse Property Map
- for jse-ipsec, this allow provisioning of adequate resource on JSE. Make sure adequate licenses are added
- zscaler Property Map
- for zscaler-ipsec and zscaler-gre
GatewayTunnelProviderOptionsJse, GatewayTunnelProviderOptionsJseArgs
GatewayTunnelProviderOptionsZscaler, GatewayTunnelProviderOptionsZscalerArgs
- Aup
Acceptance boolRequired - Aup
Expire int - days before AUP is requested again
- Aup
Ssl boolProxy - proxy HTTPs traffic, requiring Zscaler cert to be installed in browser
- Download
Mbps int - the download bandwidth cap of the link, in Mbps
- Enable
Aup bool - if
use_xff==true, display Acceptable Use Policy (AUP) - Enable
Caution bool - when
enforce_authentication==false, display caution notification for non-authenticated users - Enforce
Authentication bool - Name string
- Sub
Locations List<Pulumi.Juniper Mist. Device. Inputs. Gateway Tunnel Provider Options Zscaler Sub Location> - if
use_xff==true - Upload
Mbps int - the download bandwidth cap of the link, in Mbps
- Use
Xff bool - location uses proxy chaining to forward traffic
- Aup
Acceptance boolRequired - Aup
Expire int - days before AUP is requested again
- Aup
Ssl boolProxy - proxy HTTPs traffic, requiring Zscaler cert to be installed in browser
- Download
Mbps int - the download bandwidth cap of the link, in Mbps
- Enable
Aup bool - if
use_xff==true, display Acceptable Use Policy (AUP) - Enable
Caution bool - when
enforce_authentication==false, display caution notification for non-authenticated users - Enforce
Authentication bool - Name string
- Sub
Locations []GatewayTunnel Provider Options Zscaler Sub Location - if
use_xff==true - Upload
Mbps int - the download bandwidth cap of the link, in Mbps
- Use
Xff bool - location uses proxy chaining to forward traffic
- aup
Acceptance BooleanRequired - aup
Expire Integer - days before AUP is requested again
- aup
Ssl BooleanProxy - proxy HTTPs traffic, requiring Zscaler cert to be installed in browser
- download
Mbps Integer - the download bandwidth cap of the link, in Mbps
- enable
Aup Boolean - if
use_xff==true, display Acceptable Use Policy (AUP) - enable
Caution Boolean - when
enforce_authentication==false, display caution notification for non-authenticated users - enforce
Authentication Boolean - name String
- sub
Locations List<GatewayTunnel Provider Options Zscaler Sub Location> - if
use_xff==true - upload
Mbps Integer - the download bandwidth cap of the link, in Mbps
- use
Xff Boolean - location uses proxy chaining to forward traffic
- aup
Acceptance booleanRequired - aup
Expire number - days before AUP is requested again
- aup
Ssl booleanProxy - proxy HTTPs traffic, requiring Zscaler cert to be installed in browser
- download
Mbps number - the download bandwidth cap of the link, in Mbps
- enable
Aup boolean - if
use_xff==true, display Acceptable Use Policy (AUP) - enable
Caution boolean - when
enforce_authentication==false, display caution notification for non-authenticated users - enforce
Authentication boolean - name string
- sub
Locations GatewayTunnel Provider Options Zscaler Sub Location[] - if
use_xff==true - upload
Mbps number - the download bandwidth cap of the link, in Mbps
- use
Xff boolean - location uses proxy chaining to forward traffic
- aup_
acceptance_ boolrequired - aup_
expire int - days before AUP is requested again
- aup_
ssl_ boolproxy - proxy HTTPs traffic, requiring Zscaler cert to be installed in browser
- download_
mbps int - the download bandwidth cap of the link, in Mbps
- enable_
aup bool - if
use_xff==true, display Acceptable Use Policy (AUP) - enable_
caution bool - when
enforce_authentication==false, display caution notification for non-authenticated users - enforce_
authentication bool - name str
- sub_
locations Sequence[GatewayTunnel Provider Options Zscaler Sub Location] - if
use_xff==true - upload_
mbps int - the download bandwidth cap of the link, in Mbps
- use_
xff bool - location uses proxy chaining to forward traffic
- aup
Acceptance BooleanRequired - aup
Expire Number - days before AUP is requested again
- aup
Ssl BooleanProxy - proxy HTTPs traffic, requiring Zscaler cert to be installed in browser
- download
Mbps Number - the download bandwidth cap of the link, in Mbps
- enable
Aup Boolean - if
use_xff==true, display Acceptable Use Policy (AUP) - enable
Caution Boolean - when
enforce_authentication==false, display caution notification for non-authenticated users - enforce
Authentication Boolean - name String
- sub
Locations List<Property Map> - if
use_xff==true - upload
Mbps Number - the download bandwidth cap of the link, in Mbps
- use
Xff Boolean - location uses proxy chaining to forward traffic
GatewayTunnelProviderOptionsZscalerSubLocation, GatewayTunnelProviderOptionsZscalerSubLocationArgs
- Aup
Acceptance boolRequired - Aup
Expire int - days before AUP is requested again
- Aup
Ssl boolProxy - proxy HTTPs traffic, requiring Zscaler cert to be installed in browser
- Download
Mbps int - the download bandwidth cap of the link, in Mbps
- Enable
Aup bool - if
use_xff==true, display Acceptable Use Policy (AUP) - Enable
Caution bool - when
enforce_authentication==false, display caution notification for non-authenticated users - Enforce
Authentication bool - Subnets List<string>
- Upload
Mbps int - the download bandwidth cap of the link, in Mbps
- Aup
Acceptance boolRequired - Aup
Expire int - days before AUP is requested again
- Aup
Ssl boolProxy - proxy HTTPs traffic, requiring Zscaler cert to be installed in browser
- Download
Mbps int - the download bandwidth cap of the link, in Mbps
- Enable
Aup bool - if
use_xff==true, display Acceptable Use Policy (AUP) - Enable
Caution bool - when
enforce_authentication==false, display caution notification for non-authenticated users - Enforce
Authentication bool - Subnets []string
- Upload
Mbps int - the download bandwidth cap of the link, in Mbps
- aup
Acceptance BooleanRequired - aup
Expire Integer - days before AUP is requested again
- aup
Ssl BooleanProxy - proxy HTTPs traffic, requiring Zscaler cert to be installed in browser
- download
Mbps Integer - the download bandwidth cap of the link, in Mbps
- enable
Aup Boolean - if
use_xff==true, display Acceptable Use Policy (AUP) - enable
Caution Boolean - when
enforce_authentication==false, display caution notification for non-authenticated users - enforce
Authentication Boolean - subnets List<String>
- upload
Mbps Integer - the download bandwidth cap of the link, in Mbps
- aup
Acceptance booleanRequired - aup
Expire number - days before AUP is requested again
- aup
Ssl booleanProxy - proxy HTTPs traffic, requiring Zscaler cert to be installed in browser
- download
Mbps number - the download bandwidth cap of the link, in Mbps
- enable
Aup boolean - if
use_xff==true, display Acceptable Use Policy (AUP) - enable
Caution boolean - when
enforce_authentication==false, display caution notification for non-authenticated users - enforce
Authentication boolean - subnets string[]
- upload
Mbps number - the download bandwidth cap of the link, in Mbps
- aup_
acceptance_ boolrequired - aup_
expire int - days before AUP is requested again
- aup_
ssl_ boolproxy - proxy HTTPs traffic, requiring Zscaler cert to be installed in browser
- download_
mbps int - the download bandwidth cap of the link, in Mbps
- enable_
aup bool - if
use_xff==true, display Acceptable Use Policy (AUP) - enable_
caution bool - when
enforce_authentication==false, display caution notification for non-authenticated users - enforce_
authentication bool - subnets Sequence[str]
- upload_
mbps int - the download bandwidth cap of the link, in Mbps
- aup
Acceptance BooleanRequired - aup
Expire Number - days before AUP is requested again
- aup
Ssl BooleanProxy - proxy HTTPs traffic, requiring Zscaler cert to be installed in browser
- download
Mbps Number - the download bandwidth cap of the link, in Mbps
- enable
Aup Boolean - if
use_xff==true, display Acceptable Use Policy (AUP) - enable
Caution Boolean - when
enforce_authentication==false, display caution notification for non-authenticated users - enforce
Authentication Boolean - subnets List<String>
- upload
Mbps Number - the download bandwidth cap of the link, in Mbps
GatewayVrfConfig, GatewayVrfConfigArgs
- Enabled bool
- whether to enable VRF (when supported on the device)
- Enabled bool
- whether to enable VRF (when supported on the device)
- enabled Boolean
- whether to enable VRF (when supported on the device)
- enabled boolean
- whether to enable VRF (when supported on the device)
- enabled bool
- whether to enable VRF (when supported on the device)
- enabled Boolean
- whether to enable VRF (when supported on the device)
GatewayVrfInstances, GatewayVrfInstancesArgs
- Networks List<string>
- Networks []string
- networks List<String>
- networks string[]
- networks Sequence[str]
- networks List<String>
Import
Using pulumi import, import mist_device_gateway with:
Gateway Configuration can be imported by specifying the site_id and the device_id
$ pulumi import junipermist:device/gateway:Gateway gateway_one 17b46405-3a6d-4715-8bb4-6bb6d06f316a.d3c42998-9012-4859-9743-6b9bee475309
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- junipermist pulumi/pulumi-junipermist
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
mistTerraform Provider.