Joining the Conversation
Cato Professional ServicesHi Deckel,
Form the error message, it seems to indicate that the tunnel ID is not valid.
Just to check, you have referenced the API Configuration (Mutation) details: https://api.catonetworks.com/documentation/#mutation-sites.updateIpsecIkeV2SiteGeneralDetails , right? ___
Would you like to review the tunnelId details? ___
Here is a reference: https://api.catonetworks.com/documentation/#mutation-sites.updateIpsecIkeV2SiteTunnels
Cheers
Joining the ConversationHi,
not sure I follow.
I am not using the API direct.
The Cato Terraform provider is being used.
cato_ipsec_site | Resources | catonetworks/cato | Terraform | Terraform Registry
"tunnel_id" is listed there as a read-only item.
In my understanding, the tunnel_id will be provided after deployment.
This is the output of what will be changes by terraform:
# cato_ipsec_site.Vienna will be updated in-place
~ resource "cato_ipsec_site" "Vienna" {
id = "170369"
~ ipsec = {
~ primary = {
+ tunnels = [
+ {
+ psk = "abcABC1234567!!"
+ tunnel_id = (known after apply)
},
]
# (1 unchanged attribute hidden)
}
# (6 unchanged attributes hidden)
It seems to me that the terraform provider isn´t supporting ipsec tunnels with destination type FQDN.
I can nowhere find an example for that type of setup.
All I can find is with destination_type set to IPv4. Which then requires selecting a POP.
Thanks,
Christian
