VPN Connections

VPN connections define IPSec site-to-site tunnels between your UpCloud network gateway and remote networks. Each connection includes local and remote routes and one or more tunnels.

GET/1.3/gateway/{uuid}/connections

List connections

Returns a list of VPN connections for a network gateway.

Request

GET

/1.3/gateway/{uuid}/connections

curl -X GET https://api.upcloud.com/1.3/gateway/04b87f79-1a17-4f64-ad8e-33bd4c3f5c1b/connections \
  -u your_username:your_password

GET/1.3/gateway/{uuid}/connections/{connection_uuid}

Get connection details

Returns details of a specific VPN connection including all tunnels and routing configuration.

Request

GET

/1.3/gateway/{uuid}/connections/{connection_uuid}

curl -X GET https://api.upcloud.com/1.3/gateway/04b87f79-1a17-4f64-ad8e-33bd4c3f5c1b/connections/1085d477-8d8f-4c97-9bef-731933187538 \
  -u your_username:your_password

POST/1.3/gateway/{uuid}/connections

Create connection

Creates a new VPN connection for a network gateway. VPN feature must be enabled on the gateway.

Attributes

Name
name
Type
string
Description
Connection name (1-64 chars, alphanumeric with - and _).
Name
type
Type
string
Description
Connection type. Currently only "ipsec" is supported.
Name
local_routes
Type
array
Description
Routes for UpCloud-side networks. See route attributes below.
Name
remote_routes
Type
array
Description
Routes for remote peer networks. See route attributes below.
Name
tunnels
Type
array
Description
IPSec tunnel configurations. See tunnel attributes.

Route attributes

Name
name
Type
string
Description
Route name (1-64 chars).
Name
type
Type
string
Description
Route type. Currently only "static" is supported.
Name
static_network
Type
string
Description
Destination prefix (e.g., "10.0.0.0/24").

At least one of local_routes, remote_routes, or tunnels must be provided.

Request

POST

/1.3/gateway/{uuid}/connections

curl -X POST https://api.upcloud.com/1.3/gateway/04b87f79-1a17-4f64-ad8e-33bd4c3f5c1b/connections \
  -u your_username:your_password \
  -H "Content-Type: application/json" \
  -d '{
    "name": "site-to-site-vpn",
    "type": "ipsec",
    "local_routes": [
      {
        "name": "upcloud-network",
        "type": "static",
        "static_network": "10.0.0.0/24"
      }
    ],
    "remote_routes": [
      {
        "name": "remote-network",
        "type": "static",
        "static_network": "192.168.1.0/24"
      }
    ],
    "tunnels": [
      {
        "name": "primary-tunnel",
        "local_address": {
          "name": "public-ip-1"
        },
        "remote_address": {
          "address": "203.0.113.50"
        },
        "ipsec": {
          "authentication": {
            "authentication": "psk",
            "psk": "your-pre-shared-key"
          }
        }
      }
    ]
  }'

PATCH/1.3/gateway/{uuid}/connections/{connection_uuid}

Modify connection

Modifies an existing VPN connection's routes or tunnels.

Attributes

Name
local_routes
Type
array
Description
Updated local routes. Replaces existing routes.
Name
remote_routes
Type
array
Description
Updated remote routes. Replaces existing routes.
Name
tunnels
Type
array
Description
Updated tunnel configurations.

Request

PATCH

/1.3/gateway/{uuid}/connections/{connection_uuid}

curl -X PATCH https://api.upcloud.com/1.3/gateway/04b87f79-1a17-4f64-ad8e-33bd4c3f5c1b/connections/1085d477-8d8f-4c97-9bef-731933187538 \
  -u your_username:your_password \
  -H "Content-Type: application/json" \
  -d '{
    "local_routes": [
      {
        "name": "updated-route",
        "type": "static",
        "static_network": "10.0.22.0/24"
      }
    ]
  }'

DELETE/1.3/gateway/{uuid}/connections/{connection_uuid}

Delete connection

Deletes a VPN connection and all its tunnels from a network gateway.

Request

DELETE

/1.3/gateway/{uuid}/connections/{connection_uuid}

curl -X DELETE https://api.upcloud.com/1.3/gateway/04b87f79-1a17-4f64-ad8e-33bd4c3f5c1b/connections/1085d477-8d8f-4c97-9bef-731933187538 \
  -u your_username:your_password