Crypto

Name	Type	Constraint	Mandatory	Default Value
crypto	Class	`[crypto]`	No

Name	Type	Constraint	Mandatory
ipsec_profiles	List	`[ipsec_profiles]`	No
ikev2_profiles	List	`[ikev2_profiles]`	No
ikev2_keyrings	List	`[ikev2_keyrings]`	No
ikev2_policies	List	`[ikev2_policies]`	No
ikev2_proposals	List	`[ikev2_proposals]`	No

Name	Type	Constraint	Mandatory
name	String		Yes
set_transform_set	List	String	No
set_isakmp_profile_ikev2_profile_ikev2_profile_case_ikev2_profile	String		No

Name	Type	Constraint	Mandatory
name	String		Yes
authentication_local_pre_share	Boolean	`true`, `false`	No
authentication_remote_pre_share	Boolean	`true`, `false`	No
config_exchange_request	Boolean	`true`, `false`	No
delete_mode	Choice	`all`, `attributes`	No
description	String		No
dpd_interval	Integer	min: `10`, max: `3600`	No
dpd_query	Choice	`on-demand`, `periodic`	No
dpd_retry	Integer	min: `2`, max: `60`	No
identity_local_address	String		No
identity_local_key_id	String		No
ivrf	String		No
keyring_local	String		No
match_address_local_ip	String		No
match_fvrf	String		No
match_fvrf_any	Boolean	`true`, `false`	No
match_identity_remote_ipv4_addresses	List	`[match_identity_remote_ipv4_addresses]`	No
match_identity_remote_ipv6_prefixes	List	String	No
match_identity_remote_keys	List	String	No
match_inbound_only	Boolean	`true`, `false`	No

Name	Type	Constraint	Mandatory	Default Value
name	String		Yes
peers	List	`[peers]`	No

Name	Type	Constraint	Mandatory
name	String		Yes
proposals	List	`[proposals]`	Yes
device	String		No
match_address_local_ip	List	String	No
match_fvrf	String		No
match_fvrf_any	Boolean	`true`, `false`	No
match_inbound_only	Boolean	`true`, `false`	No

Name	Type	Constraint	Mandatory
name	String		Yes
encryption_aes_cbc_128	Boolean	`true`, `false`	No
encryption_aes_cbc_192	Boolean	`true`, `false`	No
encryption_aes_cbc_256	Boolean	`true`, `false`	No
encryption_aes_gcm_128	Boolean	`true`, `false`	No
encryption_aes_gcm_256	Boolean	`true`, `false`	No
encryption_en_3des	Boolean	`true`, `false`	No
group_fifteen	Boolean	`true`, `false`	No
group_fourteen	Boolean	`true`, `false`	No
group_nineteen	Boolean	`true`, `false`	No
group_one	Boolean	`true`, `false`	No
group_sixteen	Boolean	`true`, `false`	No
group_twenty	Boolean	`true`, `false`	No
group_twenty_four	Boolean	`true`, `false`	No
group_twenty_one	Boolean	`true`, `false`	No
group_two	Boolean	`true`, `false`	No
integrity_md5	Boolean	`true`, `false`	No
integrity_sha1	Boolean	`true`, `false`	No
integrity_sha256	Boolean	`true`, `false`	No
integrity_sha384	Boolean	`true`, `false`	No
integrity_sha512	Boolean	`true`, `false`	No
prf_md5	Boolean	`true`, `false`	No
prf_sha1	Boolean	`true`, `false`	No
prf_sha256	Boolean	`true`, `false`	No
prf_sha384	Boolean	`true`, `false`	No
prf_sha512	Boolean	`true`, `false`	No

Name	Type	Constraint	Mandatory	Default Value
address	String		Yes
mask	String		No

Name	Type	Constraint	Mandatory
name	String		Yes
description	String		No
hostname	String		No
identity_address	String		No
identity_email_domain	String		No
identity_email_name	String		No
identity_fqdn_domain	String		No
identity_fqdn_name	String		No
identity_key_id	String		No
ipv4_address	String		No
ipv4_mask	String		No
ipv6_prefix	String		No
pre_shared_key	String		No
pre_shared_key_encryption	Choice	`0`, `6`	No
pre_shared_key_local	String		No
pre_shared_key_local_encryption	Choice	`0`, `6`	No
pre_shared_key_remote	String		No
pre_shared_key_remote_encryption	Choice	`0`, `6`	No

Name	Type	Constraint	Mandatory	Default Value
proposals	String		Yes

iosxe:
  devices:
    - name: Device1
      configuration:
        crypto: