List all Sites visible to current user.
Query string to filter the result list. It's used for various fields depending on the object type. Send multiple query parameters to make the queries more specific.
'Range string to limit the result list. Format: -. 3-10 means the items between the (including) 3rd and the 10th will be returned. Defaults to all objects.'
The field name to sort the result list. Supported fields vary from object to object. Defaults to certain field depending on the object type.
Whether the sorting is applied descending or ascending. Defaults to certain field depending on the object type.
Filters the result list by the given field and value. Supported fields vary from API to API. The filters can be combined with each other as well as the generic query parameter. The given value is checked for inclusion.
List of Sites.
The range applied to the list. Format: -/. 3-5/8 means, out of 8 count (query affects the total), the items between (including) the 3rd and the 5th are returned.
The field name used to sort the list.
Whether the sorting is applied descending or ascending.
The queries applied to the list.
The total readable count of entities. Not influenced by the query.
The filters applied to the list.
The field name the filter is applied to.
The value used for comparison.
List of Sites.
ID of the object.
Name of the object.
Notes for the object. Used for documentation purposes.
Create date.
Last update date.
Array of tags.
Description of the Site to be displayed on the Client.
Geolocation of the Site.
Network subnets in CIDR format to define the Site's boundaries. They are added as routes by the Client. Comments are supported with "#" delimiter.
When the Client fails to connect to the Site for a certain period of time, configured Entitlements (see Policy) will be moved to this "Fallback" Site.
Local Site Detection feature settings.
Enables the Local Site Detection feature.
The public IPs or the CIDRs of the clients that will be considered local to this Site. Those clients will connect to Gateways with the configured local hostname and local weights in Appliance configuration.
If enabled, this Site will be included in the nearest Site override selection in Policies.
List of IP Pool mappings for this specific Site. When IPs are allocated this Site, they will be mapped to a new one using this setting.
IP Pool ID to map from. If a user is authorizing with this IP Pool via Identity Provider assignment and has access to this Site, mapping will occur for that user.
IP Pool ID to map to.
Mapping type.
Default Gateway configuration.
When enabled, the Client uses this Site as the Default Default for all IPV4 traffic.
When enabled, the Client uses this Site as the Default Default for all IPv6 traffic.
Network subnets to exclude when Default Gateway is enabled. The traffic for these subnets will not go through the Gateway in this Site. Comments are supported with "#" delimiter.
When enabled, the routes are sent to the Client by the Gateways according to the user's Entitlements "networkSubnets" should be left be empty if it's enabled.
VPN configuration for this Site.
Source NAT.
VPN over TLS protocol configuration.
TLS version.
Deprecated as of 6.6. VPN over DTLS protocol configuration.
VPN over QUIC protocol configuration.
Override routing for tunnel traffic.
IPv4 address for routing tunnel traffic.
IPv6 address for routing tunnel traffic.
Whether to enable URL Access feature or not.
P12 files for proxying traffic for URL Access feature.
Identifier to track the object on update since all the other fields are write-only. A random one will be assigned if left empty.
Subject name of the certificate in the file.
Gateway will verify upstream certificate of the endpoints.
Frequency configuration for generating IP Access audit logs for a connection.
Whether to log NAT traffic or not.
Settings for asset name resolution.
Name resolution to use Appliance's /etc/hosts file.
Resolver to resolve hostnames using DNS servers. If there are no DNS Resolvers with empty match domains, one will be added automatically.
Identifier name. Has no functional effect.
How often will the resolver poll the server. In seconds.
Perform AAAA lookups.
Perform zones transfer.
Deprecated as of 6.4. This will apply whenever Gateway gets a DNS response which has no TTL set.
DNS Server addresses that will be used to resolve hostnames within the Site. Leave it empty to use the Gateways' own DNS configuration.
The DNS resolver will only attempt to resolve names matching the match domains. If match domains are not specified the DNS resolver will attempt to resolve all hostnames.
This will configure Client machines' DNS according to this resolver if the Client connects to this Site.
Resolvers to resolve Amazon machines by querying Amazon Web Services.
Identifier name. Has no functional effect.
How often will the resolver poll the server. In seconds.
VPC IDs to resolve names.
Use VPC auto discovery.
Amazon regions.
Uses the built-in IAM role in AWS instances to authenticate against the API.
ID of the access key.
Proxy address to use while communicating with AWS. format: https://username:password@ip/hostname:port
Use master credentials to resolve names in addition to any assumed roles.
What AWS partition to use such as 'aws-cn' or 'aws-us-gov'
Resolve EC2 resources.
Resolve API Gateway resources.
Resolve EKS resources.
Resolve RDS resources.
Roles to be assumed to perform AWS name resolution.
AWS account ID.
AWS role name
AWS role external id.
AWS regions.
Resolvers to resolve Azure machines by querying Azure App Service.
Identifier name. Has no functional effect.
How often will the resolver poll the server. In seconds.
Uses the built-in Managed Identities in Azure instances to authenticate against the API.
Azure tenant id, visible with the azure cli command azure account show.
Azure client id, also called app id. Visible for a given application using the azure cli command azure ad app show.
Subscription IDs to resolve names for.
Use subscription auto discovery.
Resolvers to resolve VMware vSphere machines by querying the vCenter.
Identifier name. Has no functional effect.
How often will the resolver poll the server. In seconds.
Hostname of the vCenter.
Username with admin access to the vCenter.
Resolvers to resolve GCP machine by querying Google web services.
Identifier name. Has no functional effect.
How often will the resolver poll the server. In seconds.
GCP project filter.
GCP instance filter.
GCP forwarding rules filter.
Resolvers to resolve names by querying Appgate Illumio Resolver.
Identifier name. Has no functional effect.
How often will the resolver poll the server. In seconds.
Organization ID of the Illumio Resolver.
Hostname of the Illumio Resolver.
Port number of the Illumio Resolver.
Username with access to the Illumio Resolver.
DNS Forwarding feature. Always enabled and will be filled if there is no object is passed.
DNS Forwarder Site IPv4 address.
DNS Forwarder Site IPv6 address.
DNS Servers to use for resolving endpoints. Leave it empty to use the Gateways' own DNS configuration.
A list of subnets to allow access.
IP address
netmask
Deprecated as of 6.4. This will apply whenever Gateway gets a DNS response which has no TTL set.
The match domains to use for automatic Client DNS configuration.
This will configure Client machines' DNS according to this forwarder if the Client connects to this Site.
Token error. Login again.
Generic HTTP error.
Machine readable error code.
Human readable error details.
Insufficient permissions to access this resource.
Generic HTTP error.
Machine readable error code.
Human readable error details.
Invalid 'Accept' header.
Generic HTTP error.
Machine readable error code.
Human readable error details.
Unexpected server side error.
Generic HTTP error.
Machine readable error code.
Human readable error details.