Domain name for API request: vpc.intl.tencentcloudapi.com.
This API is used to create a VPN tunnel.
Note:
This API is async. You can call the
DescribeVpcTaskResult
API to query the task result. When the task is completed, you can continue other tasks.
A maximum of 100 requests can be initiated per second for this API.
The following request parameter list only provides API request parameters and some common parameters. For the complete common parameter list, see Common Request Parameters.
Parameter Name | Required | Type | Description |
---|---|---|---|
Action | Yes | String | Common Params. The value used for this API: CreateVpnConnection. |
Version | Yes | String | Common Params. The value used for this API: 2017-03-12. |
Region | Yes | String | Common Params. For more information, please see the list of regions supported by the product. |
VpnGatewayId | Yes | String | The ID of the VPN gateway instance. |
CustomerGatewayId | Yes | String | The ID of the customer gateway, such as cgw-2wqq41m9 . You can query the customer gateway by using the DescribeCustomerGateways API. |
VpnConnectionName | Yes | String | Gateway can be named freely, but the maximum length is 60 characters. |
PreShareKey | Yes | String | The pre-shared key. |
VpcId | No | String | VPC instance ID, which can be obtained from the VpcId field in the response of the DescribeVpcs API.This parameter is optional for a CCN-based VPN tunnel. |
SecurityPolicyDatabases.N | No | Array of SecurityPolicyDatabase | The SPD policy group, for example: {"10.0.0.5/24":["172.123.10.5/16"]}. 10.0.0.5/24 is the VPC internal IP range, and 172.123.10.5/16 is the IDC IP range. The user specifies the IP range in the VPC that can communicate with the IP range in the IDC. |
IKEOptionsSpecification | No | IKEOptionsSpecification | Internet Key Exchange (IKE) configuration. IKE has a self-protection mechanism. The network security protocol is configured by the user. |
IPSECOptionsSpecification | No | IPSECOptionsSpecification | IPSec configuration. The IPSec secure session configuration is provided by Tencent Cloud. |
Tags.N | No | Array of Tag | Bound tags, such as [{"Key": "city", "Value": "shanghai"}]. |
EnableHealthCheck | No | Boolean | Whether the tunnel health check is supported. The default value is False . |
HealthCheckLocalIp | No | String | Local IP of health check. It defaults to a random IP within 169.254.128.0/17. |
HealthCheckRemoteIp | No | String | Peer IP of health check. It defaults to a random IP within 169.254.128.0/17. |
RouteType | No | String | Tunnel type. Valid values: STATIC , StaticRoute , and Policy . |
NegotiationType | No | String | Negotiation type. Valid values: active (default value), passive and flowTrigger . |
DpdEnable | No | Integer | Specifies whether to enable DPD. Valid values: 0 (disable) and 1 (enable) |
DpdTimeout | No | String | DPD timeout period. Default: 30; unit: second. If the request is not responded within this period, the peer end is considered not exists. This parameter is valid when the value of DpdEnable is 1. |
DpdAction | No | String | The action after DPD timeout. Valid values: clear (disconnect) and restart (try again). It’s valid when DpdEnable is 1 . |
Parameter Name | Type | Description |
---|---|---|
VpnConnection | VpnConnection | Tunnel instance object. |
RequestId | String | The unique request ID, generated by the server, will be returned for every request (if the request fails to reach the server for other reasons, the request will not obtain a RequestId). RequestId is required for locating a problem. |
This example shows you how to create a VPN tunnel.
POST / HTTP/1.1
Host: vpc.intl.tencentcloudapi.com
Content-Type: application/json
X-TC-Action: CreateVpnConnection
<Common request parameters>
{
"VpnConnectionName": "TEST_CONN",
"PreShareKey": "654321",
"VpcId": "vpc-gapcv96p",
"Tags": [
{
"Value": "shanghai",
"Key": "city"
}
],
"IPSECOptionsSpecification": {
"PfsDhGroup": "NULL",
"EncryptAlgorithm": "3DES-CBC",
"IntegrityAlgorith": "MD5"
},
"SecurityPolicyDatabases": [
{
"LocalCidrBlock": "10.8.4.0/24",
"RemoteCidrBlock": [
"58.211.1.0/24"
]
}
],
"VpnGatewayId": "vpngw-1w9tue3d",
"CustomerGatewayId": "cgw-qa9sxpy7",
"IKEOptionsSpecification": {
"IKEVersion": "IKEV1",
"RemoteIdentity": "ADDRESS",
"PropoAuthenAlgorithm": "MD5",
"RemoteAddress": "1.2.3.4",
"LocalIdentity": "ADDRESS",
"LocalAddress": "58.211.2.5",
"ExchangeMode": "MAIN",
"PropoEncryAlgorithm": "3DES-CBC",
"DhGroupName": "GROUP1"
}
}
{
"Response": {
"VpnConnection": {
"VpcId": "vpc-kozprpc9",
"VpnConnectionId": "vpnx-p0j11j28",
"VpnConnectionName": "test-con",
"VpnGatewayId": "vpngw-ecvft20x",
"CustomerGatewayId": "cgw-7lhl5331",
"State": "PENDING",
"PreShareKey": "123456",
"NegotiationType": "",
"DpdEnable": -1,
"DpdTimeout": "",
"DpdAction": "",
"VpnProto": "IPSEC",
"EncryptProto": "IKE",
"RouteType": "STATIC",
"CreatedTime": "0000-00-00 00:00:00",
"NetStatus": "",
"SecurityPolicyDatabaseSet": [],
"IKEOptionsSpecification": {
"PropoEncryAlgorithm": "AES-CBC-256",
"PropoAuthenAlgorithm": "SHA",
"ExchangeMode": "AGGRESSIVE",
"LocalIdentity": "ADDRESS",
"RemoteIdentity": "ADDRESS",
"LocalAddress": "122.152.199.99",
"RemoteAddress": "39.97.38.104",
"LocalFqdnName": "",
"RemoteFqdnName": "",
"DhGroupName": "GROUP2",
"IKESaLifetimeSeconds": 86400,
"IKEVersion": "IKEV1"
},
"IPSECOptionsSpecification": {
"EncryptAlgorithm": "AES-CBC-256",
"IntegrityAlgorith": "SHA1",
"IPSECSaLifetimeSeconds": 3600,
"IPSECSaLifetimeTraffic": 1843200,
"PfsDhGroup": "NULL"
},
"EnableHealthCheck": false,
"HealthCheckLocalIp": "",
"HealthCheckRemoteIp": "",
"HealthCheckStatus": "",
"TagSet": []
},
"RequestId": "4b71dd4d-a3ee-4ac1-b99a-99d65f6443fd"
}
}
TencentCloud API 3.0 integrates SDKs that support various programming languages to make it easier for you to call APIs.
The following only lists the error codes related to the API business logic. For other error codes, see Common Error Codes.
Error Code | Description |
---|---|
InvalidParameter.Coexist | The parameters cannot be specified at the same time. |
InvalidParameterValue.Duplicate | The input parameter already exists. |
InvalidParameterValue.Empty | Missing parameters. |
InvalidParameterValue.Malformed | Invalid input parameter format. |
InvalidParameterValue.TagDuplicateKey | Duplicate tag keys. |
InvalidParameterValue.TagDuplicateResourceType | Duplicate tag resource type. |
InvalidParameterValue.TagInvalidKey | Invalid tag key. |
InvalidParameterValue.TagInvalidKeyLen | Invalid tag key length. |
InvalidParameterValue.TagInvalidVal | Invalid tag key. |
InvalidParameterValue.TagKeyNotExists | The tag key does not exist. |
InvalidParameterValue.TagNotAllocatedQuota | Tags are not assigned quotas. |
InvalidParameterValue.TagNotExisted | The tag and value do not exist. |
InvalidParameterValue.TagNotSupportTag | Unsupported tag. |
InvalidParameterValue.TagResourceFormatError | 'The tag resource format error. |
InvalidParameterValue.TagTimestampExceeded | Exceeded the quota of tag timestamp. |
InvalidParameterValue.TagValNotExists | The tag value does not exist. |
InvalidParameterValue.TooLong | Invalid parameter value. The parameter value is too long. |
InvalidParameterValue.VpcCidrConflict | Destination IP address range conflicts with CIDR of the current VPC. |
InvalidParameterValue.VpnConnBgpTunnelCidrConflict | |
InvalidParameterValue.VpnConnBgpTunnelCidrMask | |
InvalidParameterValue.VpnConnBgpTunnelCidrNotSupported | |
InvalidParameterValue.VpnConnCidrConflict | Destination IP address range conflicts with CIDR block of the current VPC tunnel. |
InvalidParameterValue.VpnConnHealthCheckIpConflict | The destination IP of the probe cannot be within the IP range of the VPC. |
LimitExceeded | Quota limit is reached. |
LimitExceeded.TagKeyExceeded | Reached the upper limit of tag keys. |
LimitExceeded.TagKeyPerResourceExceeded | Reached the upper limit of tags keys per resource. |
LimitExceeded.TagNotEnoughQuota | Insufficient tag quota. |
LimitExceeded.TagQuota | Exceeded the tag quota. Unable to create resources. |
LimitExceeded.TagQuotaExceeded | Reached the upper limit of tag quota. |
LimitExceeded.TagTagsExceeded | Reached the number limit of tag keys. |
ResourceInUse | The resource is occupied. |
ResourceNotFound | The resource does not exist. |
UnsupportedOperation | Unsupported operation. |
UnsupportedOperation.InvalidState | Invalid resource status. |
UnsupportedOperation.TagAllocate | Tags are being assigned. |
UnsupportedOperation.TagFree | Tags are being released. |
UnsupportedOperation.TagNotPermit | Unauthorized for this tag. |
UnsupportedOperation.TagSystemReservedTagKey | The specified tag key is reserved for system usage. |
UnsupportedOperation.VpnUnsupportedBgp | |
UnsupportedOperation.VpnUnsupportedBgpAsnEqual | |
UnsupportedOperation.VpnUnsupportedNotExistBgpAsn |
本页内容是否解决了您的问题?