volcenginecc.vpn.VpnConnection

Example coming soon!

Example coming soon!

Example coming soon!

Example coming soon!

Example coming soon!

name string

The unique name of the resource.

args VpnConnectionArgs

The arguments to resource properties.

opts CustomResourceOptions

Bag of options to control resource's behavior.

resource_name str

The unique name of the resource.

args VpnConnectionArgs

The arguments to resource properties.

opts ResourceOptions

Bag of options to control resource's behavior.

ctx Context

Context object for the current deployment.

name string

The unique name of the resource.

args VpnConnectionArgs

The arguments to resource properties.

opts ResourceOption

Bag of options to control resource's behavior.

name string

The unique name of the resource.

args VpnConnectionArgs

The arguments to resource properties.

opts CustomResourceOptions

Bag of options to control resource's behavior.

name String

The unique name of the resource.

args VpnConnectionArgs

The arguments to resource properties.

options CustomResourceOptions

Bag of options to control resource's behavior.

LocalSubnets List<string>

Local network segment of the IPsec connection.

RemoteSubnets List<string>

Peer CIDR block of the IPsec connection

AttachType string

Type of gateway associated with the IPsec connection. VpnGateway: VPN gateway; TransitRouter: transit router.

BgpInfo Volcengine.VpnConnectionBgpInfo

BGP information for the IPsec connection.

CustomerGatewayId string

ID of the customer gateway associated with the IPsec connection. This parameter is required when creating a single-tunnel IPsec connection. If the customer gateway IP address is 0.0.0.0, NegotiateInstantly can only be set to false, IkeConfig.Version can only be set to ikev1, and IkeConfig.Mode can only be set to aggressive in IkeConfig.

Description string

Description of the IPsec connection. Must start with a Chinese character, letter, or number, and can only contain Chinese characters, letters, numbers, period (.), space ( ), underscore (_), hyphen (-), equals sign (=), English comma (,), Chinese comma (，), and Chinese period (。). Length limit: 0–255 characters. If not specified, defaults to an empty string.

DpdAction string

Status of the DPD feature. none: DPD feature disabled. clear (default): DPD feature enabled; IKE SA is cleared after DPD timeout. hold: DPD feature enabled; current state is maintained after DPD timeout; the connection is re-established when new traffic is detected. restart: DPD feature enabled; reconnect immediately after DPD timeout.

EnableTunnelsBgp bool

Whether to enable BGP. Valid values: false (default): No, use static routing mode. true: Yes, use BGP routing mode.

HealthCheckers List<Volcengine.VpnConnectionHealthChecker>

IkeConfig Volcengine.VpnConnectionIkeConfig

IKE configuration information for the IPsec connection

IpsecConfig Volcengine.VpnConnectionIpsecConfig

IPsec configuration information for the IPsec connection.

LogEnabled bool

Enable connection logs. After connection logs are enabled, you can view and download IPsec connection logs and troubleshoot IPsec connection issues using the log information. true: Enabled. false: Not enabled.

NatTraversal bool

Enable NAT traversal. true: Enabled. When NAT traversal is enabled, IKE negotiation does not verify UDP port numbers and can detect NAT gateway devices in the VPN connection tunnel. false (default): Not enabled.

NegotiateInstantly bool

Whether to initiate negotiation mode immediately. true: The system actively initiates negotiation after the IPsec connection is configured. false (default): The system does not actively initiate negotiation after configuration; negotiation is initiated passively when traffic passes through.

ProjectName string

Project to which the IPsec connection belongs.

Spec string

IPsec connection instance specification. Only effective for IPsec associated with TR instances; ineffective for IPsec associated with VPN gateway instances. This parameter takes effect only when AttachType is set to TransitRouter. default (default): Default specification, bandwidth limit is 200 Mbps. large: Large specification, bandwidth limit is 1 Gbps. xlarge: Extra large specification, bandwidth limit is 3 Gbps.

TunnelOptions List<Volcengine.VpnConnectionTunnelOption>

VpnConnectionName string

Name of the IPsec connection. Must start with a Chinese character, English letter, or number, and can only contain Chinese characters, English letters, numbers, dot (.), underscore (_), and hyphen (-). Length must be between 1 and 128 characters. If not specified, defaults to the IPsec connection ID.

VpnGatewayId string

The ID of the VPN gateway associated with the IPsec connection. If AttachType is not specified or set to VpnGateway, this parameter must be provided. If AttachType is set to TransitRouter, this parameter is not required.

LocalSubnets []string

Local network segment of the IPsec connection.

RemoteSubnets []string

Peer CIDR block of the IPsec connection

AttachType string

Type of gateway associated with the IPsec connection. VpnGateway: VPN gateway; TransitRouter: transit router.

BgpInfo VpnConnectionBgpInfoArgs

BGP information for the IPsec connection.

CustomerGatewayId string

ID of the customer gateway associated with the IPsec connection. This parameter is required when creating a single-tunnel IPsec connection. If the customer gateway IP address is 0.0.0.0, NegotiateInstantly can only be set to false, IkeConfig.Version can only be set to ikev1, and IkeConfig.Mode can only be set to aggressive in IkeConfig.

Description string

Description of the IPsec connection. Must start with a Chinese character, letter, or number, and can only contain Chinese characters, letters, numbers, period (.), space ( ), underscore (_), hyphen (-), equals sign (=), English comma (,), Chinese comma (，), and Chinese period (。). Length limit: 0–255 characters. If not specified, defaults to an empty string.

DpdAction string

Status of the DPD feature. none: DPD feature disabled. clear (default): DPD feature enabled; IKE SA is cleared after DPD timeout. hold: DPD feature enabled; current state is maintained after DPD timeout; the connection is re-established when new traffic is detected. restart: DPD feature enabled; reconnect immediately after DPD timeout.

EnableTunnelsBgp bool

Whether to enable BGP. Valid values: false (default): No, use static routing mode. true: Yes, use BGP routing mode.

HealthCheckers []VpnConnectionHealthCheckerArgs

IkeConfig VpnConnectionIkeConfigArgs

IKE configuration information for the IPsec connection

IpsecConfig VpnConnectionIpsecConfigArgs

IPsec configuration information for the IPsec connection.

LogEnabled bool

Enable connection logs. After connection logs are enabled, you can view and download IPsec connection logs and troubleshoot IPsec connection issues using the log information. true: Enabled. false: Not enabled.

NatTraversal bool

Enable NAT traversal. true: Enabled. When NAT traversal is enabled, IKE negotiation does not verify UDP port numbers and can detect NAT gateway devices in the VPN connection tunnel. false (default): Not enabled.

NegotiateInstantly bool

Whether to initiate negotiation mode immediately. true: The system actively initiates negotiation after the IPsec connection is configured. false (default): The system does not actively initiate negotiation after configuration; negotiation is initiated passively when traffic passes through.

ProjectName string

Project to which the IPsec connection belongs.

Spec string

IPsec connection instance specification. Only effective for IPsec associated with TR instances; ineffective for IPsec associated with VPN gateway instances. This parameter takes effect only when AttachType is set to TransitRouter. default (default): Default specification, bandwidth limit is 200 Mbps. large: Large specification, bandwidth limit is 1 Gbps. xlarge: Extra large specification, bandwidth limit is 3 Gbps.

TunnelOptions []VpnConnectionTunnelOptionArgs

VpnConnectionName string

Name of the IPsec connection. Must start with a Chinese character, English letter, or number, and can only contain Chinese characters, English letters, numbers, dot (.), underscore (_), and hyphen (-). Length must be between 1 and 128 characters. If not specified, defaults to the IPsec connection ID.

VpnGatewayId string

The ID of the VPN gateway associated with the IPsec connection. If AttachType is not specified or set to VpnGateway, this parameter must be provided. If AttachType is set to TransitRouter, this parameter is not required.

localSubnets List<String>

Local network segment of the IPsec connection.

remoteSubnets List<String>

Peer CIDR block of the IPsec connection

attachType String

Type of gateway associated with the IPsec connection. VpnGateway: VPN gateway; TransitRouter: transit router.

bgpInfo VpnConnectionBgpInfo

BGP information for the IPsec connection.

customerGatewayId String

ID of the customer gateway associated with the IPsec connection. This parameter is required when creating a single-tunnel IPsec connection. If the customer gateway IP address is 0.0.0.0, NegotiateInstantly can only be set to false, IkeConfig.Version can only be set to ikev1, and IkeConfig.Mode can only be set to aggressive in IkeConfig.

description String

Description of the IPsec connection. Must start with a Chinese character, letter, or number, and can only contain Chinese characters, letters, numbers, period (.), space ( ), underscore (_), hyphen (-), equals sign (=), English comma (,), Chinese comma (，), and Chinese period (。). Length limit: 0–255 characters. If not specified, defaults to an empty string.

dpdAction String

Status of the DPD feature. none: DPD feature disabled. clear (default): DPD feature enabled; IKE SA is cleared after DPD timeout. hold: DPD feature enabled; current state is maintained after DPD timeout; the connection is re-established when new traffic is detected. restart: DPD feature enabled; reconnect immediately after DPD timeout.

enableTunnelsBgp Boolean

Whether to enable BGP. Valid values: false (default): No, use static routing mode. true: Yes, use BGP routing mode.

healthCheckers List<VpnConnectionHealthChecker>

ikeConfig VpnConnectionIkeConfig

IKE configuration information for the IPsec connection

ipsecConfig VpnConnectionIpsecConfig

IPsec configuration information for the IPsec connection.

logEnabled Boolean

Enable connection logs. After connection logs are enabled, you can view and download IPsec connection logs and troubleshoot IPsec connection issues using the log information. true: Enabled. false: Not enabled.

natTraversal Boolean

Enable NAT traversal. true: Enabled. When NAT traversal is enabled, IKE negotiation does not verify UDP port numbers and can detect NAT gateway devices in the VPN connection tunnel. false (default): Not enabled.

negotiateInstantly Boolean

Whether to initiate negotiation mode immediately. true: The system actively initiates negotiation after the IPsec connection is configured. false (default): The system does not actively initiate negotiation after configuration; negotiation is initiated passively when traffic passes through.

projectName String

Project to which the IPsec connection belongs.

spec String

IPsec connection instance specification. Only effective for IPsec associated with TR instances; ineffective for IPsec associated with VPN gateway instances. This parameter takes effect only when AttachType is set to TransitRouter. default (default): Default specification, bandwidth limit is 200 Mbps. large: Large specification, bandwidth limit is 1 Gbps. xlarge: Extra large specification, bandwidth limit is 3 Gbps.

tunnelOptions List<VpnConnectionTunnelOption>

vpnConnectionName String

Name of the IPsec connection. Must start with a Chinese character, English letter, or number, and can only contain Chinese characters, English letters, numbers, dot (.), underscore (_), and hyphen (-). Length must be between 1 and 128 characters. If not specified, defaults to the IPsec connection ID.

vpnGatewayId String

The ID of the VPN gateway associated with the IPsec connection. If AttachType is not specified or set to VpnGateway, this parameter must be provided. If AttachType is set to TransitRouter, this parameter is not required.

localSubnets string[]

Local network segment of the IPsec connection.

remoteSubnets string[]

Peer CIDR block of the IPsec connection

attachType string

Type of gateway associated with the IPsec connection. VpnGateway: VPN gateway; TransitRouter: transit router.

bgpInfo VpnConnectionBgpInfo

BGP information for the IPsec connection.

customerGatewayId string

ID of the customer gateway associated with the IPsec connection. This parameter is required when creating a single-tunnel IPsec connection. If the customer gateway IP address is 0.0.0.0, NegotiateInstantly can only be set to false, IkeConfig.Version can only be set to ikev1, and IkeConfig.Mode can only be set to aggressive in IkeConfig.

description string

Description of the IPsec connection. Must start with a Chinese character, letter, or number, and can only contain Chinese characters, letters, numbers, period (.), space ( ), underscore (_), hyphen (-), equals sign (=), English comma (,), Chinese comma (，), and Chinese period (。). Length limit: 0–255 characters. If not specified, defaults to an empty string.

dpdAction string

Status of the DPD feature. none: DPD feature disabled. clear (default): DPD feature enabled; IKE SA is cleared after DPD timeout. hold: DPD feature enabled; current state is maintained after DPD timeout; the connection is re-established when new traffic is detected. restart: DPD feature enabled; reconnect immediately after DPD timeout.

enableTunnelsBgp boolean

Whether to enable BGP. Valid values: false (default): No, use static routing mode. true: Yes, use BGP routing mode.

healthCheckers VpnConnectionHealthChecker[]

ikeConfig VpnConnectionIkeConfig

IKE configuration information for the IPsec connection

ipsecConfig VpnConnectionIpsecConfig

IPsec configuration information for the IPsec connection.

logEnabled boolean

Enable connection logs. After connection logs are enabled, you can view and download IPsec connection logs and troubleshoot IPsec connection issues using the log information. true: Enabled. false: Not enabled.

natTraversal boolean

Enable NAT traversal. true: Enabled. When NAT traversal is enabled, IKE negotiation does not verify UDP port numbers and can detect NAT gateway devices in the VPN connection tunnel. false (default): Not enabled.

negotiateInstantly boolean

Whether to initiate negotiation mode immediately. true: The system actively initiates negotiation after the IPsec connection is configured. false (default): The system does not actively initiate negotiation after configuration; negotiation is initiated passively when traffic passes through.

projectName string

Project to which the IPsec connection belongs.

spec string

IPsec connection instance specification. Only effective for IPsec associated with TR instances; ineffective for IPsec associated with VPN gateway instances. This parameter takes effect only when AttachType is set to TransitRouter. default (default): Default specification, bandwidth limit is 200 Mbps. large: Large specification, bandwidth limit is 1 Gbps. xlarge: Extra large specification, bandwidth limit is 3 Gbps.

tunnelOptions VpnConnectionTunnelOption[]

vpnConnectionName string

Name of the IPsec connection. Must start with a Chinese character, English letter, or number, and can only contain Chinese characters, English letters, numbers, dot (.), underscore (_), and hyphen (-). Length must be between 1 and 128 characters. If not specified, defaults to the IPsec connection ID.

vpnGatewayId string

The ID of the VPN gateway associated with the IPsec connection. If AttachType is not specified or set to VpnGateway, this parameter must be provided. If AttachType is set to TransitRouter, this parameter is not required.

local_subnets Sequence[str]

Local network segment of the IPsec connection.

remote_subnets Sequence[str]

Peer CIDR block of the IPsec connection

attach_type str

Type of gateway associated with the IPsec connection. VpnGateway: VPN gateway; TransitRouter: transit router.

bgp_info VpnConnectionBgpInfoArgs

BGP information for the IPsec connection.

customer_gateway_id str

ID of the customer gateway associated with the IPsec connection. This parameter is required when creating a single-tunnel IPsec connection. If the customer gateway IP address is 0.0.0.0, NegotiateInstantly can only be set to false, IkeConfig.Version can only be set to ikev1, and IkeConfig.Mode can only be set to aggressive in IkeConfig.

description str

Description of the IPsec connection. Must start with a Chinese character, letter, or number, and can only contain Chinese characters, letters, numbers, period (.), space ( ), underscore (_), hyphen (-), equals sign (=), English comma (,), Chinese comma (，), and Chinese period (。). Length limit: 0–255 characters. If not specified, defaults to an empty string.

dpd_action str

Status of the DPD feature. none: DPD feature disabled. clear (default): DPD feature enabled; IKE SA is cleared after DPD timeout. hold: DPD feature enabled; current state is maintained after DPD timeout; the connection is re-established when new traffic is detected. restart: DPD feature enabled; reconnect immediately after DPD timeout.

enable_tunnels_bgp bool

Whether to enable BGP. Valid values: false (default): No, use static routing mode. true: Yes, use BGP routing mode.

health_checkers Sequence[VpnConnectionHealthCheckerArgs]

ike_config VpnConnectionIkeConfigArgs

IKE configuration information for the IPsec connection

ipsec_config VpnConnectionIpsecConfigArgs

IPsec configuration information for the IPsec connection.

log_enabled bool

Enable connection logs. After connection logs are enabled, you can view and download IPsec connection logs and troubleshoot IPsec connection issues using the log information. true: Enabled. false: Not enabled.

nat_traversal bool

Enable NAT traversal. true: Enabled. When NAT traversal is enabled, IKE negotiation does not verify UDP port numbers and can detect NAT gateway devices in the VPN connection tunnel. false (default): Not enabled.

negotiate_instantly bool

Whether to initiate negotiation mode immediately. true: The system actively initiates negotiation after the IPsec connection is configured. false (default): The system does not actively initiate negotiation after configuration; negotiation is initiated passively when traffic passes through.

project_name str

Project to which the IPsec connection belongs.

spec str

IPsec connection instance specification. Only effective for IPsec associated with TR instances; ineffective for IPsec associated with VPN gateway instances. This parameter takes effect only when AttachType is set to TransitRouter. default (default): Default specification, bandwidth limit is 200 Mbps. large: Large specification, bandwidth limit is 1 Gbps. xlarge: Extra large specification, bandwidth limit is 3 Gbps.

tunnel_options Sequence[VpnConnectionTunnelOptionArgs]

vpn_connection_name str

Name of the IPsec connection. Must start with a Chinese character, English letter, or number, and can only contain Chinese characters, English letters, numbers, dot (.), underscore (_), and hyphen (-). Length must be between 1 and 128 characters. If not specified, defaults to the IPsec connection ID.

vpn_gateway_id str

The ID of the VPN gateway associated with the IPsec connection. If AttachType is not specified or set to VpnGateway, this parameter must be provided. If AttachType is set to TransitRouter, this parameter is not required.

localSubnets List<String>

Local network segment of the IPsec connection.

remoteSubnets List<String>

Peer CIDR block of the IPsec connection

attachType String

Type of gateway associated with the IPsec connection. VpnGateway: VPN gateway; TransitRouter: transit router.

bgpInfo Property Map

BGP information for the IPsec connection.

customerGatewayId String

ID of the customer gateway associated with the IPsec connection. This parameter is required when creating a single-tunnel IPsec connection. If the customer gateway IP address is 0.0.0.0, NegotiateInstantly can only be set to false, IkeConfig.Version can only be set to ikev1, and IkeConfig.Mode can only be set to aggressive in IkeConfig.

description String

Description of the IPsec connection. Must start with a Chinese character, letter, or number, and can only contain Chinese characters, letters, numbers, period (.), space ( ), underscore (_), hyphen (-), equals sign (=), English comma (,), Chinese comma (，), and Chinese period (。). Length limit: 0–255 characters. If not specified, defaults to an empty string.

dpdAction String

Status of the DPD feature. none: DPD feature disabled. clear (default): DPD feature enabled; IKE SA is cleared after DPD timeout. hold: DPD feature enabled; current state is maintained after DPD timeout; the connection is re-established when new traffic is detected. restart: DPD feature enabled; reconnect immediately after DPD timeout.

enableTunnelsBgp Boolean

Whether to enable BGP. Valid values: false (default): No, use static routing mode. true: Yes, use BGP routing mode.

healthCheckers List<Property Map>

ikeConfig Property Map

IKE configuration information for the IPsec connection

ipsecConfig Property Map

IPsec configuration information for the IPsec connection.

logEnabled Boolean

Enable connection logs. After connection logs are enabled, you can view and download IPsec connection logs and troubleshoot IPsec connection issues using the log information. true: Enabled. false: Not enabled.

natTraversal Boolean

Enable NAT traversal. true: Enabled. When NAT traversal is enabled, IKE negotiation does not verify UDP port numbers and can detect NAT gateway devices in the VPN connection tunnel. false (default): Not enabled.

negotiateInstantly Boolean

Whether to initiate negotiation mode immediately. true: The system actively initiates negotiation after the IPsec connection is configured. false (default): The system does not actively initiate negotiation after configuration; negotiation is initiated passively when traffic passes through.

projectName String

Project to which the IPsec connection belongs.

spec String

IPsec connection instance specification. Only effective for IPsec associated with TR instances; ineffective for IPsec associated with VPN gateway instances. This parameter takes effect only when AttachType is set to TransitRouter. default (default): Default specification, bandwidth limit is 200 Mbps. large: Large specification, bandwidth limit is 1 Gbps. xlarge: Extra large specification, bandwidth limit is 3 Gbps.

tunnelOptions List<Property Map>

vpnConnectionName String

Name of the IPsec connection. Must start with a Chinese character, English letter, or number, and can only contain Chinese characters, English letters, numbers, dot (.), underscore (_), and hyphen (-). Length must be between 1 and 128 characters. If not specified, defaults to the IPsec connection ID.

vpnGatewayId String

The ID of the VPN gateway associated with the IPsec connection. If AttachType is not specified or set to VpnGateway, this parameter must be provided. If AttachType is set to TransitRouter, this parameter is not required.

AccountId string

ID of the account to which the IPsec connection belongs.

AttachStatus string

IPsec connection status, VpnGateway: Attached: Bound; TransitRouter: Attached: Bound; Attaching: Binding; Detached: Unbound; Detaching: Unbinding.

BusinessStatus string

Billing status of the IPsec connection. This parameter is returned only when AttachType is 'TransitRouter'. Normal: Normal. FinancialLocked: Financially locked.

ConnectStatus string

Status of the tunnel connection. ikesanegotiationfailed: Phase 1 negotiation failed. ikesanegotiationcompleted: Phase 1 negotiation succeeded. ipsecsanegotiationfailed: Phase 2 negotiation failed. ipsecsanegotiationcompleted: Phase 2 negotiation succeeded.

CreationTime string

Time when the IPsec connection was created.

DeletedTime string

Expected resource forced reclamation time. This parameter is returned only when AttachType is 'TransitRouter', and only when the resource is frozen due to overdue payment. Otherwise, the value is empty.

DualTunnelEnabled bool

Enable dual tunnel feature. true: Enabled. false: Not enabled.

Id string

The provider-assigned unique ID for this managed resource.

IpAddress string

Public IP address of the transit router. This parameter is returned only when AttachType is 'TransitRouter'.

IsBlocked bool

Whether the current resource is blocked. true: Blocked; false: Not blocked

OverdueTime string

Resource freeze time. This parameter is returned only when AttachType is 'TransitRouter', and only when the resource is frozen due to overdue payment. Otherwise, this parameter is empty.

Status string

Status of the IPsec connection. Creating: Creating. Deleting: Deleting. Pending: Configuring. Available: Available.

Tags List<Volcengine.VpnConnectionTag>

TransitRouterId string

The ID of the transit router. This parameter is returned only when AttachType is 'TransitRouter'.

UpdateTime string

The time when the IPsec connection was updated.

VpnConnectionId string

ID of the IPsec connection

ZoneId string

Availability zone of the transit router attachment point. This parameter is returned only when AttachType is 'TransitRouter'.

AccountId string

ID of the account to which the IPsec connection belongs.

AttachStatus string

IPsec connection status, VpnGateway: Attached: Bound; TransitRouter: Attached: Bound; Attaching: Binding; Detached: Unbound; Detaching: Unbinding.

BusinessStatus string

Billing status of the IPsec connection. This parameter is returned only when AttachType is 'TransitRouter'. Normal: Normal. FinancialLocked: Financially locked.

ConnectStatus string

Status of the tunnel connection. ikesanegotiationfailed: Phase 1 negotiation failed. ikesanegotiationcompleted: Phase 1 negotiation succeeded. ipsecsanegotiationfailed: Phase 2 negotiation failed. ipsecsanegotiationcompleted: Phase 2 negotiation succeeded.

CreationTime string

Time when the IPsec connection was created.

DeletedTime string

Expected resource forced reclamation time. This parameter is returned only when AttachType is 'TransitRouter', and only when the resource is frozen due to overdue payment. Otherwise, the value is empty.

DualTunnelEnabled bool

Enable dual tunnel feature. true: Enabled. false: Not enabled.

Id string

The provider-assigned unique ID for this managed resource.

IpAddress string

Public IP address of the transit router. This parameter is returned only when AttachType is 'TransitRouter'.

IsBlocked bool

Whether the current resource is blocked. true: Blocked; false: Not blocked

OverdueTime string

Resource freeze time. This parameter is returned only when AttachType is 'TransitRouter', and only when the resource is frozen due to overdue payment. Otherwise, this parameter is empty.

Status string

Status of the IPsec connection. Creating: Creating. Deleting: Deleting. Pending: Configuring. Available: Available.

Tags []VpnConnectionTag

TransitRouterId string

The ID of the transit router. This parameter is returned only when AttachType is 'TransitRouter'.

UpdateTime string

The time when the IPsec connection was updated.

VpnConnectionId string

ID of the IPsec connection

ZoneId string

Availability zone of the transit router attachment point. This parameter is returned only when AttachType is 'TransitRouter'.

accountId String

ID of the account to which the IPsec connection belongs.

attachStatus String

IPsec connection status, VpnGateway: Attached: Bound; TransitRouter: Attached: Bound; Attaching: Binding; Detached: Unbound; Detaching: Unbinding.

businessStatus String

Billing status of the IPsec connection. This parameter is returned only when AttachType is 'TransitRouter'. Normal: Normal. FinancialLocked: Financially locked.

connectStatus String

Status of the tunnel connection. ikesanegotiationfailed: Phase 1 negotiation failed. ikesanegotiationcompleted: Phase 1 negotiation succeeded. ipsecsanegotiationfailed: Phase 2 negotiation failed. ipsecsanegotiationcompleted: Phase 2 negotiation succeeded.

creationTime String

Time when the IPsec connection was created.

deletedTime String

Expected resource forced reclamation time. This parameter is returned only when AttachType is 'TransitRouter', and only when the resource is frozen due to overdue payment. Otherwise, the value is empty.

dualTunnelEnabled Boolean

Enable dual tunnel feature. true: Enabled. false: Not enabled.

id String

The provider-assigned unique ID for this managed resource.

ipAddress String

Public IP address of the transit router. This parameter is returned only when AttachType is 'TransitRouter'.

isBlocked Boolean

Whether the current resource is blocked. true: Blocked; false: Not blocked

overdueTime String

Resource freeze time. This parameter is returned only when AttachType is 'TransitRouter', and only when the resource is frozen due to overdue payment. Otherwise, this parameter is empty.

status String

Status of the IPsec connection. Creating: Creating. Deleting: Deleting. Pending: Configuring. Available: Available.

tags List<VpnConnectionTag>

transitRouterId String

The ID of the transit router. This parameter is returned only when AttachType is 'TransitRouter'.

updateTime String

The time when the IPsec connection was updated.

vpnConnectionId String

ID of the IPsec connection

zoneId String

Availability zone of the transit router attachment point. This parameter is returned only when AttachType is 'TransitRouter'.

accountId string

ID of the account to which the IPsec connection belongs.

attachStatus string

IPsec connection status, VpnGateway: Attached: Bound; TransitRouter: Attached: Bound; Attaching: Binding; Detached: Unbound; Detaching: Unbinding.

businessStatus string

Billing status of the IPsec connection. This parameter is returned only when AttachType is 'TransitRouter'. Normal: Normal. FinancialLocked: Financially locked.

connectStatus string

Status of the tunnel connection. ikesanegotiationfailed: Phase 1 negotiation failed. ikesanegotiationcompleted: Phase 1 negotiation succeeded. ipsecsanegotiationfailed: Phase 2 negotiation failed. ipsecsanegotiationcompleted: Phase 2 negotiation succeeded.

creationTime string

Time when the IPsec connection was created.

deletedTime string

Expected resource forced reclamation time. This parameter is returned only when AttachType is 'TransitRouter', and only when the resource is frozen due to overdue payment. Otherwise, the value is empty.

dualTunnelEnabled boolean

Enable dual tunnel feature. true: Enabled. false: Not enabled.

id string

The provider-assigned unique ID for this managed resource.

ipAddress string

Public IP address of the transit router. This parameter is returned only when AttachType is 'TransitRouter'.

isBlocked boolean

Whether the current resource is blocked. true: Blocked; false: Not blocked

overdueTime string

Resource freeze time. This parameter is returned only when AttachType is 'TransitRouter', and only when the resource is frozen due to overdue payment. Otherwise, this parameter is empty.

status string

Status of the IPsec connection. Creating: Creating. Deleting: Deleting. Pending: Configuring. Available: Available.

tags VpnConnectionTag[]

transitRouterId string

The ID of the transit router. This parameter is returned only when AttachType is 'TransitRouter'.

updateTime string

The time when the IPsec connection was updated.

vpnConnectionId string

ID of the IPsec connection

zoneId string

Availability zone of the transit router attachment point. This parameter is returned only when AttachType is 'TransitRouter'.

account_id str

ID of the account to which the IPsec connection belongs.

attach_status str

IPsec connection status, VpnGateway: Attached: Bound; TransitRouter: Attached: Bound; Attaching: Binding; Detached: Unbound; Detaching: Unbinding.

business_status str

Billing status of the IPsec connection. This parameter is returned only when AttachType is 'TransitRouter'. Normal: Normal. FinancialLocked: Financially locked.

connect_status str

Status of the tunnel connection. ikesanegotiationfailed: Phase 1 negotiation failed. ikesanegotiationcompleted: Phase 1 negotiation succeeded. ipsecsanegotiationfailed: Phase 2 negotiation failed. ipsecsanegotiationcompleted: Phase 2 negotiation succeeded.

creation_time str

Time when the IPsec connection was created.

deleted_time str

Expected resource forced reclamation time. This parameter is returned only when AttachType is 'TransitRouter', and only when the resource is frozen due to overdue payment. Otherwise, the value is empty.

dual_tunnel_enabled bool

Enable dual tunnel feature. true: Enabled. false: Not enabled.

id str

The provider-assigned unique ID for this managed resource.

ip_address str

Public IP address of the transit router. This parameter is returned only when AttachType is 'TransitRouter'.

is_blocked bool

Whether the current resource is blocked. true: Blocked; false: Not blocked

overdue_time str

Resource freeze time. This parameter is returned only when AttachType is 'TransitRouter', and only when the resource is frozen due to overdue payment. Otherwise, this parameter is empty.

status str

Status of the IPsec connection. Creating: Creating. Deleting: Deleting. Pending: Configuring. Available: Available.

tags Sequence[VpnConnectionTag]

transit_router_id str

The ID of the transit router. This parameter is returned only when AttachType is 'TransitRouter'.

update_time str

The time when the IPsec connection was updated.

vpn_connection_id str

ID of the IPsec connection

zone_id str

Availability zone of the transit router attachment point. This parameter is returned only when AttachType is 'TransitRouter'.

accountId String

ID of the account to which the IPsec connection belongs.

attachStatus String

IPsec connection status, VpnGateway: Attached: Bound; TransitRouter: Attached: Bound; Attaching: Binding; Detached: Unbound; Detaching: Unbinding.

businessStatus String

Billing status of the IPsec connection. This parameter is returned only when AttachType is 'TransitRouter'. Normal: Normal. FinancialLocked: Financially locked.

connectStatus String

Status of the tunnel connection. ikesanegotiationfailed: Phase 1 negotiation failed. ikesanegotiationcompleted: Phase 1 negotiation succeeded. ipsecsanegotiationfailed: Phase 2 negotiation failed. ipsecsanegotiationcompleted: Phase 2 negotiation succeeded.

creationTime String

Time when the IPsec connection was created.

deletedTime String

Expected resource forced reclamation time. This parameter is returned only when AttachType is 'TransitRouter', and only when the resource is frozen due to overdue payment. Otherwise, the value is empty.

dualTunnelEnabled Boolean

Enable dual tunnel feature. true: Enabled. false: Not enabled.

id String

The provider-assigned unique ID for this managed resource.

ipAddress String

Public IP address of the transit router. This parameter is returned only when AttachType is 'TransitRouter'.

isBlocked Boolean

Whether the current resource is blocked. true: Blocked; false: Not blocked

overdueTime String

Resource freeze time. This parameter is returned only when AttachType is 'TransitRouter', and only when the resource is frozen due to overdue payment. Otherwise, this parameter is empty.

status String

Status of the IPsec connection. Creating: Creating. Deleting: Deleting. Pending: Configuring. Available: Available.

tags List<Property Map>

transitRouterId String

The ID of the transit router. This parameter is returned only when AttachType is 'TransitRouter'.

updateTime String

The time when the IPsec connection was updated.

vpnConnectionId String

ID of the IPsec connection

zoneId String

Availability zone of the transit router attachment point. This parameter is returned only when AttachType is 'TransitRouter'.

name

The unique name of the resulting resource.

id

The unique provider ID of the resource to lookup.

state

Any extra arguments used during the lookup.

opts

A bag of options that control this resource's behavior.

resource_name

The unique name of the resulting resource.

id

The unique provider ID of the resource to lookup.

name

The unique name of the resulting resource.

id

The unique provider ID of the resource to lookup.

state

Any extra arguments used during the lookup.

opts

A bag of options that control this resource's behavior.

name

The unique name of the resulting resource.

id

The unique provider ID of the resource to lookup.

state

Any extra arguments used during the lookup.

opts

A bag of options that control this resource's behavior.

name

The unique name of the resulting resource.

id

The unique provider ID of the resource to lookup.

state

Any extra arguments used during the lookup.

opts

A bag of options that control this resource's behavior.

EnableBgp bool

Enable dynamic route propagation. false (default): No, use static routing mode. true: Yes, use BGP routing mode.

LocalAsn int

The ASN of the VPN gateway.

LocalBgpIp string

The local tunnel IP, which is the BGP address configured on the VPN gateway and defaults to the first host address of BgpConfig.TunnelCidr. This address must be an IP address within the IPsec tunnel subnet. If BgpConfig.EnableBgp is set to true, this parameter must be provided.

PeerAsn int

ASN of the customer gateway.

PeerBgpIp string

BGP peer IP, that is, the BGP address on the customer gateway side.

SessionStatus string

Status of the BGP connection. Up: BGP connection is normal. Down: BGP connection is not working.

TunnelCidr string

CIDR address range for the local and peer IPs of the BGP session.

EnableBgp bool

Enable dynamic route propagation. false (default): No, use static routing mode. true: Yes, use BGP routing mode.

LocalAsn int

The ASN of the VPN gateway.

LocalBgpIp string

The local tunnel IP, which is the BGP address configured on the VPN gateway and defaults to the first host address of BgpConfig.TunnelCidr. This address must be an IP address within the IPsec tunnel subnet. If BgpConfig.EnableBgp is set to true, this parameter must be provided.

PeerAsn int

ASN of the customer gateway.

PeerBgpIp string

BGP peer IP, that is, the BGP address on the customer gateway side.

SessionStatus string

Status of the BGP connection. Up: BGP connection is normal. Down: BGP connection is not working.

TunnelCidr string

CIDR address range for the local and peer IPs of the BGP session.

enableBgp Boolean

Enable dynamic route propagation. false (default): No, use static routing mode. true: Yes, use BGP routing mode.

localAsn Integer

The ASN of the VPN gateway.

localBgpIp String

The local tunnel IP, which is the BGP address configured on the VPN gateway and defaults to the first host address of BgpConfig.TunnelCidr. This address must be an IP address within the IPsec tunnel subnet. If BgpConfig.EnableBgp is set to true, this parameter must be provided.

peerAsn Integer

ASN of the customer gateway.

peerBgpIp String

BGP peer IP, that is, the BGP address on the customer gateway side.

sessionStatus String

Status of the BGP connection. Up: BGP connection is normal. Down: BGP connection is not working.

tunnelCidr String

CIDR address range for the local and peer IPs of the BGP session.

enableBgp boolean

Enable dynamic route propagation. false (default): No, use static routing mode. true: Yes, use BGP routing mode.

localAsn number

The ASN of the VPN gateway.

localBgpIp string

The local tunnel IP, which is the BGP address configured on the VPN gateway and defaults to the first host address of BgpConfig.TunnelCidr. This address must be an IP address within the IPsec tunnel subnet. If BgpConfig.EnableBgp is set to true, this parameter must be provided.

peerAsn number

ASN of the customer gateway.

peerBgpIp string

BGP peer IP, that is, the BGP address on the customer gateway side.

sessionStatus string

Status of the BGP connection. Up: BGP connection is normal. Down: BGP connection is not working.

tunnelCidr string

CIDR address range for the local and peer IPs of the BGP session.

enable_bgp bool

Enable dynamic route propagation. false (default): No, use static routing mode. true: Yes, use BGP routing mode.

local_asn int

The ASN of the VPN gateway.

local_bgp_ip str

The local tunnel IP, which is the BGP address configured on the VPN gateway and defaults to the first host address of BgpConfig.TunnelCidr. This address must be an IP address within the IPsec tunnel subnet. If BgpConfig.EnableBgp is set to true, this parameter must be provided.

peer_asn int

ASN of the customer gateway.

peer_bgp_ip str

BGP peer IP, that is, the BGP address on the customer gateway side.

session_status str

Status of the BGP connection. Up: BGP connection is normal. Down: BGP connection is not working.

tunnel_cidr str

CIDR address range for the local and peer IPs of the BGP session.

enableBgp Boolean

Enable dynamic route propagation. false (default): No, use static routing mode. true: Yes, use BGP routing mode.

localAsn Number

The ASN of the VPN gateway.

localBgpIp String

The local tunnel IP, which is the BGP address configured on the VPN gateway and defaults to the first host address of BgpConfig.TunnelCidr. This address must be an IP address within the IPsec tunnel subnet. If BgpConfig.EnableBgp is set to true, this parameter must be provided.

peerAsn Number

ASN of the customer gateway.

peerBgpIp String

BGP peer IP, that is, the BGP address on the customer gateway side.

sessionStatus String

Status of the BGP connection. Up: BGP connection is normal. Down: BGP connection is not working.

tunnelCidr String

CIDR address range for the local and peer IPs of the BGP session.

CheckInterval int

Interval for performing health checks

CheckResult string

Health check result. Up: Normal. Down: Abnormal.

CheckerId string

ID of the IPsec connection health check

DownTime int

Health check unhealthy threshold. If the health check result is 'abnormal' for the specified number of consecutive times, the IPsec connection is considered unhealthy.

LocalIp string

Health check source IP.

RemoteIp string

Health check target IP.

Timeout int

Health check response timeout. If the IPsec connection does not respond correctly within the specified response time, it is considered 'abnormal' for health check.

UpTime int

Health check threshold. If the specified number of consecutive health checks are all 'healthy', the IPsec connection is considered 'healthy' by health check.

CheckInterval int

Interval for performing health checks

CheckResult string

Health check result. Up: Normal. Down: Abnormal.

CheckerId string

ID of the IPsec connection health check

DownTime int

Health check unhealthy threshold. If the health check result is 'abnormal' for the specified number of consecutive times, the IPsec connection is considered unhealthy.

LocalIp string

Health check source IP.

RemoteIp string

Health check target IP.

Timeout int

Health check response timeout. If the IPsec connection does not respond correctly within the specified response time, it is considered 'abnormal' for health check.

UpTime int

Health check threshold. If the specified number of consecutive health checks are all 'healthy', the IPsec connection is considered 'healthy' by health check.

checkInterval Integer

Interval for performing health checks

checkResult String

Health check result. Up: Normal. Down: Abnormal.

checkerId String

ID of the IPsec connection health check

downTime Integer

Health check unhealthy threshold. If the health check result is 'abnormal' for the specified number of consecutive times, the IPsec connection is considered unhealthy.

localIp String

Health check source IP.

remoteIp String

Health check target IP.

timeout Integer

Health check response timeout. If the IPsec connection does not respond correctly within the specified response time, it is considered 'abnormal' for health check.

upTime Integer

Health check threshold. If the specified number of consecutive health checks are all 'healthy', the IPsec connection is considered 'healthy' by health check.

checkInterval number

Interval for performing health checks

checkResult string

Health check result. Up: Normal. Down: Abnormal.

checkerId string

ID of the IPsec connection health check

downTime number

Health check unhealthy threshold. If the health check result is 'abnormal' for the specified number of consecutive times, the IPsec connection is considered unhealthy.

localIp string

Health check source IP.

remoteIp string

Health check target IP.

timeout number

Health check response timeout. If the IPsec connection does not respond correctly within the specified response time, it is considered 'abnormal' for health check.

upTime number

Health check threshold. If the specified number of consecutive health checks are all 'healthy', the IPsec connection is considered 'healthy' by health check.

check_interval int

Interval for performing health checks

check_result str

Health check result. Up: Normal. Down: Abnormal.

checker_id str

ID of the IPsec connection health check

down_time int

Health check unhealthy threshold. If the health check result is 'abnormal' for the specified number of consecutive times, the IPsec connection is considered unhealthy.

local_ip str

Health check source IP.

remote_ip str

Health check target IP.

timeout int

Health check response timeout. If the IPsec connection does not respond correctly within the specified response time, it is considered 'abnormal' for health check.

up_time int

Health check threshold. If the specified number of consecutive health checks are all 'healthy', the IPsec connection is considered 'healthy' by health check.

checkInterval Number

Interval for performing health checks

checkResult String

Health check result. Up: Normal. Down: Abnormal.

checkerId String

ID of the IPsec connection health check

downTime Number

Health check unhealthy threshold. If the health check result is 'abnormal' for the specified number of consecutive times, the IPsec connection is considered unhealthy.

localIp String

Health check source IP.

remoteIp String

Health check target IP.

timeout Number

Health check response timeout. If the IPsec connection does not respond correctly within the specified response time, it is considered 'abnormal' for health check.

upTime Number

Health check threshold. If the specified number of consecutive health checks are all 'healthy', the IPsec connection is considered 'healthy' by health check.

AuthAlg string

Authentication algorithm for phase one.

DhGroup string

DH (Diffie-Hellman) key exchange algorithm used in phase 1 negotiation. Valid values: group1, group2 (default), group5, group14

EncAlg string

Encryption algorithm for phase 1 negotiation.

Lifetime int

Lifetime of the SA for phase 1 negotiation. After the lifetime is exceeded, negotiation restarts. Value range: 900~86400, unit: seconds. Default: 86400.

LocalId string

Identifier of the VPN gateway, used for phase 1 negotiation. Supports IP format and FQDN (Fully Qualified Domain Name) format. If not specified, defaults to the current VPN gateway's egress IP address. If you manually set it to FQDN format, it is recommended to set the negotiation mode to 'aggressive'. Maximum length is 100 characters. Only uppercase and lowercase letters, special characters ~ ` | ! @ # $ % ^ ( ) - _ + = [ ] { } \ , . / : ; and digits are allowed.

Mode string

Negotiation mode for phase 1. This parameter is required only when IkeConfig.Version is ikev1. Valid values: main (default), aggressive

Psk string

Pre-shared key used for identity authentication between the VPN gateway and the user gateway in phase 1. Must not exceed 100 characters and can only contain uppercase and lowercase letters, special symbols ~ ` | ! @ # $ % ^ ( ) - _ + = [ ] { } \ , . / : ;, and numbers.

RemoteId string

Identifier of the customer gateway, used for phase one negotiation. Supports IP format and FQDN (Fully Qualified Domain Name) format. If not specified, defaults to the public IP address of the currently selected customer gateway. If you manually set it to FQDN format, it is recommended to set the negotiation mode to 'aggressive'. Maximum length is 100 characters. Only uppercase and lowercase letters, special characters ~ ` | ! @ # $ % ^ ( ) - _ + = [ ] { } \ , . / : ;, and digits are allowed.

Version string

Version of the IKE key exchange protocol. Valid values: ikev1, ikev2 (default).

AuthAlg string

Authentication algorithm for phase one.

DhGroup string

DH (Diffie-Hellman) key exchange algorithm used in phase 1 negotiation. Valid values: group1, group2 (default), group5, group14

EncAlg string

Encryption algorithm for phase 1 negotiation.

Lifetime int

Lifetime of the SA for phase 1 negotiation. After the lifetime is exceeded, negotiation restarts. Value range: 900~86400, unit: seconds. Default: 86400.

LocalId string

Identifier of the VPN gateway, used for phase 1 negotiation. Supports IP format and FQDN (Fully Qualified Domain Name) format. If not specified, defaults to the current VPN gateway's egress IP address. If you manually set it to FQDN format, it is recommended to set the negotiation mode to 'aggressive'. Maximum length is 100 characters. Only uppercase and lowercase letters, special characters ~ ` | ! @ # $ % ^ ( ) - _ + = [ ] { } \ , . / : ; and digits are allowed.

Mode string

Negotiation mode for phase 1. This parameter is required only when IkeConfig.Version is ikev1. Valid values: main (default), aggressive

Psk string

Pre-shared key used for identity authentication between the VPN gateway and the user gateway in phase 1. Must not exceed 100 characters and can only contain uppercase and lowercase letters, special symbols ~ ` | ! @ # $ % ^ ( ) - _ + = [ ] { } \ , . / : ;, and numbers.

RemoteId string

Identifier of the customer gateway, used for phase one negotiation. Supports IP format and FQDN (Fully Qualified Domain Name) format. If not specified, defaults to the public IP address of the currently selected customer gateway. If you manually set it to FQDN format, it is recommended to set the negotiation mode to 'aggressive'. Maximum length is 100 characters. Only uppercase and lowercase letters, special characters ~ ` | ! @ # $ % ^ ( ) - _ + = [ ] { } \ , . / : ;, and digits are allowed.

Version string

Version of the IKE key exchange protocol. Valid values: ikev1, ikev2 (default).

authAlg String

Authentication algorithm for phase one.

dhGroup String

DH (Diffie-Hellman) key exchange algorithm used in phase 1 negotiation. Valid values: group1, group2 (default), group5, group14

encAlg String

Encryption algorithm for phase 1 negotiation.

lifetime Integer

Lifetime of the SA for phase 1 negotiation. After the lifetime is exceeded, negotiation restarts. Value range: 900~86400, unit: seconds. Default: 86400.

localId String

Identifier of the VPN gateway, used for phase 1 negotiation. Supports IP format and FQDN (Fully Qualified Domain Name) format. If not specified, defaults to the current VPN gateway's egress IP address. If you manually set it to FQDN format, it is recommended to set the negotiation mode to 'aggressive'. Maximum length is 100 characters. Only uppercase and lowercase letters, special characters ~ ` | ! @ # $ % ^ ( ) - _ + = [ ] { } \ , . / : ; and digits are allowed.

mode String

Negotiation mode for phase 1. This parameter is required only when IkeConfig.Version is ikev1. Valid values: main (default), aggressive

psk String

Pre-shared key used for identity authentication between the VPN gateway and the user gateway in phase 1. Must not exceed 100 characters and can only contain uppercase and lowercase letters, special symbols ~ ` | ! @ # $ % ^ ( ) - _ + = [ ] { } \ , . / : ;, and numbers.

remoteId String

Identifier of the customer gateway, used for phase one negotiation. Supports IP format and FQDN (Fully Qualified Domain Name) format. If not specified, defaults to the public IP address of the currently selected customer gateway. If you manually set it to FQDN format, it is recommended to set the negotiation mode to 'aggressive'. Maximum length is 100 characters. Only uppercase and lowercase letters, special characters ~ ` | ! @ # $ % ^ ( ) - _ + = [ ] { } \ , . / : ;, and digits are allowed.

version String

Version of the IKE key exchange protocol. Valid values: ikev1, ikev2 (default).

authAlg string

Authentication algorithm for phase one.

dhGroup string

DH (Diffie-Hellman) key exchange algorithm used in phase 1 negotiation. Valid values: group1, group2 (default), group5, group14

encAlg string

Encryption algorithm for phase 1 negotiation.

lifetime number

Lifetime of the SA for phase 1 negotiation. After the lifetime is exceeded, negotiation restarts. Value range: 900~86400, unit: seconds. Default: 86400.

localId string

Identifier of the VPN gateway, used for phase 1 negotiation. Supports IP format and FQDN (Fully Qualified Domain Name) format. If not specified, defaults to the current VPN gateway's egress IP address. If you manually set it to FQDN format, it is recommended to set the negotiation mode to 'aggressive'. Maximum length is 100 characters. Only uppercase and lowercase letters, special characters ~ ` | ! @ # $ % ^ ( ) - _ + = [ ] { } \ , . / : ; and digits are allowed.

mode string

Negotiation mode for phase 1. This parameter is required only when IkeConfig.Version is ikev1. Valid values: main (default), aggressive

psk string

Pre-shared key used for identity authentication between the VPN gateway and the user gateway in phase 1. Must not exceed 100 characters and can only contain uppercase and lowercase letters, special symbols ~ ` | ! @ # $ % ^ ( ) - _ + = [ ] { } \ , . / : ;, and numbers.

remoteId string

Identifier of the customer gateway, used for phase one negotiation. Supports IP format and FQDN (Fully Qualified Domain Name) format. If not specified, defaults to the public IP address of the currently selected customer gateway. If you manually set it to FQDN format, it is recommended to set the negotiation mode to 'aggressive'. Maximum length is 100 characters. Only uppercase and lowercase letters, special characters ~ ` | ! @ # $ % ^ ( ) - _ + = [ ] { } \ , . / : ;, and digits are allowed.

version string

Version of the IKE key exchange protocol. Valid values: ikev1, ikev2 (default).

auth_alg str

Authentication algorithm for phase one.

dh_group str

DH (Diffie-Hellman) key exchange algorithm used in phase 1 negotiation. Valid values: group1, group2 (default), group5, group14

enc_alg str

Encryption algorithm for phase 1 negotiation.

lifetime int

Lifetime of the SA for phase 1 negotiation. After the lifetime is exceeded, negotiation restarts. Value range: 900~86400, unit: seconds. Default: 86400.

local_id str

Identifier of the VPN gateway, used for phase 1 negotiation. Supports IP format and FQDN (Fully Qualified Domain Name) format. If not specified, defaults to the current VPN gateway's egress IP address. If you manually set it to FQDN format, it is recommended to set the negotiation mode to 'aggressive'. Maximum length is 100 characters. Only uppercase and lowercase letters, special characters ~ ` | ! @ # $ % ^ ( ) - _ + = [ ] { } \ , . / : ; and digits are allowed.

mode str

Negotiation mode for phase 1. This parameter is required only when IkeConfig.Version is ikev1. Valid values: main (default), aggressive

psk str

Pre-shared key used for identity authentication between the VPN gateway and the user gateway in phase 1. Must not exceed 100 characters and can only contain uppercase and lowercase letters, special symbols ~ ` | ! @ # $ % ^ ( ) - _ + = [ ] { } \ , . / : ;, and numbers.

remote_id str

Identifier of the customer gateway, used for phase one negotiation. Supports IP format and FQDN (Fully Qualified Domain Name) format. If not specified, defaults to the public IP address of the currently selected customer gateway. If you manually set it to FQDN format, it is recommended to set the negotiation mode to 'aggressive'. Maximum length is 100 characters. Only uppercase and lowercase letters, special characters ~ ` | ! @ # $ % ^ ( ) - _ + = [ ] { } \ , . / : ;, and digits are allowed.

version str

Version of the IKE key exchange protocol. Valid values: ikev1, ikev2 (default).

authAlg String

Authentication algorithm for phase one.

dhGroup String

DH (Diffie-Hellman) key exchange algorithm used in phase 1 negotiation. Valid values: group1, group2 (default), group5, group14

encAlg String

Encryption algorithm for phase 1 negotiation.

lifetime Number

Lifetime of the SA for phase 1 negotiation. After the lifetime is exceeded, negotiation restarts. Value range: 900~86400, unit: seconds. Default: 86400.

localId String

Identifier of the VPN gateway, used for phase 1 negotiation. Supports IP format and FQDN (Fully Qualified Domain Name) format. If not specified, defaults to the current VPN gateway's egress IP address. If you manually set it to FQDN format, it is recommended to set the negotiation mode to 'aggressive'. Maximum length is 100 characters. Only uppercase and lowercase letters, special characters ~ ` | ! @ # $ % ^ ( ) - _ + = [ ] { } \ , . / : ; and digits are allowed.

mode String

Negotiation mode for phase 1. This parameter is required only when IkeConfig.Version is ikev1. Valid values: main (default), aggressive

psk String

Pre-shared key used for identity authentication between the VPN gateway and the user gateway in phase 1. Must not exceed 100 characters and can only contain uppercase and lowercase letters, special symbols ~ ` | ! @ # $ % ^ ( ) - _ + = [ ] { } \ , . / : ;, and numbers.

remoteId String

Identifier of the customer gateway, used for phase one negotiation. Supports IP format and FQDN (Fully Qualified Domain Name) format. If not specified, defaults to the public IP address of the currently selected customer gateway. If you manually set it to FQDN format, it is recommended to set the negotiation mode to 'aggressive'. Maximum length is 100 characters. Only uppercase and lowercase letters, special characters ~ ` | ! @ # $ % ^ ( ) - _ + = [ ] { } \ , . / : ;, and digits are allowed.

version String

Version of the IKE key exchange protocol. Valid values: ikev1, ikev2 (default).

AuthAlg string

Authentication algorithm for phase 2 negotiation

DhGroup string

DH (Diffie-Hellman) key exchange algorithm used in phase 2

EncAlg string

Encryption algorithm for phase 2 negotiation

Lifetime int

Lifetime of the SA for phase 2 negotiation. Negotiation will be re-initiated after the lifetime expires.

AuthAlg string

Authentication algorithm for phase 2 negotiation

DhGroup string

DH (Diffie-Hellman) key exchange algorithm used in phase 2

EncAlg string

Encryption algorithm for phase 2 negotiation

Lifetime int

Lifetime of the SA for phase 2 negotiation. Negotiation will be re-initiated after the lifetime expires.

authAlg String

Authentication algorithm for phase 2 negotiation

dhGroup String

DH (Diffie-Hellman) key exchange algorithm used in phase 2

encAlg String

Encryption algorithm for phase 2 negotiation

lifetime Integer

Lifetime of the SA for phase 2 negotiation. Negotiation will be re-initiated after the lifetime expires.

authAlg string

Authentication algorithm for phase 2 negotiation

dhGroup string

DH (Diffie-Hellman) key exchange algorithm used in phase 2

encAlg string

Encryption algorithm for phase 2 negotiation

lifetime number

Lifetime of the SA for phase 2 negotiation. Negotiation will be re-initiated after the lifetime expires.

auth_alg str

Authentication algorithm for phase 2 negotiation

dh_group str

DH (Diffie-Hellman) key exchange algorithm used in phase 2

enc_alg str

Encryption algorithm for phase 2 negotiation

lifetime int

Lifetime of the SA for phase 2 negotiation. Negotiation will be re-initiated after the lifetime expires.

authAlg String

Authentication algorithm for phase 2 negotiation

dhGroup String

DH (Diffie-Hellman) key exchange algorithm used in phase 2

encAlg String

Encryption algorithm for phase 2 negotiation

lifetime Number

Lifetime of the SA for phase 2 negotiation. Negotiation will be re-initiated after the lifetime expires.

Key string

Tag key.

Value string

Tag value

Key string

Tag key.

Value string

Tag value

key String

Tag key.

value String

Tag value

key string

Tag key.

value string

Tag value

key str

Tag key.

value str

Tag value

key String

Tag key.

value String

Tag value

ConnectStatus string

IPsec tunnel status. ikesanegotiationfailed: Phase one negotiation failed; nikesanegotiationcompleted: Phase one negotiation succeeded; nipsecsanegotiationfailed: Phase two negotiation failed; nipsecsanegotiationcompleted: Phase two negotiation succeeded.

CustomerGatewayId string

ID of the customer gateway associated with the IPsec connection.

DpdAction string

Status of the DPD feature.

IkeConfig Volcengine.VpnConnectionTunnelOptionIkeConfig

IKE configuration information for the IPsec connection.

IpsecConfig Volcengine.VpnConnectionTunnelOptionIpsecConfig

Information about the IPsec configuration in the IPsec connection.

NatTraversal bool

Whether to enable NAT traversal

Role string

The role of the tunnel.

TunnelBgpInfo Volcengine.VpnConnectionTunnelOptionTunnelBgpInfo

BGP session information.

TunnelId string

Tunnel ID of the IPsec connection.

ConnectStatus string

IPsec tunnel status. ikesanegotiationfailed: Phase one negotiation failed; nikesanegotiationcompleted: Phase one negotiation succeeded; nipsecsanegotiationfailed: Phase two negotiation failed; nipsecsanegotiationcompleted: Phase two negotiation succeeded.

CustomerGatewayId string

ID of the customer gateway associated with the IPsec connection.

DpdAction string

Status of the DPD feature.

IkeConfig VpnConnectionTunnelOptionIkeConfig

IKE configuration information for the IPsec connection.

IpsecConfig VpnConnectionTunnelOptionIpsecConfig

Information about the IPsec configuration in the IPsec connection.

NatTraversal bool

Whether to enable NAT traversal

Role string

The role of the tunnel.

TunnelBgpInfo VpnConnectionTunnelOptionTunnelBgpInfo

BGP session information.

TunnelId string

Tunnel ID of the IPsec connection.

connectStatus String

IPsec tunnel status. ikesanegotiationfailed: Phase one negotiation failed; nikesanegotiationcompleted: Phase one negotiation succeeded; nipsecsanegotiationfailed: Phase two negotiation failed; nipsecsanegotiationcompleted: Phase two negotiation succeeded.

customerGatewayId String

ID of the customer gateway associated with the IPsec connection.

dpdAction String

Status of the DPD feature.

ikeConfig VpnConnectionTunnelOptionIkeConfig

IKE configuration information for the IPsec connection.

ipsecConfig VpnConnectionTunnelOptionIpsecConfig

Information about the IPsec configuration in the IPsec connection.

natTraversal Boolean

Whether to enable NAT traversal

role String

The role of the tunnel.

tunnelBgpInfo VpnConnectionTunnelOptionTunnelBgpInfo

BGP session information.

tunnelId String

Tunnel ID of the IPsec connection.

connectStatus string

IPsec tunnel status. ikesanegotiationfailed: Phase one negotiation failed; nikesanegotiationcompleted: Phase one negotiation succeeded; nipsecsanegotiationfailed: Phase two negotiation failed; nipsecsanegotiationcompleted: Phase two negotiation succeeded.

customerGatewayId string

ID of the customer gateway associated with the IPsec connection.

dpdAction string

Status of the DPD feature.

ikeConfig VpnConnectionTunnelOptionIkeConfig

IKE configuration information for the IPsec connection.

ipsecConfig VpnConnectionTunnelOptionIpsecConfig

Information about the IPsec configuration in the IPsec connection.

natTraversal boolean

Whether to enable NAT traversal

role string

The role of the tunnel.

tunnelBgpInfo VpnConnectionTunnelOptionTunnelBgpInfo

BGP session information.

tunnelId string

Tunnel ID of the IPsec connection.

connect_status str

IPsec tunnel status. ikesanegotiationfailed: Phase one negotiation failed; nikesanegotiationcompleted: Phase one negotiation succeeded; nipsecsanegotiationfailed: Phase two negotiation failed; nipsecsanegotiationcompleted: Phase two negotiation succeeded.

customer_gateway_id str

ID of the customer gateway associated with the IPsec connection.

dpd_action str

Status of the DPD feature.

ike_config VpnConnectionTunnelOptionIkeConfig

IKE configuration information for the IPsec connection.

ipsec_config VpnConnectionTunnelOptionIpsecConfig

Information about the IPsec configuration in the IPsec connection.

nat_traversal bool

Whether to enable NAT traversal

role str

The role of the tunnel.

tunnel_bgp_info VpnConnectionTunnelOptionTunnelBgpInfo

BGP session information.

tunnel_id str

Tunnel ID of the IPsec connection.

connectStatus String

IPsec tunnel status. ikesanegotiationfailed: Phase one negotiation failed; nikesanegotiationcompleted: Phase one negotiation succeeded; nipsecsanegotiationfailed: Phase two negotiation failed; nipsecsanegotiationcompleted: Phase two negotiation succeeded.

customerGatewayId String

ID of the customer gateway associated with the IPsec connection.

dpdAction String

Status of the DPD feature.

ikeConfig Property Map

IKE configuration information for the IPsec connection.

ipsecConfig Property Map

Information about the IPsec configuration in the IPsec connection.

natTraversal Boolean

Whether to enable NAT traversal

role String

The role of the tunnel.

tunnelBgpInfo Property Map

BGP session information.

tunnelId String

Tunnel ID of the IPsec connection.

AuthAlg string

Authentication algorithm for phase one.

DhGroup string

DH (Diffie-Hellman) key exchange algorithm used in phase 1 negotiation. Valid values: group1, group2 (default), group5, group14

EncAlg string

Encryption algorithm for phase 1 negotiation.

Lifetime int

Lifetime of the SA for phase 1 negotiation. After the lifetime is exceeded, negotiation restarts. Value range: 900~86400, unit: seconds. Default: 86400.

LocalId string

Identifier of the VPN gateway, used for phase 1 negotiation. Supports IP format and FQDN (Fully Qualified Domain Name) format. If not specified, defaults to the current VPN gateway's egress IP address. If you manually set it to FQDN format, it is recommended to set the negotiation mode to 'aggressive'. Maximum length is 100 characters. Only uppercase and lowercase letters, special characters ~ ` | ! @ # $ % ^ ( ) - _ + = [ ] { } \ , . / : ; and digits are allowed.

Mode string

Negotiation mode for phase 1. This parameter is required only when IkeConfig.Version is ikev1. Valid values: main (default), aggressive

Psk string

Pre-shared key used for identity authentication between the VPN gateway and the user gateway in phase 1. Must not exceed 100 characters and can only contain uppercase and lowercase letters, special symbols ~ ` | ! @ # $ % ^ ( ) - _ + = [ ] { } \ , . / : ;, and numbers.

RemoteId string

Identifier of the customer gateway, used for phase one negotiation. Supports IP format and FQDN (Fully Qualified Domain Name) format. If not specified, defaults to the public IP address of the currently selected customer gateway. If you manually set it to FQDN format, it is recommended to set the negotiation mode to 'aggressive'. Maximum length is 100 characters. Only uppercase and lowercase letters, special characters ~ ` | ! @ # $ % ^ ( ) - _ + = [ ] { } \ , . / : ;, and digits are allowed.

Version string

Version of the IKE key exchange protocol. Valid values: ikev1, ikev2 (default).

AuthAlg string

Authentication algorithm for phase one.

DhGroup string

DH (Diffie-Hellman) key exchange algorithm used in phase 1 negotiation. Valid values: group1, group2 (default), group5, group14

EncAlg string

Encryption algorithm for phase 1 negotiation.

Lifetime int

Lifetime of the SA for phase 1 negotiation. After the lifetime is exceeded, negotiation restarts. Value range: 900~86400, unit: seconds. Default: 86400.

LocalId string

Identifier of the VPN gateway, used for phase 1 negotiation. Supports IP format and FQDN (Fully Qualified Domain Name) format. If not specified, defaults to the current VPN gateway's egress IP address. If you manually set it to FQDN format, it is recommended to set the negotiation mode to 'aggressive'. Maximum length is 100 characters. Only uppercase and lowercase letters, special characters ~ ` | ! @ # $ % ^ ( ) - _ + = [ ] { } \ , . / : ; and digits are allowed.

Mode string

Negotiation mode for phase 1. This parameter is required only when IkeConfig.Version is ikev1. Valid values: main (default), aggressive

Psk string

Pre-shared key used for identity authentication between the VPN gateway and the user gateway in phase 1. Must not exceed 100 characters and can only contain uppercase and lowercase letters, special symbols ~ ` | ! @ # $ % ^ ( ) - _ + = [ ] { } \ , . / : ;, and numbers.

RemoteId string

Identifier of the customer gateway, used for phase one negotiation. Supports IP format and FQDN (Fully Qualified Domain Name) format. If not specified, defaults to the public IP address of the currently selected customer gateway. If you manually set it to FQDN format, it is recommended to set the negotiation mode to 'aggressive'. Maximum length is 100 characters. Only uppercase and lowercase letters, special characters ~ ` | ! @ # $ % ^ ( ) - _ + = [ ] { } \ , . / : ;, and digits are allowed.

Version string

Version of the IKE key exchange protocol. Valid values: ikev1, ikev2 (default).

authAlg String

Authentication algorithm for phase one.

dhGroup String

DH (Diffie-Hellman) key exchange algorithm used in phase 1 negotiation. Valid values: group1, group2 (default), group5, group14

encAlg String

Encryption algorithm for phase 1 negotiation.

lifetime Integer

Lifetime of the SA for phase 1 negotiation. After the lifetime is exceeded, negotiation restarts. Value range: 900~86400, unit: seconds. Default: 86400.

localId String

Identifier of the VPN gateway, used for phase 1 negotiation. Supports IP format and FQDN (Fully Qualified Domain Name) format. If not specified, defaults to the current VPN gateway's egress IP address. If you manually set it to FQDN format, it is recommended to set the negotiation mode to 'aggressive'. Maximum length is 100 characters. Only uppercase and lowercase letters, special characters ~ ` | ! @ # $ % ^ ( ) - _ + = [ ] { } \ , . / : ; and digits are allowed.

mode String

Negotiation mode for phase 1. This parameter is required only when IkeConfig.Version is ikev1. Valid values: main (default), aggressive

psk String

Pre-shared key used for identity authentication between the VPN gateway and the user gateway in phase 1. Must not exceed 100 characters and can only contain uppercase and lowercase letters, special symbols ~ ` | ! @ # $ % ^ ( ) - _ + = [ ] { } \ , . / : ;, and numbers.

remoteId String

Identifier of the customer gateway, used for phase one negotiation. Supports IP format and FQDN (Fully Qualified Domain Name) format. If not specified, defaults to the public IP address of the currently selected customer gateway. If you manually set it to FQDN format, it is recommended to set the negotiation mode to 'aggressive'. Maximum length is 100 characters. Only uppercase and lowercase letters, special characters ~ ` | ! @ # $ % ^ ( ) - _ + = [ ] { } \ , . / : ;, and digits are allowed.

version String

Version of the IKE key exchange protocol. Valid values: ikev1, ikev2 (default).

authAlg string

Authentication algorithm for phase one.

dhGroup string

DH (Diffie-Hellman) key exchange algorithm used in phase 1 negotiation. Valid values: group1, group2 (default), group5, group14

encAlg string

Encryption algorithm for phase 1 negotiation.

lifetime number

Lifetime of the SA for phase 1 negotiation. After the lifetime is exceeded, negotiation restarts. Value range: 900~86400, unit: seconds. Default: 86400.

localId string

Identifier of the VPN gateway, used for phase 1 negotiation. Supports IP format and FQDN (Fully Qualified Domain Name) format. If not specified, defaults to the current VPN gateway's egress IP address. If you manually set it to FQDN format, it is recommended to set the negotiation mode to 'aggressive'. Maximum length is 100 characters. Only uppercase and lowercase letters, special characters ~ ` | ! @ # $ % ^ ( ) - _ + = [ ] { } \ , . / : ; and digits are allowed.

mode string

Negotiation mode for phase 1. This parameter is required only when IkeConfig.Version is ikev1. Valid values: main (default), aggressive

psk string

Pre-shared key used for identity authentication between the VPN gateway and the user gateway in phase 1. Must not exceed 100 characters and can only contain uppercase and lowercase letters, special symbols ~ ` | ! @ # $ % ^ ( ) - _ + = [ ] { } \ , . / : ;, and numbers.

remoteId string

Identifier of the customer gateway, used for phase one negotiation. Supports IP format and FQDN (Fully Qualified Domain Name) format. If not specified, defaults to the public IP address of the currently selected customer gateway. If you manually set it to FQDN format, it is recommended to set the negotiation mode to 'aggressive'. Maximum length is 100 characters. Only uppercase and lowercase letters, special characters ~ ` | ! @ # $ % ^ ( ) - _ + = [ ] { } \ , . / : ;, and digits are allowed.

version string

Version of the IKE key exchange protocol. Valid values: ikev1, ikev2 (default).

auth_alg str

Authentication algorithm for phase one.

dh_group str

DH (Diffie-Hellman) key exchange algorithm used in phase 1 negotiation. Valid values: group1, group2 (default), group5, group14

enc_alg str

Encryption algorithm for phase 1 negotiation.

lifetime int

Lifetime of the SA for phase 1 negotiation. After the lifetime is exceeded, negotiation restarts. Value range: 900~86400, unit: seconds. Default: 86400.

local_id str

Identifier of the VPN gateway, used for phase 1 negotiation. Supports IP format and FQDN (Fully Qualified Domain Name) format. If not specified, defaults to the current VPN gateway's egress IP address. If you manually set it to FQDN format, it is recommended to set the negotiation mode to 'aggressive'. Maximum length is 100 characters. Only uppercase and lowercase letters, special characters ~ ` | ! @ # $ % ^ ( ) - _ + = [ ] { } \ , . / : ; and digits are allowed.

mode str

Negotiation mode for phase 1. This parameter is required only when IkeConfig.Version is ikev1. Valid values: main (default), aggressive

psk str

Pre-shared key used for identity authentication between the VPN gateway and the user gateway in phase 1. Must not exceed 100 characters and can only contain uppercase and lowercase letters, special symbols ~ ` | ! @ # $ % ^ ( ) - _ + = [ ] { } \ , . / : ;, and numbers.

remote_id str

Identifier of the customer gateway, used for phase one negotiation. Supports IP format and FQDN (Fully Qualified Domain Name) format. If not specified, defaults to the public IP address of the currently selected customer gateway. If you manually set it to FQDN format, it is recommended to set the negotiation mode to 'aggressive'. Maximum length is 100 characters. Only uppercase and lowercase letters, special characters ~ ` | ! @ # $ % ^ ( ) - _ + = [ ] { } \ , . / : ;, and digits are allowed.

version str

Version of the IKE key exchange protocol. Valid values: ikev1, ikev2 (default).

authAlg String

Authentication algorithm for phase one.

dhGroup String

DH (Diffie-Hellman) key exchange algorithm used in phase 1 negotiation. Valid values: group1, group2 (default), group5, group14

encAlg String

Encryption algorithm for phase 1 negotiation.

lifetime Number

Lifetime of the SA for phase 1 negotiation. After the lifetime is exceeded, negotiation restarts. Value range: 900~86400, unit: seconds. Default: 86400.

localId String

Identifier of the VPN gateway, used for phase 1 negotiation. Supports IP format and FQDN (Fully Qualified Domain Name) format. If not specified, defaults to the current VPN gateway's egress IP address. If you manually set it to FQDN format, it is recommended to set the negotiation mode to 'aggressive'. Maximum length is 100 characters. Only uppercase and lowercase letters, special characters ~ ` | ! @ # $ % ^ ( ) - _ + = [ ] { } \ , . / : ; and digits are allowed.

mode String

Negotiation mode for phase 1. This parameter is required only when IkeConfig.Version is ikev1. Valid values: main (default), aggressive

psk String

Pre-shared key used for identity authentication between the VPN gateway and the user gateway in phase 1. Must not exceed 100 characters and can only contain uppercase and lowercase letters, special symbols ~ ` | ! @ # $ % ^ ( ) - _ + = [ ] { } \ , . / : ;, and numbers.

remoteId String

Identifier of the customer gateway, used for phase one negotiation. Supports IP format and FQDN (Fully Qualified Domain Name) format. If not specified, defaults to the public IP address of the currently selected customer gateway. If you manually set it to FQDN format, it is recommended to set the negotiation mode to 'aggressive'. Maximum length is 100 characters. Only uppercase and lowercase letters, special characters ~ ` | ! @ # $ % ^ ( ) - _ + = [ ] { } \ , . / : ;, and digits are allowed.

version String

Version of the IKE key exchange protocol. Valid values: ikev1, ikev2 (default).

AuthAlg string

Authentication algorithm for phase 2 negotiation

DhGroup string

DH (Diffie-Hellman) key exchange algorithm used in phase 2

EncAlg string

Encryption algorithm for phase 2 negotiation

Lifetime int

Lifetime of the SA for phase 2 negotiation. Negotiation will be re-initiated after the lifetime expires.

AuthAlg string

Authentication algorithm for phase 2 negotiation

DhGroup string

DH (Diffie-Hellman) key exchange algorithm used in phase 2

EncAlg string

Encryption algorithm for phase 2 negotiation

Lifetime int

Lifetime of the SA for phase 2 negotiation. Negotiation will be re-initiated after the lifetime expires.

authAlg String

Authentication algorithm for phase 2 negotiation

dhGroup String

DH (Diffie-Hellman) key exchange algorithm used in phase 2

encAlg String

Encryption algorithm for phase 2 negotiation

lifetime Integer

Lifetime of the SA for phase 2 negotiation. Negotiation will be re-initiated after the lifetime expires.

authAlg string

Authentication algorithm for phase 2 negotiation

dhGroup string

DH (Diffie-Hellman) key exchange algorithm used in phase 2

encAlg string

Encryption algorithm for phase 2 negotiation

lifetime number

Lifetime of the SA for phase 2 negotiation. Negotiation will be re-initiated after the lifetime expires.

auth_alg str

Authentication algorithm for phase 2 negotiation

dh_group str

DH (Diffie-Hellman) key exchange algorithm used in phase 2

enc_alg str

Encryption algorithm for phase 2 negotiation

lifetime int

Lifetime of the SA for phase 2 negotiation. Negotiation will be re-initiated after the lifetime expires.

authAlg String

Authentication algorithm for phase 2 negotiation

dhGroup String

DH (Diffie-Hellman) key exchange algorithm used in phase 2

encAlg String

Encryption algorithm for phase 2 negotiation

lifetime Number

Lifetime of the SA for phase 2 negotiation. Negotiation will be re-initiated after the lifetime expires.

EnableBgp bool

Enable dynamic route propagation. false (default): No, use static routing mode. true: Yes, use BGP routing mode.

LocalAsn int

The ASN of the VPN gateway.

LocalBgpIp string

BGP address. Defaults to the first host address of TunnelOptions.N.BGPConfig.TunnelCidr. This address must be an IP address within the IPsec tunnel CIDR block. If EnableTunnelsBgp is set to true, this parameter must be specified.

PeerAsn int

ASN of the customer gateway.

PeerBgpIp string

BGP peer IP, that is, the BGP address on the customer gateway side.

SessionStatus string

Status of the BGP connection. Up: BGP connection is normal. Down: BGP connection is not working.

TunnelCidr string

The CIDR address range for the local and peer IPs of the BGP session. This range must be within the 169.254.0.0/16 subnet with a subnet mask length of 30. If EnableTunnelsBgp is set to true, this parameter must be provided.

EnableBgp bool

Enable dynamic route propagation. false (default): No, use static routing mode. true: Yes, use BGP routing mode.

LocalAsn int

The ASN of the VPN gateway.

LocalBgpIp string

BGP address. Defaults to the first host address of TunnelOptions.N.BGPConfig.TunnelCidr. This address must be an IP address within the IPsec tunnel CIDR block. If EnableTunnelsBgp is set to true, this parameter must be specified.

PeerAsn int

ASN of the customer gateway.

PeerBgpIp string

BGP peer IP, that is, the BGP address on the customer gateway side.

SessionStatus string

Status of the BGP connection. Up: BGP connection is normal. Down: BGP connection is not working.

TunnelCidr string

The CIDR address range for the local and peer IPs of the BGP session. This range must be within the 169.254.0.0/16 subnet with a subnet mask length of 30. If EnableTunnelsBgp is set to true, this parameter must be provided.

enableBgp Boolean

Enable dynamic route propagation. false (default): No, use static routing mode. true: Yes, use BGP routing mode.

localAsn Integer

The ASN of the VPN gateway.

localBgpIp String

BGP address. Defaults to the first host address of TunnelOptions.N.BGPConfig.TunnelCidr. This address must be an IP address within the IPsec tunnel CIDR block. If EnableTunnelsBgp is set to true, this parameter must be specified.

peerAsn Integer

ASN of the customer gateway.

peerBgpIp String

BGP peer IP, that is, the BGP address on the customer gateway side.

sessionStatus String

Status of the BGP connection. Up: BGP connection is normal. Down: BGP connection is not working.

tunnelCidr String

The CIDR address range for the local and peer IPs of the BGP session. This range must be within the 169.254.0.0/16 subnet with a subnet mask length of 30. If EnableTunnelsBgp is set to true, this parameter must be provided.

enableBgp boolean

Enable dynamic route propagation. false (default): No, use static routing mode. true: Yes, use BGP routing mode.

localAsn number

The ASN of the VPN gateway.

localBgpIp string

BGP address. Defaults to the first host address of TunnelOptions.N.BGPConfig.TunnelCidr. This address must be an IP address within the IPsec tunnel CIDR block. If EnableTunnelsBgp is set to true, this parameter must be specified.

peerAsn number

ASN of the customer gateway.

peerBgpIp string

BGP peer IP, that is, the BGP address on the customer gateway side.

sessionStatus string

Status of the BGP connection. Up: BGP connection is normal. Down: BGP connection is not working.

tunnelCidr string

The CIDR address range for the local and peer IPs of the BGP session. This range must be within the 169.254.0.0/16 subnet with a subnet mask length of 30. If EnableTunnelsBgp is set to true, this parameter must be provided.

enable_bgp bool

Enable dynamic route propagation. false (default): No, use static routing mode. true: Yes, use BGP routing mode.

local_asn int

The ASN of the VPN gateway.

local_bgp_ip str

BGP address. Defaults to the first host address of TunnelOptions.N.BGPConfig.TunnelCidr. This address must be an IP address within the IPsec tunnel CIDR block. If EnableTunnelsBgp is set to true, this parameter must be specified.

peer_asn int

ASN of the customer gateway.

peer_bgp_ip str

BGP peer IP, that is, the BGP address on the customer gateway side.

session_status str

Status of the BGP connection. Up: BGP connection is normal. Down: BGP connection is not working.

tunnel_cidr str

The CIDR address range for the local and peer IPs of the BGP session. This range must be within the 169.254.0.0/16 subnet with a subnet mask length of 30. If EnableTunnelsBgp is set to true, this parameter must be provided.

enableBgp Boolean

Enable dynamic route propagation. false (default): No, use static routing mode. true: Yes, use BGP routing mode.

localAsn Number

The ASN of the VPN gateway.

localBgpIp String

BGP address. Defaults to the first host address of TunnelOptions.N.BGPConfig.TunnelCidr. This address must be an IP address within the IPsec tunnel CIDR block. If EnableTunnelsBgp is set to true, this parameter must be specified.

peerAsn Number

ASN of the customer gateway.

peerBgpIp String

BGP peer IP, that is, the BGP address on the customer gateway side.

sessionStatus String

Status of the BGP connection. Up: BGP connection is normal. Down: BGP connection is not working.

tunnelCidr String

The CIDR address range for the local and peer IPs of the BGP session. This range must be within the 169.254.0.0/16 subnet with a subnet mask length of 30. If EnableTunnelsBgp is set to true, this parameter must be provided.