Domain name for API request: vpc.tencentcloudapi.com.
This API (CreateVpnConnection) is used to create VPN tunnel.
A maximum of 100 requests can be initiated per second for this API.
Note: This API supports Finance regions. If the common parameter Region is a Finance region, a domain name with the Finance region needs to be specified, for example: vpc.ap-shanghai-fsi.tencentcloudapi.com
The following request parameter list only provides API request parameters and some common parameters. For the complete common parameter list, see Common Request Parameters.
| Parameter Name | Required | Type | Description |
|---|---|---|---|
| Action | Yes | String | Common parameter. The value used for this API: CreateVpnConnection. |
| Version | Yes | String | Common parameter. The value used for this API: 2017-03-12. |
| Region | Yes | String | Common parameter. For more information, please see the list of regions supported by the product. |
| VpcId | Yes | String | VPC instance ID, which can be obtained from the VpcId field in the response of the DescribeVpcs API. |
| VpnGatewayId | Yes | String | The ID of the VPN gateway instance. |
| CustomerGatewayId | Yes | String | The ID of the customer gateway, such as cgw-2wqq41m9. You can query the customer gateway by using the DescribeCustomerGateways API. |
| VpnConnectionName | Yes | String | Gateway can be named freely, but the maximum length is 60 characters. |
| PreShareKey | Yes | String | The pre-shared key. |
| SecurityPolicyDatabases.N | Yes | Array of SecurityPolicyDatabase | The SPD policy group, for example: {"10.0.0.5/24":["172.123.10.5/16"]}. 10.0.0.5/24 is the VPC internal IP range, and 172.123.10.5/16 is the IDC IP range. The user specifies the IP range in the VPC that can communicate with the IP range in the IDC. |
| IKEOptionsSpecification | No | IKEOptionsSpecification | Internet Key Exchange (IKE) configuration. IKE has a self-protection mechanism. The network security protocol is configured by the user. |
| IPSECOptionsSpecification | No | IPSECOptionsSpecification | IPSec configuration. The IPSec secure session configuration is provided by Tencent Cloud. |
| Tags.N | No | Array of Tag | Bound tags, such as [{"Key": "city", "Value": "shanghai"}]. |
| EnableHealthCheck | No | Boolean | Whether the tunnel health check is supported. |
| HealthCheckLocalIp | No | String | Local IP address for the health check |
| HealthCheckRemoteIp | No | String | Peer IP address for the health check |
| Parameter Name | Type | Description |
|---|---|---|
| VpnConnection | VpnConnection | Tunnel instance object. |
| RequestId | String | The unique request ID, which is returned for each request. RequestId is required for locating a problem. |
https://vpc.tencentcloudapi.com/?Action=CreateVpnConnection
&VpcId=vpc-gapcv96p
&VpnGatewayId=vpngw-1w9tue3d
&CustomerGatewayId=cgw-qa9sxpy7
&VpnConnectionName=TEST_CONN
&PreShareKey=654321
&SecurityPolicyDatabases.0.LocalCidrBlock=10.8.4.0/24
&SecurityPolicyDatabases.0.RemoteCidrBlock.0=58.211.1.0/24
&IKEOptionsSpecification.DhGroupName=GROUP1
&IKEOptionsSpecification.ExchangeMode=MAIN
&IKEOptionsSpecification.IKEVersion=IKEV1
&IKEOptionsSpecification.LocalAddress=58.211.2.5
&IKEOptionsSpecification.LocalIdentity=ADDRESS
&IKEOptionsSpecification.PropoAuthenAlgorithm=MD5
&IKEOptionsSpecification.PropoEncryAlgorithm=3DES-CBC
&IKEOptionsSpecification.RemoteAddress=1.2.3.4
&IKEOptionsSpecification.RemoteIdentity=ADDRESS
&IPSECOptionsSpecification.EncryptAlgorithm=3DES-CBC
&IPSECOptionsSpecification.IntegrityAlgorith=MD5
&IPSECOptionsSpecification.PfsDhGroup=NULL
&Tags.0.Key=city
&Tags.0.Value=shanghai
&<Common request parameters>
{
"Response": {
"VpnConnection": {
"VpnConnectionId": "vpnr-12ds042",
"VpnConnectionName": "TEST_CONN",
"PreShareKey": "654321",
"VpcId": "vpc-gapcv96p",
"HealthCheckRemoteIp": "",
"NetStatus": "",
"EnableHealthCheck": true,
"EncryptProto": "IKE",
"VpnProto": "IPSEC",
"IPSECOptionsSpecification": {
"PfsDhGroup": "",
"IPSECSaLifetimeTraffic": 1,
"EncryptAlgorithm": "",
"IPSECSaLifetimeSeconds": 1,
"IntegrityAlgorith": ""
},
"SecurityPolicyDatabaseSet": [
{
"LocalCidrBlock": "10.8.4.0/24",
"RemoteCidrBlock": [
"58.211.1.0/24"
]
}
],
"State": "PENGDING",
"HealthCheckLocalIp": "",
"HealthCheckStatus": "",
"VpnGatewayId": "vpngw-1w9tue3d",
"CreatedTime": "2020-09-22 00:00:00",
"CustomerGatewayId": "cgw-qa9sxpy7",
"IKEOptionsSpecification": {
"IKEVersion": "",
"RemoteIdentity": "",
"PropoAuthenAlgorithm": "",
"RemoteAddress": "",
"LocalFqdnName": "",
"LocalIdentity": "",
"LocalAddress": "",
"RemoteFqdnName": "",
"ExchangeMode": "",
"IKESaLifetimeSeconds": 1,
"PropoEncryAlgorithm": "",
"DhGroupName": ""
},
"RouteType": "STATIC"
},
"RequestId": "74883e1b-5901-46de-ae1e-d6e2cf591c5b"
}
}
TencentCloud API 3.0 integrates SDKs that support various programming languages to make it easier for you to call APIs.
The following only lists the error codes related to the API business logic. For other error codes, see Common Error Codes.
| Error Code | Description |
|---|---|
| InvalidParameter.Coexist | The parameters cannot be specified at the same time. |
| InvalidParameterValue.Malformed | Invalid input parameter format. |
| InvalidParameterValue.VpcCidrConflict | Destination IP address range conflicts with CIDR of the current VPC. |
| InvalidParameterValue.VpnConnCidrConflict | Destination IP address range conflicts with CIDR block of the current VPC tunnel. |
| LimitExceeded | Quota limit is reached. |
| ResourceInUse | The resource is occupied. |
| ResourceNotFound | The resource does not exist. |
| UnsupportedOperation | Unsupported operation. |
| UnsupportedOperation.InvalidState | Invalid resource status. |
Was this page helpful?