International
中国站
Console
PrevNext
search by keyword

Recent Pages

Documentation
Virtual Private Cloud
    Documentation
    Download PDF

    CreateVpnConnection

    Last updated: 2021-04-06 11:10:00
    Download PDF

    1. API Description

    Domain name for API request: vpc.tencentcloudapi.com.

    This API (CreateVpnConnection) is used to create VPN tunnel.

    A maximum of 100 requests can be initiated per second for this API.

    Note: This API supports Finance regions. If the common parameter Region is a Finance region, a domain name with the Finance region needs to be specified, for example: vpc.ap-shanghai-fsi.tencentcloudapi.com

    We recommend you to use API Explorer
    Try it
    API Explorer provides a range of capabilities, including online call, signature authentication, SDK code generation, and API quick search. It enables you to view the request, response, and auto-generated examples.

    2. Input Parameters

    The following request parameter list only provides API request parameters and some common parameters. For the complete common parameter list, see Common Request Parameters.

    Parameter Name Required Type Description
    Action Yes String Common parameter. The value used for this API: CreateVpnConnection.
    Version Yes String Common parameter. The value used for this API: 2017-03-12.
    Region Yes String Common parameter. For more information, please see the list of regions supported by the product.
    VpcId Yes String VPC instance ID, which can be obtained from the VpcId field in the response of the DescribeVpcs API.
    VpnGatewayId Yes String The ID of the VPN gateway instance.
    CustomerGatewayId Yes String The ID of the customer gateway, such as cgw-2wqq41m9. You can query the customer gateway by using the DescribeCustomerGateways API.
    VpnConnectionName Yes String Gateway can be named freely, but the maximum length is 60 characters.
    PreShareKey Yes String The pre-shared key.
    SecurityPolicyDatabases.N Yes Array of SecurityPolicyDatabase The SPD policy group, for example: {"10.0.0.5/24":["172.123.10.5/16"]}. 10.0.0.5/24 is the VPC internal IP range, and 172.123.10.5/16 is the IDC IP range. The user specifies the IP range in the VPC that can communicate with the IP range in the IDC.
    IKEOptionsSpecification No IKEOptionsSpecification Internet Key Exchange (IKE) configuration. IKE has a self-protection mechanism. The network security protocol is configured by the user.
    IPSECOptionsSpecification No IPSECOptionsSpecification IPSec configuration. The IPSec secure session configuration is provided by Tencent Cloud.
    Tags.N No Array of Tag Bound tags, such as [{"Key": "city", "Value": "shanghai"}].
    EnableHealthCheck No Boolean Whether the tunnel health check is supported.
    HealthCheckLocalIp No String Local IP address for the health check
    HealthCheckRemoteIp No String Peer IP address for the health check

    3. Output Parameters

    Parameter Name Type Description
    VpnConnection VpnConnection Tunnel instance object.
    RequestId String The unique request ID, which is returned for each request. RequestId is required for locating a problem.

    4. Example

    Example1 Creating a VPN tunnel

    Input Example

    https://vpc.tencentcloudapi.com/?Action=CreateVpnConnection
&VpcId=vpc-gapcv96p
&VpnGatewayId=vpngw-1w9tue3d
&CustomerGatewayId=cgw-qa9sxpy7
&VpnConnectionName=TEST_CONN
&PreShareKey=654321
&SecurityPolicyDatabases.0.LocalCidrBlock=10.8.4.0/24
&SecurityPolicyDatabases.0.RemoteCidrBlock.0=58.211.1.0/24
&IKEOptionsSpecification.DhGroupName=GROUP1
&IKEOptionsSpecification.ExchangeMode=MAIN
&IKEOptionsSpecification.IKEVersion=IKEV1
&IKEOptionsSpecification.LocalAddress=58.211.2.5
&IKEOptionsSpecification.LocalIdentity=ADDRESS
&IKEOptionsSpecification.PropoAuthenAlgorithm=MD5
&IKEOptionsSpecification.PropoEncryAlgorithm=3DES-CBC
&IKEOptionsSpecification.RemoteAddress=1.2.3.4
&IKEOptionsSpecification.RemoteIdentity=ADDRESS
&IPSECOptionsSpecification.EncryptAlgorithm=3DES-CBC
&IPSECOptionsSpecification.IntegrityAlgorith=MD5
&IPSECOptionsSpecification.PfsDhGroup=NULL
&Tags.0.Key=city
&Tags.0.Value=shanghai
&<Common request parameters>

    Output Example

    {
  "Response": {
    "VpnConnection": {
      "VpnConnectionId": "vpnr-12ds042",
      "VpnConnectionName": "TEST_CONN",
      "PreShareKey": "654321",
      "VpcId": "vpc-gapcv96p",
      "HealthCheckRemoteIp": "",
      "NetStatus": "",
      "EnableHealthCheck": true,
      "EncryptProto": "IKE",
      "VpnProto": "IPSEC",
      "IPSECOptionsSpecification": {
        "PfsDhGroup": "",
        "IPSECSaLifetimeTraffic": 1,
        "EncryptAlgorithm": "",
        "IPSECSaLifetimeSeconds": 1,
        "IntegrityAlgorith": ""
      },
      "SecurityPolicyDatabaseSet": [
        {
          "LocalCidrBlock": "10.8.4.0/24",
          "RemoteCidrBlock": [
            "58.211.1.0/24"
          ]
        }
      ],
      "State": "PENGDING",
      "HealthCheckLocalIp": "",
      "HealthCheckStatus": "",
      "VpnGatewayId": "vpngw-1w9tue3d",
      "CreatedTime": "2020-09-22 00:00:00",
      "CustomerGatewayId": "cgw-qa9sxpy7",
      "IKEOptionsSpecification": {
        "IKEVersion": "",
        "RemoteIdentity": "",
        "PropoAuthenAlgorithm": "",
        "RemoteAddress": "",
        "LocalFqdnName": "",
        "LocalIdentity": "",
        "LocalAddress": "",
        "RemoteFqdnName": "",
        "ExchangeMode": "",
        "IKESaLifetimeSeconds": 1,
        "PropoEncryAlgorithm": "",
        "DhGroupName": ""
      },
      "RouteType": "STATIC"
    },
    "RequestId": "74883e1b-5901-46de-ae1e-d6e2cf591c5b"
  }
}

    5. Developer Resources

    SDK

    TencentCloud API 3.0 integrates SDKs that support various programming languages to make it easier for you to call APIs.

    Command Line Interface

    6. Error Code

    The following only lists the error codes related to the API business logic. For other error codes, see Common Error Codes.

    Error Code Description
    InvalidParameter.Coexist The parameters cannot be specified at the same time.
    InvalidParameterValue.Malformed Invalid input parameter format.
    InvalidParameterValue.VpcCidrConflict Destination IP address range conflicts with CIDR of the current VPC.
    InvalidParameterValue.VpnConnCidrConflict Destination IP address range conflicts with CIDR block of the current VPC tunnel.
    LimitExceeded Quota limit is reached.
    ResourceInUse The resource is occupied.
    ResourceNotFound The resource does not exist.
    UnsupportedOperation Unsupported operation.
    UnsupportedOperation.InvalidState Invalid resource status.
    tencent
    Copyright © 2013-2021 Tencent Cloud. All Rights Reserved.
    Privacy PolicyTerms of ServiceCookie Policy