Obtains the configurations of an IPsec connection.
Debug
By using API Explorer, you can easily debug APIs, automatically generate SDK code examples, and quickly search for APIs.
Request parameters
| Parameter | Type | Required? | Example value | Description |
|---|---|---|---|---|
| Action | String | Yes | DownloadVpnConnectionConfig |
The name of this action. Value: DownloadVpnConnectionConfig |
| RegionId | String | Yes | cn-shanghai |
The ID of the region to which the IPsec connection belongs. To query the region ID, call DescribeRegions. |
| VpnConnectionId | Integer | Yes | vco-bp1bbi27hojx80nck9k1i |
The ID of the IPsec connection. |
Response parameters
| Parameter | Type | Example value | Description |
|---|---|---|---|
| RequestId | String | 0C68048B-0F70-40DA-B8AE-1B79B5CF62E3 |
The ID of the request. |
| VpnConnectionConfig |
IPsec connection configurations. |
||
| └IkeConfig |
IKE configurations. |
||
| └IkeAuthAlg | String | sha1 |
The IKE authentication algorithm. Both SHA-1 and MD5 are supported. |
| └IkeEncAlg | String | aes |
The IKE encryption algorithm. |
| └IkeLifetime | Long | 86400 |
The IKE lifetime. |
| └IkeMode | String | main |
The IKE mode. Both main mode and aggressive mode are supported. The main mode features high security. If NAT traversal is enabled, we recommend that you select the aggressive mode. |
| └IkePfs | String | group2 |
The DH group. |
| └IkeVersion | String | ikev1 |
The IKE version. |
| └LocalId | String | 116.62.69.64 |
The local ID. By default, it is the IP address of the VPN Gateway. Both FQDN and IP formats are supported. |
| └Psk | String | pgw6dy7d1i8in7x5 |
The pre-shared key. |
| └RemoteId | String | 139.196.32.167 |
The peer ID. By default, it is the IP address of the customer gateway. Both FQDN and IP formats are supported. |
| └IpsecConfig |
The IPsec connection configurations. |
||
| └IpsecAuthAlg | String | sha1 |
The IPsec authentication algorithm. Both SHA-1 and MD5 are supported. |
| └IpsecEncAlg | String | aes |
The IPsec encryption algorithm. |
| └IpsecLifetime | Long | 86400 |
The IPsec lifetime. |
| └IpsecPfs | String | group2 |
The DH group. |
| └Local | String | 139.196.32.167 |
The IP address of the VPN Gateway. |
| └LocalSubnet | String | 1.1.1.0/24,1.1.2.0/24 |
The CIDR block of the VPC. |
| └Remote | String | 116.62.69.64 |
The IP address of the customer gateway. |
| └RemoteSubnet | String | 1.1.1.0/24,1.1.2.0/24 |
The CIDR block of the on-premises data center. |
Examples
Request example
https://vpc.aliyuncs.com/?Action=DownloadVpnConnectionConfig
&RegionId=cn-shanghai
&VpnConnectionId=vco-bp1bbi27hojx80nck9k1i
&<CommonParameters>
-
XML format
<DownloadVpnConnectionConfigResponse> <RequestId>6F4A035F-7060-45D7-B9BD-719372782AF6</RequestId> <VpnConnectionConfig> <RemoteSubnet>1.1.1.0/24,1.1.2.0/24</RemoteSubnet> <Local>139.196.32.167</Local> <IpsecConfig> <IpsecLifetime>86400</IpsecLifetime> <IpsecAuthAlg>sha1</IpsecAuthAlg> <IpsecPfs>group2</IpsecPfs> <IpsecEncAlg>aes</IpsecEncAlg> </IpsecConfig> <Remote>116.62.69.64</Remote> <LocalSubnet>2.2.2.0/24</LocalSubnet> <IkeConfig> <IkeEncAlg>aes</IkeEncAlg> <IkePfs>group2</IkePfs> <RemoteId>116.62.69.64</RemoteId> <IkeAuthAlg>sha1</IkeAuthAlg> <Psk>pgw6dy7d1i8in7x5</Psk> <IkeMode>main</IkeMode> <IkeLifetime>86400</IkeLifetime> <IkeVersion>ikev1</IkeVersion> <LocalId>139.196.32.167</LocalId> </IkeConfig> </VpnConnectionConfig> </DownloadVpnConnectionConfigResponse> -
JSON format
{ "RequestId":"0C68048B-0F70-40DA-B8AE-1B79B5CF62E3", "VpnConnectionConfig":{ "RemoteSubnet":"1.1.1.0/24,1.1.2.0/24", "IpsecConfig":{ "IpsecLifetime":86400, "IpsecAuthAlg":"sha1", "IpsecPfs":"group2", "IpsecEncAlg":"aes" }, "Local":"139.196.32.167", "Remote":"116.62.69.64", "LocalSubnet":"2.2.2.0/24", "IkeConfig":{ "IkeEncAlg":"aes", "RemoteId":"116.62.69.64", "IkePfs":"group2", "IkeAuthAlg":"sha1", "Psk":"pgw6dy7d1i8in7x5", "IkeMode":"main", "IkeLifetime":86400, "IkeVersion":"ikev1", "LocalId":"139.196.32.167" } } }
Error codes
| HTTP status code | Error code | Error message | Description |
|---|---|---|---|
| 403 | Forbbiden.SubUser | User not authorized to operate on the specified resource as your account is created by another user. | You are not authorized to operate on this resource. Please apply for the permission and try again. |
| 403 | Forbidden | User not authorized to operate on the specified resource. | You are not authorized to operate on this resource. For more information, open a ticket. |
| 404 | InvalidVpnConnectionInstanceId.NotFound | The specified vpn connection instance id does not exist. | The specified VPN connection does not exist. Check if the VPN connect is correct. |