Modifies the configuration of an SSL-VPN server.

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer. OpenAPI Explorer dynamically generates the sample code of the operation for different SDKs.

Request parameters

Parameter Type Required Example Description
Action String Yes ModifySslVpnServer

The operation that you want to perform. Set the value to ModifySslVpnServer.

RegionId String Yes cn-hangzhou

The ID of the region where the VPN gateway is deployed.

You can call the DescribeRegions operation to query region IDs.

SslVpnServerId String Yes vss-bp18q7hzj6largv4v****

The ID of the SSL-VPN server.

ClientToken String No 02fb3da4-130e-11e9-8e44-0016e04115b

The client token that is used to ensure the idempotence of the request.

You can use the client to generate the value, but you must ensure that it is unique among different requests. The token can contain only ASCII characters and cannot exceed 64 characters in length.

Name String No test

The name of the SSL-VPN server.

The name must be 2 to 128 characters in length, and can contain digits, periods (.), underscores (_), and hyphens (-). It must start with a letter and cannot start with http:// or https://.

ClientIpPool String No 10.30.30.0/24

The client CIDR block.

LocalSubnet String No 10.20.20.0/24

The local CIDR block.

Proto String No UDP

The protocol that is used by the SSL-VPN server. Valid values:

  • TCP: TCP
  • UDP (default): UDP
Cipher String No AES-128-CBC

The encryption algorithm that is used in the SSL-VPN connection. Valid values:

  • AES-128-CBC (default): the AES-128-CBC algorithm.
  • AES-192-CBC: the AES-192-CBC algorithm.
  • AES-256-CBC: the AES-256-CBC algorithm.
  • none: If the parameter is set to this value, no encryption algorithm is used.
Port Integer No 1194

The port that is used by the SSL-VPN server. Default value: 1194. You cannot use the following ports:

22, 2222, 22222, 9000, 9001, 9002, 7505, 80, 443, 53, 68, 123, 4510, 4560, 500, or 4500.

Compress Boolean No false

Specifies whether to enable data compression. Valid values:

  • true: enables data compression.
  • false (default): disables data compression.
EnableMultiFactorAuth Boolean No true

Specifies whether to enable two-factor authentication. Valid values:

  • true: enables two-factor authentication.
  • false (default): disables two-factor authentication.
Note To enable two-factor authentication, make sure that the VPN gateway is created after 00:00:00 (UTC+8), March 5, 2020. Only VPN gateways that are created after 00:00:00 (UTC+8), March 5, 2020 support two-factor authentication.
IDaaSInstanceId String No idaas-cn-hangzhou-p****

The ID of the IDaaS instance.

IDaaSRegionId String No cn-hangzhou

The ID of the region where the IDaaS instance is created.

Response parameters

Parameter Type Example Description
Cipher String AES-128-CBC

The encryption algorithm.

ClientIpPool String 10.30.30.0/24

The client CIDR block.

Compress Boolean false

Indicates whether data compression is enabled.

Connections Integer 0

The total number of current connections.

CreateTime Long 1492753580000

The timestamp generated when the SSL-VPN server was created.

EnableMultiFactorAuth Boolean true

Indicates whether two-factor authentication is enabled.

  • true: Two-factor authentication is enabled.
  • false (default): Two-factor authentication is disabled.
IDaaSInstanceId String idaas-cn-hangzhou-p****

The ID of the IDaaS instance.

InternetIp String 47.XX.XX.5

The public IP address of the VPN gateway.

LocalSubnet String 10.20.20.0/24

The local CIDR block.

MaxConnections Integer 5

The maximum number of connections.

Name String test

The name of the SSL-VPN server.

Port Integer 1194

The port that is used by the SSL-VPN server.

Proto String UDP

The protocol that is used by the SSL-VPN server.

RegionId String cn-hangzhou

The ID of the region where the SSL-VPN server is created.

RequestId String E81C823E-9DC3-42AE-9358-5F0ECD55F856

The ID of the request.

SslVpnServerId String vss-bp1phv0j000c78l3k****

The ID of the SSL-VPN server.

VpnGatewayId String vpn-bp17lofy9fd0dnvzv****

The ID of the VPN gateway.

Examples

Sample requests

http(s)://[Endpoint]/? Action=ModifySslVpnServer
&RegionId=cn-hangzhou
&SslVpnServerId=vss-bp18q7hzj6largv4v****
&<Common request parameters>

Sample success responses

XML format

<ModifySslVpnServerResponse>
  <LocalSubnet>10.20.20.0/24</LocalSubnet>
  <Compress>true</Compress>
  <Connections>0</Connections>
  <ClientIpPool>10.30.30.0/24</ClientIpPool>
  <RequestId>E81C823E-9DC3-42AE-9358-5F0ECD55F856</RequestId>
  <MaxConnections>5</MaxConnections>
  <EnableMultiFactorAuth>false</EnableMultiFactorAuth>
  <SslVpnServerId>vss-bp1phv0j000c78l3k****</SslVpnServerId>
  <CreateTime>1613800884000</CreateTime>
  <Port>1194</Port>
  <Name>test</Name>
  <Proto>UDP</Proto>
  <InternetIp>47.XX.XX.5</InternetIp>
  <VpnGatewayId>vpn-bp17lofy9fd0dnvzv****</VpnGatewayId>
  <RegionId>cn-hangzhou</RegionId>
  <Cipher>AES-128-CBC</Cipher>
</ModifySslVpnServerResponse>

JSON format

{
  "LocalSubnet": "10.20.20.0/24",
  "Compress": true,
  "Connections": 0,
  "ClientIpPool": "10.30.30.0/24",
  "RequestId": "E81C823E-9DC3-42AE-9358-5F0ECD55F856",
  "MaxConnections": 5,
  "EnableMultiFactorAuth": false,
  "SslVpnServerId": "vss-bp1phv0j000c78l3k****",
  "CreateTime": 1613800884000,
  "Port": 1194,
  "Name": "test",
  "Proto": "UDP",
  "InternetIp": "47.XX.XX.5",
  "VpnGatewayId": "vpn-bp17lofy9fd0dnvzv****",
  "RegionId": "cn-hangzhou",
  "Cipher": "AES-128-CBC"
}

Error codes

HttpCode Error code Error message Description
403 Forbbiden.SubUser User not authorized to operate on the specified resource as your account is created by another user. The error message returned because you are unauthorized to perform the operation on the specified resource. You can apply for the permissions and try again.
403 Forbidden User not authorized to operate on the specified resource. The error message returned because you are unauthorized to perform this operation on the specified resource. To obtain the required permissions, submit a ticket.
400 InvalidName The name is not valid The error message returned because the specified name is in an invalid format.
400 VpnGateway.Configuring The specified service is configuring. The error message returned because the operation is not allowed when the specified service is being configured. Try again later.
400 VpnGateway.FinancialLocked The specified service is financial locked. The error message returned because the service is suspended due to overdue payments. Top up your Alibaba Cloud account before you call this operation.

For a list of error codes, visit the API Error Center.