ListIpsecServers - Virtual Private Cloud - Alibaba Cloud Documentation Center

Queries IPsec servers.

debugging

You can run this interface directly in OpenAPI Explorer, saving you the trouble of calculating signatures. After running successfully, OpenAPI Explorer can automatically generate SDK code samples.

debugging

Authorization information

There is currently no authorization information disclosed in the API.

Request parameters

Parameter	Type	Required	Description	Example
RegionId	string	Yes	The ID of the region where the IPsec server is created. You can call the DescribeRegions operation to query the most recent region list.	cn-hangzhou
IpsecServerName	string	No	The name of the IPsec server. The name must be 1 to 100 characters in length and cannot start with `http://` or `https://`.	test
VpnGatewayId	string	No	The ID of the VPN gateway.	vpn-bp1q8bgx4xnkm2ogj****
NextToken	string	No	The pagination token that is used in the next request to retrieve a new page of results. Valid values: If this is your first request and no next requests are to be performed, you do not need to specify this parameter. You must specify the token that is obtained from the previous query as the value of NextToken.	caeba0bbb2be03f84eb48b699f0a****
MaxResults	integer	No	The number of entries to return on each page. Valid values: 1 to 20. Default value: 10.	10
IpsecServerId	array	No	The ID of the IPsec server.
	string	No	The ID of the IPsec server. Valid values of N: 1 to 20.	iss-bp1bo3xuvcxo7ixll****
ResourceGroupId	string	No	The ID of the resource group to which the IPsec server belongs. The IPsec server has the same resource group as its associated VPN gateway instance. You can call the DescribeVpnGateway operation to query the ID of the resource group to which the VPN gateway instance belongs.	rg-acfmzs372yg****

Response parameters

Parameter	Type	Description	Example
	object
NextToken	string	A pagination token. It can be used in the next request to retrieve a new page of results. Valid values: If no value is returned for NextToken, no next queries are sent. If a value is returned for NextToken, the value can be used in the next request to retrieve a new page of results.	caeba0bbb2be03f84eb48b699f0a****
RequestId	string	The request ID.	54B48E3D-DF70-471B-AA93-08E683A1B457
TotalCount	integer	The total number of entries returned.	10
MaxResults	integer	The number of entries returned per page.	1
IpsecServers	object []	The list of IPsec servers.
CreationTime	string	The time when the IPsec server was created. T is used as a delimiter. Z indicates that the time is in UTC.	2018-12-03T10:11:55Z
OnlineClientCount	integer	The number of clients that are connected to the IPsec server.	1
InternetIp	string	The public IP address of the VPN gateway.	47.22.XX.XX
IpsecServerName	string	The name of the IPsec server.	test
IDaaSInstanceId	string	The ID of the IDaaS instance.	idaas-cn-hangzhou-****
EffectImmediately	boolean	Indicates whether the current IPsec tunnel is deleted and negotiations are reinitiated. Valid values: true: immediately initiates negotiations after the configuration is completed. false: initiates negotiations when inbound traffic is detected.	false
VpnGatewayId	string	The ID of the VPN gateway.	vpn-bp1q8bgx4xnkm2ogj****
LocalSubnet	string	The local CIDR blocks, which refer to the CIDR blocks on the virtual private cloud (VPC) side.	192.168.0.0/16,172.17.0.0/16
Psk	string	The pre-shared key.	pgw6dy7d****
RegionId	string	The ID of the region where the IPsec server is created.	cn-hangzhou
PskEnabled	boolean	Indicates whether pre-shared key authentication is enabled. Only true may be returned, which indicates that pre-shared key authentication is enabled.	true
IpsecServerId	string	The IPsec server ID.	iss-bp1bo3xuvcxo7ixll****
MultiFactorAuthEnabled	boolean	Indicates whether two-factor authentication is enabled. Valid values: true false: The feature is disabled.	true
MaxConnections	integer	The number of SSL-VPN connections supported by the VPN gateway. Note The number of SSL-VPN connections specified in this parameter includes both SSL-VPN and IPsec-VPN connections. For example, you have five SSL-VPN connections and three SSL clients occupy three SSL-VPN connections. In this case, two clients can connect to the IPsec server.	5
ClientIpPool	string	The client CIDR block. It refers to the CIDR block that is allocated to the virtual interface of the client.	10.0.0.0/24
IkeConfig	object	The configurations of Phase 1 negotiations.
RemoteId	string	The identifier of the customer gateway. Both fully qualified domain names (FQDNs) and IP addresses are supported. By default, this parameter is empty.	139.67.XX.XX
IkeLifetime	long	The IKE lifetime. Unit: seconds.	86400
IkeEncAlg	string	The IKE encryption algorithm.	aes
LocalId	string	The ID of the IPsec server. The default value is the public IP address of the VPN gateway. Both FQDNs and IP addresses are supported.	116.64.XX.XX
IkeMode	string	The IKE negotiation mode. Valid values: main: This mode offers higher security during negotiations.	main
IkeVersion	string	The IKE version.	ikev2
IkePfs	string	The Diffie-Hellman key exchange algorithm.	group2
IkeAuthAlg	string	The IKE authentication algorithm.	sha1
IpsecConfig	object	The configurations of Phase 2 negotiations.
IpsecAuthAlg	string	The IPsec authentication algorithm.	sha1
IpsecLifetime	long	The IPsec lifetime. Unit: seconds.	86400
IpsecEncAlg	string	The IPsec encryption algorithm.	aes
IpsecPfs	string	The Diffie-Hellman key exchange algorithm.	group2
ResourceGroupId	string	The ID of the resource group to which the IPsec server belongs. You can call the ListResourceGroups operation to query the resource group information.	rg-acfmzs372yg****

Examples

Sample success responses

JSONformat

{
  "NextToken": "caeba0bbb2be03f84eb48b699f0a****",
  "RequestId": "54B48E3D-DF70-471B-AA93-08E683A1B457",
  "TotalCount": 10,
  "MaxResults": 1,
  "IpsecServers": [
    {
      "CreationTime": "2018-12-03T10:11:55Z",
      "OnlineClientCount": 1,
      "InternetIp": "47.22.XX.XX",
      "IpsecServerName": "test",
      "IDaaSInstanceId": "idaas-cn-hangzhou-****",
      "EffectImmediately": false,
      "VpnGatewayId": "vpn-bp1q8bgx4xnkm2ogj****",
      "LocalSubnet": "192.168.0.0/16,172.17.0.0/16",
      "Psk": "pgw6dy7d****",
      "RegionId": "cn-hangzhou",
      "PskEnabled": true,
      "IpsecServerId": "iss-bp1bo3xuvcxo7ixll****",
      "MultiFactorAuthEnabled": true,
      "MaxConnections": 5,
      "ClientIpPool": "10.0.0.0/24",
      "IkeConfig": {
        "RemoteId": "139.67.XX.XX",
        "IkeLifetime": 86400,
        "IkeEncAlg": "aes",
        "LocalId": "116.64.XX.XX",
        "IkeMode": "main",
        "IkeVersion": "ikev2",
        "IkePfs": "group2",
        "IkeAuthAlg": "sha1"
      },
      "IpsecConfig": {
        "IpsecAuthAlg": "sha1",
        "IpsecLifetime": 86400,
        "IpsecEncAlg": "aes",
        "IpsecPfs": "group2"
      },
      "ResourceGroupId": "rg-acfmzs372yg****"
    }
  ]
}

Error codes

HTTP status code	Error code	Error message	Description
400	IllegalParam.NextToken	The specified NextToken is invalid.	NextToken is set to an invalid value.
403	Forbidden	User not authorized to operate on the specified resource.	You do not have the permissions to manage the specified resource. Apply for the permissions and try again.

For a list of error codes, visit the Service error codes.

Change history

Change time

Summary of changes

Operation

2023-10-19

API Description Update,The error codes of the API operation change.,The input parameters of the API operation change.,The response structure of the API operation changes.

see changesets

Change item	Change content
API Description	API Description Update
Error Codes	The error codes of the API operation change.
	Error Codes 400 change
	delete Error Codes: 403
Input Parameters	The input parameters of the API operation change.
	Added Input Parameters: ResourceGroupId
Output Parameters	The response structure of the API operation changes.