com.aliyun.vpc20160428.models

类 ModifyVpnAttachmentAttributeRequest

java.lang.Object

com.aliyun.tea.TeaModel

com.aliyun.vpc20160428.models.ModifyVpnAttachmentAttributeRequest

public class ModifyVpnAttachmentAttributeRequest
extends com.aliyun.tea.TeaModel

字段概要

字段

限定符和类型	字段和说明
Boolean	autoConfigRoute Specifies whether to automatically configure routes.
String	bgpConfig The Border Gateway Protocol (BGP) configuration: BgpConfig.EnableBgp: specifies whether to enable BGP.
String	clientToken The client token that is used to ensure the idempotence of the request.
String	customerGatewayId The customer gateway associated with the IPsec-VPN connection.
Boolean	effectImmediately Specifies whether to immediately start IPsec negotiations after the configuration takes effect.
Boolean	enableDpd Specifies whether to enable the dead peer detection (DPD) feature.
Boolean	enableNatTraversal Specifies whether to enable NAT traversal.
String	healthCheckConfig The health check configurations: HealthCheckConfig.enable: specifies whether to enable the health check feature.
String	ikeConfig The configuration of Phase 1 negotiations: IkeConfig.Psk: The pre-shared key that is used for authentication between the VPN gateway and the data center.
String	ipsecConfig The configuration of Phase 2 negotiations: IpsecConfig.IpsecEncAlg: the encryption algorithm that is used in Phase 2 negotiations.
String	localSubnet The CIDR block of the virtual private cloud (VPC) that communicates with the data center.
String	name The name of the IPsec-VPN connection.
String	networkType The network type of the IPsec-VPN connection.
String	ownerAccount
String	regionId The ID of the region in which the IPsec-VPN connection is established.
String	remoteCaCert The peer CA certificate when a ShangMi (SM) VPN gateway is used to create the IPsec-VPN connection.
String	remoteSubnet The CIDR block of the data center that communicates with the VPC.
String	resourceOwnerAccount
Long	resourceOwnerId
String	vpnConnectionId The ID of the IPsec-VPN connection.

构造器概要

构造器

构造器和说明
ModifyVpnAttachmentAttributeRequest()

方法概要

限定符和类型	方法和说明
static ModifyVpnAttachmentAttributeRequest	build(Map<String,?> map)
Boolean	getAutoConfigRoute()
String	getBgpConfig()
String	getClientToken()
String	getCustomerGatewayId()
Boolean	getEffectImmediately()
Boolean	getEnableDpd()
Boolean	getEnableNatTraversal()
String	getHealthCheckConfig()
String	getIkeConfig()
String	getIpsecConfig()
String	getLocalSubnet()
String	getName()
String	getNetworkType()
String	getOwnerAccount()
String	getRegionId()
String	getRemoteCaCert()
String	getRemoteSubnet()
String	getResourceOwnerAccount()
Long	getResourceOwnerId()
String	getVpnConnectionId()
ModifyVpnAttachmentAttributeRequest	setAutoConfigRoute(Boolean autoConfigRoute)
ModifyVpnAttachmentAttributeRequest	setBgpConfig(String bgpConfig)
ModifyVpnAttachmentAttributeRequest	setClientToken(String clientToken)
ModifyVpnAttachmentAttributeRequest	setCustomerGatewayId(String customerGatewayId)
ModifyVpnAttachmentAttributeRequest	setEffectImmediately(Boolean effectImmediately)
ModifyVpnAttachmentAttributeRequest	setEnableDpd(Boolean enableDpd)
ModifyVpnAttachmentAttributeRequest	setEnableNatTraversal(Boolean enableNatTraversal)
ModifyVpnAttachmentAttributeRequest	setHealthCheckConfig(String healthCheckConfig)
ModifyVpnAttachmentAttributeRequest	setIkeConfig(String ikeConfig)
ModifyVpnAttachmentAttributeRequest	setIpsecConfig(String ipsecConfig)
ModifyVpnAttachmentAttributeRequest	setLocalSubnet(String localSubnet)
ModifyVpnAttachmentAttributeRequest	setName(String name)
ModifyVpnAttachmentAttributeRequest	setNetworkType(String networkType)
ModifyVpnAttachmentAttributeRequest	setOwnerAccount(String ownerAccount)
ModifyVpnAttachmentAttributeRequest	setRegionId(String regionId)
ModifyVpnAttachmentAttributeRequest	setRemoteCaCert(String remoteCaCert)
ModifyVpnAttachmentAttributeRequest	setRemoteSubnet(String remoteSubnet)
ModifyVpnAttachmentAttributeRequest	setResourceOwnerAccount(String resourceOwnerAccount)
ModifyVpnAttachmentAttributeRequest	setResourceOwnerId(Long resourceOwnerId)
ModifyVpnAttachmentAttributeRequest	setVpnConnectionId(String vpnConnectionId)

从类继承的方法 com.aliyun.tea.TeaModel

build, buildMap, confirmType, confirmType, parseObject, toMap, toMap, toModel, validate, validateParams

从类继承的方法 java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

字段详细资料

autoConfigRoute

@NameInMap(value="AutoConfigRoute")
public Boolean autoConfigRoute

Specifies whether to automatically configure routes. Valid values:

• true
• false

example:

true

bgpConfig

@NameInMap(value="BgpConfig")
public String bgpConfig

The Border Gateway Protocol (BGP) configuration:

• BgpConfig.EnableBgp: specifies whether to enable BGP. Valid values:

  • true
  • false

• BgpConfig.LocalAsn: the autonomous system number (ASN) on the Alibaba Cloud side. Valid values: 1 to 4294967295.

  You can enter the ASN in two segments. Separate the first 16 bits of the ASN from the remaining 16 bits with a period (.). Enter the number in each segment in decimal format.

  For example, if you enter 123.456, the ASN is: 123 × 65536 + 456 = 8061384.

• BgpConfig.TunnelCidr: the CIDR block of the IPsec tunnel. The CIDR block falls within 169.254.0.0/16. The subnet mask of the CIDR block must be 30 bits in length.

• LocalBgpIp: the BGP IP address on the Alibaba Cloud side. This IP address must fall within the CIDR block of the IPsec tunnel.

• Before you configure BGP, we recommend that you learn how BGP dynamic routing works and the limits of using BGP dynamic routing. For more information, see BGP dynamic routing .
• We recommend that you use a private ASN to establish a connection with Alibaba Cloud over BGP. Refer to the relevant documentation for the private ASN range.

example:

{"EnableBgp":"true","LocalAsn":"45104","TunnelCidr":"169.254.11.0/30","LocalBgpIp":"169.254.11.1"}

clientToken

@NameInMap(value="ClientToken")
public String clientToken

The client token that is used to ensure the idempotence of the request.

You can use the client to generate the token, but you must make sure that the token is unique among different requests. The token can contain only ASCII characters.

If you do not specify this parameter, the system automatically uses the value of RequestId as the value of ClientToken. The request ID may be different for each request.

example:

123e4567-e89b-12d3-a456-4266****

customerGatewayId

@NameInMap(value="CustomerGatewayId")
public String customerGatewayId

The customer gateway associated with the IPsec-VPN connection.

example:

cgw-p0w2jemrcj5u61un8****

effectImmediately

@NameInMap(value="EffectImmediately")
public Boolean effectImmediately

Specifies whether to immediately start IPsec negotiations after the configuration takes effect. Valid values:

• true: immediately starts IPsec negotiations after the configuration is complete.
• false: starts IPsec negotiations when inbound traffic is detected.

example:

false

enableDpd

@NameInMap(value="EnableDpd")
public Boolean enableDpd

Specifies whether to enable the dead peer detection (DPD) feature. Valid values:

• true: enables the DPD feature. The initiator of the IPsec-VPN connection sends DPD packets to check the existence and availability of the peer. If no feedback is received from the peer within a specific period of time, the connection fails. Then, the ISAKMP SA, IPsec SA, and IPsec tunnel are deleted.
• false: disables the DPD feature. The initiator of the IPsec-VPN connection does not send DPD packets.

example:

true

enableNatTraversal

@NameInMap(value="EnableNatTraversal")
public Boolean enableNatTraversal

Specifies whether to enable NAT traversal. Valid values:

• true After NAT traversal is enabled, the initiator does not check the UDP ports during IKE negotiations and can automatically discover NAT gateway devices along the IPsec tunnel.
• false

example:

true

healthCheckConfig

@NameInMap(value="HealthCheckConfig")
public String healthCheckConfig

The health check configurations:

• HealthCheckConfig.enable: specifies whether to enable the health check feature. Valid values:

  • true
  • false

• HealthCheckConfig.dip: the destination IP address that is used for health checks. Enter the IP address on the data center side that the VPC can communicate with through the IPsec-VPN connection.

• HealthCheckConfig.sip: the source IP address that is used for health checks. Enter the IP address on the VPC side that the data center can communicate with through the IPsec-VPN connection.

• HealthCheckConfig.interval: the interval between two consecutive health checks. Unit: seconds.

• HealthCheckConfig.retry: the maximum number of health check retries.

• HealthCheckConfig.Policy: specifies whether to withdraw advertised routes when health checks fail. Valid values:

  • revoke_route
  • reserve_route

example:

{"enable":"true","dip":"192.168.1.1","sip":"10.1.1.1","interval":"3","retry":"3","Policy": "revoke_route"}

ikeConfig

@NameInMap(value="IkeConfig")
public String ikeConfig

The configuration of Phase 1 negotiations:

• IkeConfig.Psk: The pre-shared key that is used for authentication between the VPN gateway and the data center.

  • The pre-shared key must be 1 to 100 characters in length and can contain letters, digits, and the following characters: ~ ! ` @ # $ % ^ & * () _ - + = {} [] | ; : \\" , . < > / ?
  • If you do not specify a pre-shared key, the system generates a random 16-character string as the pre-shared key. You can call the DescribeVpnConnection operation to query the pre-shared key that is generated by the system.

  The pre-shared key of the IPsec-VPN connection must be the same as the authentication key of the data center. Otherwise, you cannot establish a connection between the data center and the VPN gateway.

• IkeConfig.IkeVersion: the Internet Key Exchange (IKE) version. Valid values: ikev1 and ikev2.

• IkeConfig.IkeMode: the negotiation mode. Valid values: main and aggressive.

• IkeConfig.IkeEncAlg: the encryption algorithm that is used in Phase 1 negotiations. Valid values: aes, aes192, aes256, des, and 3des.

• IkeConfig.IkeAuthAlg: the authentication algorithm that is used in Phase 1 negotiations. Valid values: md5, sha1, sha256, sha384, and sha512.

• IkeConfig.IkePfs: the Diffie-Hellman (DH) key exchange algorithm that is used in Phase 1 negotiations. Valid values: group1, group2, group5, and group14.

• IkeConfig.IkeLifetime: the security association (SA) lifetime determined by Phase 1 negotiations. Unit: seconds. Valid values: 0 to 86400.

• IkeConfig.LocalIdIPsec: the identifier of the IPsec-VPN connection on the Alibaba Cloud side. The identifier can be up to 100 characters in length.

• IkeConfig.RemoteId: the identifier of the IPsec-VPN connection on the data center side. The identifier can be up to 100 characters in length.

example:

{"Psk":"1234****","IkeVersion":"ikev1","IkeMode":"main","IkeEncAlg":"aes","IkeAuthAlg":"sha1","IkePfs":"group2","IkeLifetime":86400,"LocalId":"47.XX.XX.1","RemoteId":"47.XX.XX.2"}

ipsecConfig

@NameInMap(value="IpsecConfig")
public String ipsecConfig

The configuration of Phase 2 negotiations:

• IpsecConfig.IpsecEncAlg: the encryption algorithm that is used in Phase 2 negotiations. Valid values: aes, aes192, aes256, des, and 3des.
• IpsecConfig. IpsecAuthAlg: the authentication algorithm that is used in Phase 2 negotiations. Valid values: md5, sha1, sha256, sha384, and sha512.
• IpsecConfig. IpsecPfs: the DH key exchange algorithm that is used in Phase 2 negotiations. Valid values: disabled, group1, group2, group5, and group14.
• IpsecConfig. IpsecLifetime: the SA lifetime determined by Phase 2 negotiations. Unit: seconds. Valid values: 0 to 86400.

example:

{"IpsecEncAlg":"aes","IpsecAuthAlg":"sha1","IpsecPfs":"group2","IpsecLifetime":86400}

localSubnet

@NameInMap(value="LocalSubnet")
public String localSubnet

The CIDR block of the virtual private cloud (VPC) that communicates with the data center. The CIDR block is used in Phase 2 negotiations.

Separate multiple CIDR blocks with commas (,). Example: 192.168.1.0/24,192.168.2.0/24.

The following routing modes are supported:

• If you set LocalSubnet and RemoteSubnet to 0.0.0.0/0, the routing mode of the IPsec-VPN connection is set to Destination Routing Mode.
• If you set LocalSubnet and RemoteSubnet to specific CIDR blocks, the routing mode of the IPsec-VPN connection is set to Protected Data Flows.

example:

10.1.1.0/24,10.1.2.0/24

name

@NameInMap(value="Name")
public String name

The name of the IPsec-VPN connection.

The name must be 1 to 100 characters in length and cannot start with http:// or https://.

example:

nametest

networkType

@NameInMap(value="NetworkType")
public String networkType

The network type of the IPsec-VPN connection. Valid values:

• public: an encrypted connection over the Internet
• private: an encrypted connection over private networks

example:

public

ownerAccount

@NameInMap(value="OwnerAccount")
public String ownerAccount

regionId

@NameInMap(value="RegionId")
public String regionId

The ID of the region in which the IPsec-VPN connection is established.

You can call the DescribeRegions operation to query the most recent region list.

This parameter is required.

example:

cn-hangzhou

remoteCaCert

@NameInMap(value="RemoteCaCert")
public String remoteCaCert

The peer CA certificate when a ShangMi (SM) VPN gateway is used to create the IPsec-VPN connection.

example:

c20ycDI1NnYxIENBIChURVNUIFN****

remoteSubnet

@NameInMap(value="RemoteSubnet")
public String remoteSubnet

The CIDR block of the data center that communicates with the VPC. This CIDR block is used in Phase 2 negotiations.

Separate multiple CIDR blocks with commas (,). Example: 192.168.3.0/24,192.168.4.0/24.

The following routing modes are supported:

• If you set LocalSubnet and RemoteSubnet to 0.0.0.0/0, the routing mode of the IPsec-VPN connection is set to Destination Routing Mode.
• If you set LocalSubnet and RemoteSubnet to specific CIDR blocks, the routing mode of the IPsec-VPN connection is set to Protected Data Flows.

example:

10.1.3.0/24,10.1.4.0/24

resourceOwnerAccount

@NameInMap(value="ResourceOwnerAccount")
public String resourceOwnerAccount

resourceOwnerId

@NameInMap(value="ResourceOwnerId")
public Long resourceOwnerId

vpnConnectionId

@NameInMap(value="VpnConnectionId")
public String vpnConnectionId

The ID of the IPsec-VPN connection.

This parameter is required.

example:

vco-p0w5112fgnl2ihlmf****

构造器详细资料

ModifyVpnAttachmentAttributeRequest

public ModifyVpnAttachmentAttributeRequest()

方法详细资料

build

public static ModifyVpnAttachmentAttributeRequest build(Map<String,?> map)
                                                 throws Exception

抛出:

Exception

setAutoConfigRoute

public ModifyVpnAttachmentAttributeRequest setAutoConfigRoute(Boolean autoConfigRoute)

getAutoConfigRoute

public Boolean getAutoConfigRoute()

setBgpConfig

public ModifyVpnAttachmentAttributeRequest setBgpConfig(String bgpConfig)

getBgpConfig

public String getBgpConfig()

setClientToken

public ModifyVpnAttachmentAttributeRequest setClientToken(String clientToken)

getClientToken

public String getClientToken()

setCustomerGatewayId

public ModifyVpnAttachmentAttributeRequest setCustomerGatewayId(String customerGatewayId)

getCustomerGatewayId

public String getCustomerGatewayId()

setEffectImmediately

public ModifyVpnAttachmentAttributeRequest setEffectImmediately(Boolean effectImmediately)

getEffectImmediately

public Boolean getEffectImmediately()

setEnableDpd

public ModifyVpnAttachmentAttributeRequest setEnableDpd(Boolean enableDpd)

getEnableDpd

public Boolean getEnableDpd()

setEnableNatTraversal

public ModifyVpnAttachmentAttributeRequest setEnableNatTraversal(Boolean enableNatTraversal)

getEnableNatTraversal

public Boolean getEnableNatTraversal()

setHealthCheckConfig

public ModifyVpnAttachmentAttributeRequest setHealthCheckConfig(String healthCheckConfig)

getHealthCheckConfig

public String getHealthCheckConfig()

setIkeConfig

public ModifyVpnAttachmentAttributeRequest setIkeConfig(String ikeConfig)

getIkeConfig

public String getIkeConfig()

setIpsecConfig

public ModifyVpnAttachmentAttributeRequest setIpsecConfig(String ipsecConfig)

getIpsecConfig

public String getIpsecConfig()

setLocalSubnet

public ModifyVpnAttachmentAttributeRequest setLocalSubnet(String localSubnet)

getLocalSubnet

public String getLocalSubnet()

setName

public ModifyVpnAttachmentAttributeRequest setName(String name)

getName

public String getName()

setNetworkType

public ModifyVpnAttachmentAttributeRequest setNetworkType(String networkType)

getNetworkType

public String getNetworkType()

setOwnerAccount

public ModifyVpnAttachmentAttributeRequest setOwnerAccount(String ownerAccount)

getOwnerAccount

public String getOwnerAccount()

setRegionId

public ModifyVpnAttachmentAttributeRequest setRegionId(String regionId)

getRegionId

public String getRegionId()

setRemoteCaCert

public ModifyVpnAttachmentAttributeRequest setRemoteCaCert(String remoteCaCert)

getRemoteCaCert

public String getRemoteCaCert()

setRemoteSubnet

public ModifyVpnAttachmentAttributeRequest setRemoteSubnet(String remoteSubnet)

getRemoteSubnet

public String getRemoteSubnet()

setResourceOwnerAccount

public ModifyVpnAttachmentAttributeRequest setResourceOwnerAccount(String resourceOwnerAccount)

getResourceOwnerAccount

public String getResourceOwnerAccount()

setResourceOwnerId

public ModifyVpnAttachmentAttributeRequest setResourceOwnerId(Long resourceOwnerId)

getResourceOwnerId

public Long getResourceOwnerId()

setVpnConnectionId

public ModifyVpnAttachmentAttributeRequest setVpnConnectionId(String vpnConnectionId)

getVpnConnectionId

public String getVpnConnectionId()