vpc-20160428/core/Models/ModifyVpnConnectionAttributeRequest.cs

// This file is auto-generated, don't edit it. Thanks. using System; using System.Collections.Generic; using System.IO; using Tea; namespace AlibabaCloud.SDK.Vpc20160428.Models { public class ModifyVpnConnectionAttributeRequest : TeaModel { /// <summary> /// <para>Specifies whether to automatically advertise routes. Valid values:</para> /// <list type="bullet"> /// <item><description>true</description></item> /// <item><description>false</description></item> /// </list> /// /// Example: /// <para>true</para> /// </summary> [NameInMap("AutoConfigRoute")] [Validation(Required=false)] public bool? AutoConfigRoute { get; set; } /// <summary> /// <para>This parameter is supported if you modify the configurations of an IPsec-VPN connection in single-tunnel mode.</para> /// <para>BGP configuration:</para> /// <list type="bullet"> /// <item><description><para>BgpConfig.EnableBgp: specifies whether to enable BGP. Valid values: true and false.</para> /// </description></item> /// <item><description><para>BgpConfig.LocalAsn: the autonomous system number (ASN) on the Alibaba Cloud side. Valid values: 1 to 4294967295.</para> /// <para>You can enter a value in two segments separated by a period (.). Each segment is 16 bits in length. Enter the number in each segment in decimal format.</para> /// <para>For example, if you enter 123.456, the ASN is 8061384. The ASN is calculated by using the following formula: 123 × 65536 + 456 = 8061384.</para> /// </description></item> /// <item><description><para>BgpConfig.TunnelCidr: The CIDR block of the IPsec tunnel. The CIDR block must fall within 169.254.0.0/16 and the mask of the CIDR block must be 30 bits in length. The CIDR block cannot be 169.254.0.0/30, 169.254.1.0/30, 169.254.2.0/30, 169.254.3.0/30, 169.254.4.0/30, 169.254.5.0/30, 169.254.6.0/30, or 169.254.169.252/30.</para> /// <remarks> /// <para>The CIDR block of the IPsec tunnel for each IPsec-VPN connection on a VPN gateway must be unique.</para> /// </remarks> /// </description></item> /// <item><description><para>LocalBgpIp: the BGP address on the Alibaba Cloud side. It must be an IP address that falls within the CIDR block of the IPsec tunnel.</para> /// </description></item> /// </list> /// <remarks> /// <list type="bullet"> /// <item><description>This parameter is required when the VPN gateway has dynamic BGP enabled.</description></item> /// <item><description>Before you add BGP configurations, we recommend that you learn about how BGP dynamic routing works and the limits. For more information, see <a href="https://help.aliyun.com/document_detail/2638220.html">Configure BGP dynamic routing</a>.</description></item> /// <item><description>We recommend that you use a private ASN to establish BGP connections to Alibaba Cloud. For information about the range of private ASNs, see the relevant documentation.</description></item> /// </list> /// </remarks> /// /// Example: /// <para>{"EnableBgp":"true","LocalAsn":"65530","TunnelCidr":"169.254.11.0/30","LocalBgpIp":"169.254.11.1"}</para> /// </summary> [NameInMap("BgpConfig")] [Validation(Required=false)] public string BgpConfig { get; set; } /// <summary> /// <para>The client token that is used to ensure the idempotence of the request.</para> /// <para>You can use the client to generate the token, but you must make sure that the token is unique among different requests. The token can contain only ASCII characters.</para> /// <remarks> /// <para> If you do not specify this parameter, the system automatically uses the value of RequestId as the value of ClientToken. The request ID may be different for each request.</para> /// </remarks> /// /// Example: /// <para>02fb3da4-130e-11e9-8e44-0016e04115b</para> /// </summary> [NameInMap("ClientToken")] [Validation(Required=false)] public string ClientToken { get; set; } /// <summary> /// <para>Specifies whether to immediately start IPsec negotiations after the configuration takes effect. Valid values:</para> /// <list type="bullet"> /// <item><description>true: immediately starts IPsec negotiations after the configuration takes effect.</description></item> /// <item><description>false: IPsec negotiations start when inbound traffic is detected.</description></item> /// </list> /// /// Example: /// <para>false</para> /// </summary> [NameInMap("EffectImmediately")] [Validation(Required=false)] public bool? EffectImmediately { get; set; } /// <summary> /// <para>You can specify this parameter if you modify the configuration of a single-tunnel IPsec-VPN connection.</para> /// <para>Specifies whether to enable the dead peer detection (DPD) feature. Valid values:</para> /// <list type="bullet"> /// <item><description>true:: enables the DPD feature. The initiator of the IPsec-VPN connection sends DPD packets to check the existence and availability of the peer. If no feedback is received from the peer within a specific period of time, the connection fails. Then, the ISAKMP SA, IPsec SA, and IPsec tunnel are deleted.</description></item> /// <item><description>false: disables the DPD feature. The initiator of the IPsec-VPN connection does not send DPD packets.</description></item> /// </list> /// /// Example: /// <para>true</para> /// </summary> [NameInMap("EnableDpd")] [Validation(Required=false)] public bool? EnableDpd { get; set; } /// <summary> /// <para>You can specify this parameter if you modify the configuration of a single-tunnel IPsec-VPN connection.</para> /// <para>Specifies whether to enable NAT traversal. Valid values:</para> /// <list type="bullet"> /// <item><description>true After NAT traversal is enabled, the initiator does not check the UDP ports during IKE negotiations and can automatically discover NAT gateway devices along the IPsec tunnel.</description></item> /// <item><description>false</description></item> /// </list> /// /// Example: /// <para>true</para> /// </summary> [NameInMap("EnableNatTraversal")] [Validation(Required=false)] public bool? EnableNatTraversal { get; set; } /// <summary> /// <para>You can specify this parameter if you modify the configuration of a dual-tunnel IPsec-VPN connection.</para> /// <para>Specifies whether to enable BGP for the tunnel. Valid values: true and false.</para> /// /// Example: /// <para>true</para> /// /// if can be null: /// <c>true</c> /// </summary> [NameInMap("EnableTunnelsBgp")] [Validation(Required=false)] public bool? EnableTunnelsBgp { get; set; } /// <summary> /// <para>You can specify this parameter if you modify the configuration of a single-tunnel IPsec-VPN connection.</para> /// <para>The health check configuration:</para> /// <list type="bullet"> /// <item><description>HealthCheckConfig.enable: specifies whether to enable health checks. Valid values: true and false.</description></item> /// <item><description>HealthCheckConfig.dip: the destination IP address that is used for health checks.</description></item> /// <item><description>HealthCheckConfig.sip: the source IP address that is used for health checks.</description></item> /// <item><description>HealthCheckConfig.interval: the interval between two consecutive health checks. Unit: seconds.</description></item> /// <item><description>HealthCheckConfig.retry: the maximum number of health check retries.</description></item> /// </list> /// /// Example: /// <para>{"enable":"true","dip":"192.168.1.1","sip":"10.1.1.1","interval":"3","retry":"3"}</para> /// </summary> [NameInMap("HealthCheckConfig")] [Validation(Required=false)] public string HealthCheckConfig { get; set; } /// <summary> /// <para>This parameter is supported if you modify the configurations of an IPsec-VPN connection in single-tunnel mode.</para> /// <para>The configurations of Phase 1 negotiations:</para> /// <list type="bullet"> /// <item><description><para>IkeConfig.Psk: The pre-shared key that is used for identity authentication between the VPN gateway and the on-premises data center.</para> /// <list type="bullet"> /// <item><description>The key cannot contain space characters. The key must be 1 to 100 characters in length, and can contain digits, letters, and the following special characters: <c>~!`@#$%^&*()_-+={}[]|;:\\",.<>/?</c></description></item> /// <item><description>If you do not specify a pre-shared key, the system randomly generates a 16-bit string as the pre-shared key. You can call the <a href="https://help.aliyun.com/document_detail/2526951.html">DescribeVpnConnection</a> operation to query the pre-shared key that is automatically generated by the system.</description></item> /// </list> /// <remarks> /// <para>The pre-shared key of the IPsec-VPN connection must be the same as the authentication key of the on-premises data center. Otherwise, connections between the on-premises data center and the VPN gateway cannot be established.</para> /// </remarks> /// </description></item> /// <item><description><para>IkeConfig.IkeVersion: the version of the Internet Key Exchange (IKE) protocol. Valid values: ikev1 and ikev2.</para> /// <para>Compared with IKEv1, IKEv2 simplifies the security association (SA) negotiation process and provides better support for scenarios with multiple CIDR blocks.</para> /// </description></item> /// <item><description><para>IkeConfig.IkeMode: the negotiation mode of IKE. Valid values: main and aggressive.</para> /// <list type="bullet"> /// <item><description>main: This mode offers higher security during negotiations.</description></item> /// <item><description>aggressive: This mode supports faster negotiations and a higher success rate.</description></item> /// </list> /// </description></item> /// <item><description><para>IkeConfig.IkeEncAlg: the encryption algorithm that is used in Phase 1 negotiations.</para> /// <para>Valid values: aes, aes192, aes256, des, and 3des.</para> /// </description></item> /// <item><description><para>IkeConfig.IkeAuthAlg: the authentication algorithm that is used in Phase 1 negotiations.</para> /// <para>Valid values: md5, sha1, sha256, sha384, and sha512.</para> /// </description></item> /// <item><description><para>IkeConfig.IkePfs: the Diffie-Hellman key exchange algorithm that is used in Phase 1 negotiations. Valid values: group1, group2, group5, and group14.</para> /// </description></item> /// <item><description><para>IkeConfig.IkeLifetime: the SA lifetime as a result of Phase 1 negotiations. Unit: seconds Valid values: 0 to 86400.</para> /// </description></item> /// <item><description><para>IkeConfig.LocalId: the identifier of the VPN gateway. The identifier cannot exceed 100 characters in length and cannot contain space characters. The default value is the IP address of the VPN gateway.</para> /// </description></item> /// <item><description><para>IkeConfig.RemoteId: the identifier of the customer gateway. The identifier cannot exceed 100 characters in length and cannot contain space characters. The default value is the IP address of the customer gateway.</para> /// </description></item> /// </list> /// /// Example: /// <para>{"Psk":"pgw6dy7d1i8i****","IkeVersion":"ikev1","IkeMode":"main","IkeEncAlg":"aes","IkeAuthAlg":"sha1","IkePfs":"group2","IkeLifetime":86400,"LocalId":"116.64.XX.XX","RemoteId":"139.18.XX.XX"}</para> /// </summary> [NameInMap("IkeConfig")] [Validation(Required=false)] public string IkeConfig { get; set; } /// <summary> /// <para>You can specify this parameter if you modify the configuration of a single-tunnel IPsec-VPN connection.</para> /// <para>The configuration of Phase 2 negotiations:</para> /// <list type="bullet"> /// <item><description><para>IpsecConfig.IpsecEncAlg: the encryption algorithm that is used in Phase 2 negotiations.</para> /// <para>Valid values: aes, aes192, aes256, des, and 3des.</para> /// </description></item> /// <item><description><para>IpsecConfig. IpsecAuthAlg: the authentication algorithm that is used in Phase 2 negotiations.</para> /// <para>Valid values: md5, sha1, sha256, sha384, and sha512.</para> /// </description></item> /// <item><description><para>IpsecConfig. IpsecPfs: the DH key exchange algorithm that is used in Phase 1 negotiations. If you specify this parameter, packets of all protocols are forwarded. Valid values: disabled, group1, group2, group5, and group14.</para> /// </description></item> /// <item><description><para>IpsecConfig. IpsecLifetime: the SA lifetime that is determined by Phase 2 negotiations. Unit: seconds. Valid values: 0 to 86400.</para> /// </description></item> /// </list> /// /// Example: /// <para>{"IpsecEncAlg":"aes","IpsecAuthAlg":"sha1","IpsecPfs":"group2","IpsecLifetime":86400}</para> /// </summary> [NameInMap("IpsecConfig")] [Validation(Required=false)] public string IpsecConfig { get; set; } /// <summary> /// <para>The CIDR block used to connect the virtual private cloud (VPC) to the data center. The CIDR block is used in Phase 2 negotiations.</para> /// <para>Separate multiple CIDR blocks with commas (,). Example: 192.168.1.0/24,192.168.2.0/24.</para> /// <para>The following routing modes are supported:</para> /// <list type="bullet"> /// <item><description>If you set LocalSubnet and RemoteSubnet to 0.0.0.0/0, the routing mode of the IPsec-VPN connection is set to Destination Routing Mode.</description></item> /// <item><description>If you set LocalSubnet and RemoteSubnet to specific CIDR blocks, the routing mode of the IPsec-VPN connection is set to Protected Data Flows.</description></item> /// </list> /// /// Example: /// <para>10.1.1.0/24,10.1.2.0/24</para> /// </summary> [NameInMap("LocalSubnet")] [Validation(Required=false)] public string LocalSubnet { get; set; } /// <summary> /// <para>The name of the IPsec-VPN connection.</para> /// <para>The name must be 1 to 100 characters in length and cannot start with <c>http://</c> or <c>https://</c>.</para> /// /// Example: /// <para>nametest</para> /// </summary> [NameInMap("Name")] [Validation(Required=false)] public string Name { get; set; } [NameInMap("OwnerAccount")] [Validation(Required=false)] public string OwnerAccount { get; set; } [NameInMap("OwnerId")] [Validation(Required=false)] public long? OwnerId { get; set; } /// <summary> /// <para>The ID of the region in which the IPsec-VPN connection is created.</para> /// <para>You can call the <a href="https://help.aliyun.com/document_detail/36063.html">DescribeRegions</a> operation to query the most recent region list.</para> /// <para>This parameter is required.</para> /// /// Example: /// <para>cn-shanghai</para> /// </summary> [NameInMap("RegionId")] [Validation(Required=false)] public string RegionId { get; set; } /// <summary> /// <para>You can specify this parameter if you modify the configuration of a single-tunnel IPsec-VPN connection.</para> /// <para>If the VPN gateway uses a ShangMi (SM) certificate, you can modify the CA certificate used by the IPsec peer.</para> /// <para>If the VPN gateway does not use an SM certificate, you cannot specify this parameter.</para> /// /// Example: /// <para>-----BEGIN CERTIFICATE----- MIIB7zCCAZW**** -----END CERTIFICATE-----</para> /// </summary> [NameInMap("RemoteCaCertificate")] [Validation(Required=false)] public string RemoteCaCertificate { get; set; } /// <summary> /// <para>The CIDR block on the data center side. This CIDR block is used in Phase 2 negotiations.</para> /// <para>Separate multiple CIDR blocks with commas (,). Example: 192.168.3.0/24,192.168.4.0/24.</para> /// <para>The following routing modes are supported:</para> /// <list type="bullet"> /// <item><description>If you set LocalSubnet and RemoteSubnet to 0.0.0.0/0, the routing mode of the IPsec-VPN connection is set to Destination Routing Mode.</description></item> /// <item><description>If you set LocalSubnet and RemoteSubnet to specific CIDR blocks, the routing mode of the IPsec-VPN connection is set to Protected Data Flows.</description></item> /// </list> /// /// Example: /// <para>10.2.1.0/24,10.2.2.0/24</para> /// </summary> [NameInMap("RemoteSubnet")] [Validation(Required=false)] public string RemoteSubnet { get; set; } [NameInMap("ResourceOwnerAccount")] [Validation(Required=false)] public string ResourceOwnerAccount { get; set; } [NameInMap("ResourceOwnerId")] [Validation(Required=false)] public long? ResourceOwnerId { get; set; } /// <summary> /// <para>The tunnel configurations.</para> /// <para>You can specify parameters in the TunnelOptionsSpecification array when you modify the configurations of an IPsec-VPN connection in dual-tunnel mode. You can modify the configurations of both the active and standby tunnels of the IPsec-VPN connection.</para> /// /// if can be null: /// <c>true</c> /// </summary> [NameInMap("TunnelOptionsSpecification")] [Validation(Required=false)] public List<ModifyVpnConnectionAttributeRequestTunnelOptionsSpecification> TunnelOptionsSpecification { get; set; } public class ModifyVpnConnectionAttributeRequestTunnelOptionsSpecification : TeaModel { /// <summary> /// <para>The ID of the customer gateway associated with the tunnel.</para> /// /// Example: /// <para>cgw-1nmwbpgrp7ssqm1yn****</para> /// </summary> [NameInMap("CustomerGatewayId")] [Validation(Required=false)] public string CustomerGatewayId { get; set; } /// <summary> /// <para>Specifies whether to enable the Dead Peer Detection (DPD) feature for the tunnel. Valid values:</para> /// <list type="bullet"> /// <item><description>true: enables DPD. The initiator of the IPsec-VPN connection sends DPD packets to check the existence and availability of the peer. If no feedback is received from the peer within the specified period of time, the connection fails. In this case, ISAKMP SA and IPsec SA are deleted. The security tunnel is also deleted.</description></item> /// <item><description>false: disables DPD. The initiator of the IPsec-VPN connection does not send DPD packets.</description></item> /// </list> /// /// Example: /// <para>true</para> /// </summary> [NameInMap("EnableDpd")] [Validation(Required=false)] public bool? EnableDpd { get; set; } /// <summary> /// <para>Specifies whether to enable NAT traversal for the tunnel. Valid values:</para> /// <list type="bullet"> /// <item><description>true: enables NAT traversal. After NAT traversal is enabled, the initiator does not check the UDP ports during IKE negotiations and can automatically discover NAT gateway devices along the IPsec-VPN tunnel.</description></item> /// <item><description>false: disables NAT traversal.</description></item> /// </list> /// /// Example: /// <para>true</para> /// </summary> [NameInMap("EnableNatTraversal")] [Validation(Required=false)] public bool? EnableNatTraversal { get; set; } /// <summary> /// <para>If the VPN gateway uses an SM certificate, you can modify the CA certificate used by the IPsec peer.</para> /// <para>If the VPN gateway does not use an SM certificate, this parameter is not supported.</para> /// /// Example: /// <para>-----BEGIN CERTIFICATE----- MIIB7zCCAZW**** -----END CERTIFICATE-----</para> /// </summary> [NameInMap("RemoteCaCertificate")] [Validation(Required=false)] public string RemoteCaCertificate { get; set; } /// <summary> /// <para>The tunnel role. Valid values:</para> /// <list type="bullet"> /// <item><description>master: The tunnel is an active tunnel.</description></item> /// <item><description>slave: The tunnel is a standby tunnel.</description></item> /// </list> /// /// Example: /// <para>master</para> /// </summary> [NameInMap("Role")] [Validation(Required=false)] public string Role { get; set; } /// <summary> /// <para>The Border Gateway Protocol (BGP) configurations of the tunnel.</para> /// </summary> [NameInMap("TunnelBgpConfig")] [Validation(Required=false)] public ModifyVpnConnectionAttributeRequestTunnelOptionsSpecificationTunnelBgpConfig TunnelBgpConfig { get; set; } public class ModifyVpnConnectionAttributeRequestTunnelOptionsSpecificationTunnelBgpConfig : TeaModel { /// <summary> /// <para>The ASN of the tunnel on the Alibaba Cloud side. Valid values: 1 to 4294967295. Default value: 45104.</para> /// <remarks> /// <para> You can specify this parameter only if EnableTunnelsBgp is set to true.</para> /// </remarks> /// <list type="bullet"> /// <item><description><para>Before you add BGP configurations, we recommend that you learn about how BGP dynamic routing works and the limits. For more information, see <a href="https://help.aliyun.com/document_detail/2638220.html">Configure BGP dynamic routing</a>.</para> /// </description></item> /// <item><description><para>We recommend that you use a private ASN to establish BGP connections to Alibaba Cloud. For information about the range of private ASNs, see the relevant documentation.</para> /// </description></item> /// </list> /// /// Example: /// <para>65530</para> /// </summary> [NameInMap("LocalAsn")] [Validation(Required=false)] public long? LocalAsn { get; set; } /// <summary> /// <para>The BGP IP address of the tunnel on the Alibaba Cloud side. The address is an IP address that falls within the BGP CIDR block.</para> /// /// Example: /// <para>169.254.10.1</para> /// </summary> [NameInMap("LocalBgpIp")] [Validation(Required=false)] public string LocalBgpIp { get; set; } /// <summary> /// <para>The BGP CIDR block of the tunnel.</para> /// <para>The CIDR block must fall within 169.254.0.0/16 and the mask of the CIDR block must be 30 bits in length. The CIDR block cannot be 169.254.0.0/30, 169.254.1.0/30, 169.254.2.0/30, 169.254.3.0/30, 169.254.4.0/30, 169.254.5.0/30, 169.254.6.0/30, or 169.254.169.252/30.</para> /// <remarks> /// <para> The BGP CIDR block of each tunnel must be unique on a VPN gateway.</para> /// </remarks> /// /// Example: /// <para>169.254.10.0/30</para> /// </summary> [NameInMap("TunnelCidr")] [Validation(Required=false)] public string TunnelCidr { get; set; } } /// <summary> /// <para>The tunnel ID.</para> /// /// Example: /// <para>tun-opsqc4d97wni27****</para> /// </summary> [NameInMap("TunnelId")] [Validation(Required=false)] public string TunnelId { get; set; } /// <summary> /// <para>The configurations of Phase 1 negotiations.</para> /// </summary> [NameInMap("TunnelIkeConfig")] [Validation(Required=false)] public ModifyVpnConnectionAttributeRequestTunnelOptionsSpecificationTunnelIkeConfig TunnelIkeConfig { get; set; } public class ModifyVpnConnectionAttributeRequestTunnelOptionsSpecificationTunnelIkeConfig : TeaModel { /// <summary> /// <para>The authentication algorithm that is used in Phase 1 negotiations.</para> /// <para>Valid values: md5, sha1, sha256, sha384, and sha512.</para> /// /// Example: /// <para>md5</para> /// </summary> [NameInMap("IkeAuthAlg")] [Validation(Required=false)] public string IkeAuthAlg { get; set; } /// <summary> /// <para>The encryption algorithm that is used in Phase 1 negotiations.</para> /// <para>Valid values: aes, aes192, aes256, des, and 3des.</para> /// /// Example: /// <para>aes</para> /// </summary> [NameInMap("IkeEncAlg")] [Validation(Required=false)] public string IkeEncAlg { get; set; } /// <summary> /// <para>The SA lifetime as a result of Phase 1 negotiations. Unit: seconds Valid values: 0 to 86400.</para> /// /// Example: /// <para>86400</para> /// </summary> [NameInMap("IkeLifetime")] [Validation(Required=false)] public long? IkeLifetime { get; set; } /// <summary> /// <para>The negotiation mode of IKE. Valid values:</para> /// <list type="bullet"> /// <item><description>main: This mode offers higher security during negotiations.</description></item> /// <item><description>aggressive: This mode supports faster negotiations and a higher success rate.</description></item> /// </list> /// /// Example: /// <para>main</para> /// </summary> [NameInMap("IkeMode")] [Validation(Required=false)] public string IkeMode { get; set; } /// <summary> /// <para>The Diffie-Hellman key exchange algorithm that is used in Phase 1 negotiations. Valid values: group1, group2, group5, and group14.</para> /// /// Example: /// <para>group2</para> /// </summary> [NameInMap("IkePfs")] [Validation(Required=false)] public string IkePfs { get; set; } /// <summary> /// <para>The version of the IKE protocol. Valid values: ikev1 and ikev2.</para> /// <para>Compared with IKEv1, IKEv2 simplifies the SA negotiation process and provides better support for scenarios with multiple CIDR blocks.</para> /// /// Example: /// <para>ikev1</para> /// </summary> [NameInMap("IkeVersion")] [Validation(Required=false)] public string IkeVersion { get; set; } /// <summary> /// <para>The identifier on the Alibaba Cloud side, which is used in Phase 1 negotiations. The identifier cannot exceed 100 characters in length and cannot contain space characters. The default value is the IP address of the tunnel.</para> /// <para>LocalId supports fully qualified domain names (FQDNs). If you use an FQDN, we recommend that you set the negotiation mode to aggressive.</para> /// /// Example: /// <para>47.21.XX.XX</para> /// </summary> [NameInMap("LocalId")] [Validation(Required=false)] public string LocalId { get; set; } /// <summary> /// <para>The pre-shared key, which is used for identity authentication between the tunnel and the tunnel peer.</para> /// <list type="bullet"> /// <item><description>The key cannot contain space characters. The key must be 1 to 100 characters in length, and can contain digits, letters, and the following special characters: <c>~!\\`@#$%^&*()_-+={}[]|;:\\",.<>/?</c></description></item> /// <item><description>If you do not specify a pre-shared key, the system randomly generates a 16-bit string as the pre-shared key. You can call the <a href="https://help.aliyun.com/document_detail/2526951.html">DescribeVpnConnection</a> operation to query the pre-shared key that is automatically generated by the system.</description></item> /// </list> /// <remarks> /// <para> The tunnel and the tunnel peer must use the same pre-shared key. Otherwise, the tunnel cannot be built.</para> /// </remarks> /// /// Example: /// <para>123456****</para> /// </summary> [NameInMap("Psk")] [Validation(Required=false)] public string Psk { get; set; } /// <summary> /// <para>The identifier of the tunnel peer, which is used in Phase 1 negotiations. The identifier cannot exceed 100 characters in length and cannot contain space characters. The default value is the IP address of the customer gateway that is associated with the tunnel.</para> /// <para>RemoteId supports FQDNs. If you use an FQDN, we recommend that you set the negotiation mode to aggressive.</para> /// /// Example: /// <para>47.42.XX.XX</para> /// </summary> [NameInMap("RemoteId")] [Validation(Required=false)] public string RemoteId { get; set; } } /// <summary> /// <para>The configurations of Phase 2 negotiations.</para> /// </summary> [NameInMap("TunnelIpsecConfig")] [Validation(Required=false)] public ModifyVpnConnectionAttributeRequestTunnelOptionsSpecificationTunnelIpsecConfig TunnelIpsecConfig { get; set; } public class ModifyVpnConnectionAttributeRequestTunnelOptionsSpecificationTunnelIpsecConfig : TeaModel { /// <summary> /// <para>The authentication algorithm that is used in Phase 2 negotiations.</para> /// <para>Valid values: md5, sha1, sha256, sha384, and sha512.</para> /// /// Example: /// <para>md5</para> /// </summary> [NameInMap("IpsecAuthAlg")] [Validation(Required=false)] public string IpsecAuthAlg { get; set; } /// <summary> /// <para>The encryption algorithm that is used in Phase 2 negotiations.</para> /// <para>Valid values: aes, aes192, aes256, des, and 3des.</para> /// /// Example: /// <para>aes</para> /// </summary> [NameInMap("IpsecEncAlg")] [Validation(Required=false)] public string IpsecEncAlg { get; set; } /// <summary> /// <para>The SA lifetime as a result of Phase 2 negotiations. Unit: seconds Valid values: 0 to 86400.</para> /// /// Example: /// <para>86400</para> /// </summary> [NameInMap("IpsecLifetime")] [Validation(Required=false)] public int? IpsecLifetime { get; set; } /// <summary> /// <para>The Diffie-Hellman key exchange algorithm that is used in Phase 2 negotiations.</para> /// <para>Valid values: disabled, group1, group2, group5, and group14.</para> /// /// Example: /// <para>group2</para> /// </summary> [NameInMap("IpsecPfs")] [Validation(Required=false)] public string IpsecPfs { get; set; } } } /// <summary> /// <para>The ID of the IPsec-VPN connection.</para> /// <para>This parameter is required.</para> /// /// Example: /// <para>vco-bp1bbi27hojx80nck****</para> /// </summary> [NameInMap("VpnConnectionId")] [Validation(Required=false)] public string VpnConnectionId { get; set; } } }

vpc-20160428/core/Models/ModifyVpnConnectionAttributeRequest.cs (155 lines of code) (raw):