TunnelOption - Amazon Elastic Compute Cloud
ContentsSee Also
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

TunnelOption

The VPN tunnel options.

Contents

dpdTimeoutAction

The action to take after a DPD timeout occurs.

Type: String

Required: No

dpdTimeoutSeconds

The number of seconds after which a DPD timeout occurs.

Type: Integer

Required: No

enableTunnelLifecycleControl

Status of tunnel endpoint lifecycle control feature.

Type: Boolean

Required: No

ikeVersionSet

The IKE versions that are permitted for the VPN tunnel.

Type: Array of IKEVersionsListValue objects

Required: No

logOptions

Options for logging VPN tunnel activity.

Type: VpnTunnelLogOptions object

Required: No

outsideIpAddress

The external IP address of the VPN tunnel.

Type: String

Required: No

phase1DHGroupNumberSet

The permitted Diffie-Hellman group numbers for the VPN tunnel for phase 1 IKE negotiations.

Type: Array of Phase1DHGroupNumbersListValue objects

Required: No

phase1EncryptionAlgorithmSet

The permitted encryption algorithms for the VPN tunnel for phase 1 IKE negotiations.

Type: Array of Phase1EncryptionAlgorithmsListValue objects

Required: No

phase1IntegrityAlgorithmSet

The permitted integrity algorithms for the VPN tunnel for phase 1 IKE negotiations.

Type: Array of Phase1IntegrityAlgorithmsListValue objects

Required: No

phase1LifetimeSeconds

The lifetime for phase 1 of the IKE negotiation, in seconds.

Type: Integer

Required: No

phase2DHGroupNumberSet

The permitted Diffie-Hellman group numbers for the VPN tunnel for phase 2 IKE negotiations.

Type: Array of Phase2DHGroupNumbersListValue objects

Required: No

phase2EncryptionAlgorithmSet

The permitted encryption algorithms for the VPN tunnel for phase 2 IKE negotiations.

Type: Array of Phase2EncryptionAlgorithmsListValue objects

Required: No

phase2IntegrityAlgorithmSet

The permitted integrity algorithms for the VPN tunnel for phase 2 IKE negotiations.

Type: Array of Phase2IntegrityAlgorithmsListValue objects

Required: No

phase2LifetimeSeconds

The lifetime for phase 2 of the IKE negotiation, in seconds.

Type: Integer

Required: No

preSharedKey

The pre-shared key (PSK) to establish initial authentication between the virtual private gateway and the customer gateway.

Type: String

Required: No

rekeyFuzzPercentage

The percentage of the rekey window determined by RekeyMarginTimeSeconds during which the rekey time is randomly selected.

Type: Integer

Required: No

rekeyMarginTimeSeconds

The margin time, in seconds, before the phase 2 lifetime expires, during which the Amazon side of the VPN connection performs an IKE rekey.

Type: Integer

Required: No

replayWindowSize

The number of packets in an IKE replay window.

Type: Integer

Required: No

startupAction

The action to take when the establishing the VPN tunnels for a VPN connection.

Type: String

Required: No

tunnelInsideCidr

The range of inside IPv4 addresses for the tunnel.

Type: String

Required: No

tunnelInsideIpv6Cidr

The range of inside IPv6 addresses for the tunnel.

Type: String

Required: No

See Also

For more information about using this API in one of the language-specific Amazon SDKs, see the following: