AwsEc2VpnConnectionOptionsTunnelOptionsDetails - Amazon Security Hub
ContentsSee Also
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

AwsEc2VpnConnectionOptionsTunnelOptionsDetails

The VPN tunnel options.

Contents

DpdTimeoutSeconds

The number of seconds after which a Dead Peer Detection (DPD) timeout occurs.

Type: Integer

Required: No

IkeVersions

The Internet Key Exchange (IKE) versions that are permitted for the VPN tunnel.

Type: Array of strings

Pattern: .*\S.*

Required: No

OutsideIpAddress

The external IP address of the VPN tunnel.

Type: String

Pattern: .*\S.*

Required: No

Phase1DhGroupNumbers

The permitted Diffie-Hellman group numbers for the VPN tunnel for phase 1 IKE negotiations.

Type: Array of integers

Required: No

Phase1EncryptionAlgorithms

The permitted encryption algorithms for the VPN tunnel for phase 1 IKE negotiations.

Type: Array of strings

Pattern: .*\S.*

Required: No

Phase1IntegrityAlgorithms

The permitted integrity algorithms for the VPN tunnel for phase 1 IKE negotiations.

Type: Array of strings

Pattern: .*\S.*

Required: No

Phase1LifetimeSeconds

The lifetime for phase 1 of the IKE negotiation, in seconds.

Type: Integer

Required: No

Phase2DhGroupNumbers

The permitted Diffie-Hellman group numbers for the VPN tunnel for phase 2 IKE negotiations.

Type: Array of integers

Required: No

Phase2EncryptionAlgorithms

The permitted encryption algorithms for the VPN tunnel for phase 2 IKE negotiations.

Type: Array of strings

Pattern: .*\S.*

Required: No

Phase2IntegrityAlgorithms

The permitted integrity algorithms for the VPN tunnel for phase 2 IKE negotiations.

Type: Array of strings

Pattern: .*\S.*

Required: No

Phase2LifetimeSeconds

The lifetime for phase 2 of the IKE negotiation, in seconds.

Type: Integer

Required: No

PreSharedKey

The preshared key to establish initial authentication between the virtual private gateway and the customer gateway.

Type: String

Pattern: .*\S.*

Required: No

RekeyFuzzPercentage

The percentage of the rekey window, which is determined by RekeyMarginTimeSeconds during which the rekey time is randomly selected.

Type: Integer

Required: No

RekeyMarginTimeSeconds

The margin time, in seconds, before the phase 2 lifetime expires, during which the Amazon side of the VPN connection performs an IKE rekey.

Type: Integer

Required: No

ReplayWindowSize

The number of packets in an IKE replay window.

Type: Integer

Required: No

TunnelInsideCidr

The range of inside IPv4 addresses for the tunnel.

Type: String

Pattern: .*\S.*

Required: No

See Also

For more information about using this API in one of the language-specific Amazon SDKs, see the following: