All Products
Search
Document Center

Virtual Private Cloud:DescribeVpnGateway

Last Updated:Nov 13, 2024

Queries the detailed information about a VPN gateway.

Debugging

You can run this interface directly in OpenAPI Explorer, saving you the trouble of calculating signatures. After running successfully, OpenAPI Explorer can automatically generate SDK code samples.

Authorization information

The following table shows the authorization information corresponding to the API. The authorization information can be used in the Action policy element to grant a RAM user or RAM role the permissions to call this API operation. Description:

  • Operation: the value that you can use in the Action element to specify the operation on a resource.
  • Access level: the access level of each operation. The levels are read, write, and list.
  • Resource type: the type of the resource on which you can authorize the RAM user or the RAM role to perform the operation. Take note of the following items:
    • The required resource types are displayed in bold characters.
    • If the permissions cannot be granted at the resource level, All Resources is used in the Resource type column of the operation.
  • Condition Key: the condition key that is defined by the cloud service.
  • Associated operation: other operations that the RAM user or the RAM role must have permissions to perform to complete the operation. To complete the operation, the RAM user or the RAM role must have the permissions to perform the associated operations.
OperationAccess levelResource typeCondition keyAssociated operation
vpc:DescribeVpnGatewayget
  • VpnGateway
    acs:vpc:{#regionId}:{#accountId}:vpngateway/{#VpnGatewayId}
    none
none

Request parameters

ParameterTypeRequiredDescriptionExample
RegionIdstringYes

The region ID of the VPN gateway.

You can call the DescribeRegions operation to query the most recent region list.

cn-zhangjiakou
VpnGatewayIdstringYes

The ID of the VPN gateway.

vpn-bp1r3v1xqkl0w519g****
IncludeReservationDatabooleanNo

Specifies whether to include the data about pending orders. Valid values:

  • false (default)
  • true
true

Response parameters

ParameterTypeDescriptionExample
object

The response parameters.

VpnTypestring

The type of VPN gateway. Only Normal may be returned, which indicates a standard VPN gateway.

Normal
Statusstring

The status of the VPN gateway. Valid values:

  • init
  • provisioning
  • active
  • updating
  • deleting
init
VpcIdstring

The ID of the VPC to which the VPN gateway belongs.

vpc-bp19m2yx1m5q0avyq****
SslMaxConnectionslong

The maximum number of concurrent SSL-VPN connections.

5
Specstring

The maximum bandwidth of the VPN gateway. Unit: Mbit/s.

5
InternetIpstring
  • If the VPN gateway supports IPsec-VPN connections in single-tunnel mode, the address is the IP address of the VPN gateway and can be used to create an IPsec-VPN connection or an SSL-VPN connection.

  • If the VPN gateway supports IPsec-VPN connections in dual-tunnel mode, the address is the first IP address used to create an IPsec-VPN connection. The address cannot be used to create an SSL-VPN connection.

    If the VPN gateway supports IPsec-VPN connections in dual-tunnel mode, the system assigns two IP addresses to the VPN gateway to create two encrypted tunnels.

47.22.XX.XX
CreateTimelong

The timestamp when the VPN gateway was created. Unit: milliseconds.

This value is a UNIX timestamp representing the number of milliseconds that have elapsed since the epoch time January 1, 1970, 00:00:00 UTC.

1495382400000
AutoPropagateboolean

Indicates whether BGP routes are automatically advertised to the VPC. Valid values:

  • true
  • false
true
ChargeTypestring

The billing method. Valid value:

POSTPAY: pay-as-you-go

China site (aliyun.com): Prepay. International site (alibabacloud.com): POSTPAY.
VpnGatewayIdstring

The ID of the VPN gateway.

vpn-bp1r3v1xqkl0w519g****
Tagstring

The tag that is automatically generated for the VPN gateway. The tag consists of the following parameters:

  • VpnEnableBgp: indicates whether the VPN gateway supports BGP. Valid values:

    • true
    • false
  • VisuallySsl: indicates whether the VPN gateway allows you to view the connection information of SSL clients. Valid values:

    • true
    • false
  • PbrPriority: indicates whether the VPN gateway allows you to configure priorities for policy-based routes. Valid values:

    • true
    • false
  • VpnNewImage: indicates whether the VPN gateway is upgraded. Valid values:

    • true
    • false
  • description: the description of the VPN gateway. This parameter is only for internal use.

  • VpnVersion: the version of the VPN gateway.

  • IDaaSNewVersion: indicates whether the VPN gateway can be associated with an EIAM 2.0 instance.

    • true
    • false
{\"VpnEnableBgp\":\"true\",\"VisuallySsl\":\"true\",\"PbrPriority\":\"true\",\"VpnNewImage\":\"true\",\"description\":\"forwarding1.3.7\",\"VpnVersion\":\"v1.2.4\"}
IpsecVpnstring

Indicates whether the IPsec-VPN feature is enabled. Valid values:

  • enable
  • disable
enable
EndTimelong

The timestamp when the VPN gateway expires. Unit: milliseconds.

This value is a UNIX timestamp representing the number of milliseconds that have elapsed since the epoch time January 1, 1970, 00:00:00 UTC.

1544666102000
VSwitchIdstring

The ID of the vSwitch to which the VPN gateway belongs.

vsw-bp1dmzugdikc6hdgx****
RequestIdstring

The request ID.

27E4E088-8DE0-4672-BF5C-0A412389DB9E
Descriptionstring

The description of the VPN gateway.

vpngatewaydescription
EnableBgpboolean

Indicates whether BGP is enabled for the VPN gateway. Valid values:

  • true
  • false
true
BusinessStatusstring

The payment status of the VPN gateway. Valid values:

  • Normal
  • FinancialLocked
Normal
SslVpnstring

The status of the SSL-VPN feature. Valid values:

  • enable
  • disable
enable
Namestring

The name of the VPN gateway.

vpngatewayname
ReservationDataobject

The information about pending orders.

Note This set of parameters is returned only when IncludeReservationData is set to true.
Statusstring

The status of the pending order. Valid values:

  • 1: indicates that the order of the renewal or specification change has not taken effect.
  • 2: indicates that the order is an order for temporary upgrade and the order has taken effect. After the temporary upgrade expires, the system restores the VPN gateway to its previous specifications. In this case, ReservationIpsec, ReservationMaxConnections, ReservationSpec, and ReservationSsl indicate the previous specification.
1
ReservationOrderTypestring

The type of the pending order. Valid values:

  • RENEWCHANGE: renewal with upgrade or downgrade
  • TEMP_UPGRADE: temporary upgrade
  • RENEW: renewal
TEMP_UPGRADE
ReservationIpsecstring

The IPsec-VPN status of the pending order. Valid values:

  • enable
  • disable
enable
ReservationSpecstring

The bandwidth of the pending order. Unit: Mbit/s.

5
ReservationSslstring

The SSL-VPN status of the pending order. Valid values:

  • enable
  • disable
enable
ReservationMaxConnectionsinteger

The maximum number of concurrent SSL-VPN connections of the pending order.

5
ReservationEndTimestring

If the order type is TEMP_UPGRADE (temporary upgrade), this parameter specifies the time when the temporary upgrade expires.

If the order type is RENEWCHANGE (renewal with a specification change) or RENEW (renewal), this parameter indicates the time when the renewal or renewal with a specification change takes effect.

2020-07-20T16:00:00Z
Tagsarray<object>

The tags that are added to the VPN gateway.

Tagobject

The tags that are added to the VPN gateway.

Keystring

The tag key.

aaa
Valuestring

The tag value.

bbb
NetworkTypestring

The network type of the VPN gateway.

  • public
  • private
public
DisasterRecoveryInternetIpstring

The second IP address assigned by the system to create an IPsec-VPN connection.

This parameter is returned only when the VPN gateway supports the dual-tunnel mode.

47.91.XX.XX
DisasterRecoveryVSwitchIdstring

The ID of the second vSwitch associated with the VPN gateway.

This parameter is returned only when the VPN gateway supports the dual-tunnel mode.

vsw-p0w95ql6tmr2ludkt****
SslVpnInternetIpstring

The IP address of the SSL-VPN connection.

This parameter is returned only when the VPN gateway is a public VPN gateway and supports only the single-tunnel mode. In addition, the VPN gateway must have the SSL-VPN feature enabled.

47.74.XX.XX
ResourceGroupIdstring

The ID of the resource group to which the VPN gateway belongs.

You can call the ListResourceGroups operation to query resource groups.

rg-acfmzs372yg****
EniInstanceIdsarray

The ENIs created by the system for the VPN gateway.

EniInstanceIdstring

The ENI ID.

This parameter is returned only if the VPN gateway supports IPsec-VPN connections in dual-tunnel mode.

eni-7xvcxgmd4y2ypibn****

Examples

Sample success responses

JSONformat

{
  "VpnType": "Normal",
  "Status": "init",
  "VpcId": "vpc-bp19m2yx1m5q0avyq****",
  "SslMaxConnections": 5,
  "Spec": "5",
  "InternetIp": "47.22.XX.XX",
  "CreateTime": 1495382400000,
  "AutoPropagate": true,
  "ChargeType": "China site (aliyun.com): Prepay. International site (alibabacloud.com): POSTPAY.",
  "VpnGatewayId": "vpn-bp1r3v1xqkl0w519g****",
  "Tag": "{\\\"VpnEnableBgp\\\":\\\"true\\\",\\\"VisuallySsl\\\":\\\"true\\\",\\\"PbrPriority\\\":\\\"true\\\",\\\"VpnNewImage\\\":\\\"true\\\",\\\"description\\\":\\\"forwarding1.3.7\\\",\\\"VpnVersion\\\":\\\"v1.2.4\\\"}",
  "IpsecVpn": "enable",
  "EndTime": 1544666102000,
  "VSwitchId": "vsw-bp1dmzugdikc6hdgx****",
  "RequestId": "27E4E088-8DE0-4672-BF5C-0A412389DB9E",
  "Description": "vpngatewaydescription",
  "EnableBgp": true,
  "BusinessStatus": "Normal",
  "SslVpn": "enable",
  "Name": "vpngatewayname",
  "ReservationData": {
    "Status": "1",
    "ReservationOrderType": "TEMP_UPGRADE",
    "ReservationIpsec": "enable",
    "ReservationSpec": "5",
    "ReservationSsl": "enable",
    "ReservationMaxConnections": 5,
    "ReservationEndTime": "2020-07-20T16:00:00Z"
  },
  "Tags": {
    "Tag": [
      {
        "Key": "aaa",
        "Value": "bbb"
      }
    ]
  },
  "NetworkType": "public",
  "DisasterRecoveryInternetIp": "47.91.XX.XX",
  "DisasterRecoveryVSwitchId": "vsw-p0w95ql6tmr2ludkt****",
  "SslVpnInternetIp": "47.74.XX.XX",
  "ResourceGroupId": "rg-acfmzs372yg****",
  "EniInstanceIds": {
    "EniInstanceId": [
      "eni-7xvcxgmd4y2ypibn****"
    ]
  }
}

Error codes

HTTP status codeError codeError messageDescription
403Forbbiden.SubUserUser not authorized to operate on the specified resource as your account is created by another user.You are unauthorized to perform this operation on the specified resource. Acquire the required permissions and try again.
403ForbiddenUser not authorized to operate on the specified resource.You do not have the permissions to manage the specified resource. Apply for the permissions and try again.
404InvalidVpnGatewayInstanceId.NotFoundThe specified vpn gateway instance id does not exist.The specified VPN gateway does not exist. Check whether the specified VPN gateway is valid.

For a list of error codes, visit the Service error codes.

Change history

Change timeSummary of changesOperation
2024-05-06The Error code has changed. The response structure of the API has changedView Change Details
2023-10-19API Description Update. The API operation is not deprecated.. The Error code has changed. The response structure of the API has changedView Change Details
2023-06-30The Error code has changed. The response structure of the API has changedView Change Details