更新时间:2024-02-20 GMT+08:00
示例三:创建VPN连接
操作场景
本章节指导用户通过调用API来创建VPN连接。
前提条件
- 已创建VPN网关。具体请参见创建VPN网关。
- 已创建对端网关。具体请参见创建对端网关。
- 当您使用Token认证方式完成认证鉴权时,需要获取用户Token并在调用接口时增加“X-Auth-Token”到业务接口请求消息头中。Token认证,具体操作请参考认证鉴权。
通过IAM服务获取到的Token有效期为24小时,需要使用同一个Token鉴权时,可以先将Token缓存,避免频繁调用。
数据准备
参数 |
说明 |
取值样例 |
|---|---|---|
vgw_id |
VPN网关ID |
b32d91a4-****-****-****-e907174eb11d |
vgw_ip |
VPN网关EIP的ID |
0c464dad-****-****-****-c22bb0eb0bde |
cgw_id |
对端网关ID |
5247ae10-****-****-****-dd36659a7f5d |
peer_subnets |
对端子网 |
192.168.44.0/24 |
psk |
预共享密钥 |
abcd**** |
操作步骤
- 基于关联VPC的VPN网关,创建静态路由模式的VPN连接。
- 发送“POST https://{endpoint}/v5/{project_id}/vpn-connection”,project_id为项目ID。
- 在Request Header中增加“X-Auth-Token”。
- 在Request Body中传入参数如下。
{ "vpn_connection": { "vgw_id": "b32d91a4-****-****-****-e907174eb11d", "vgw_ip": "0c464dad-****-****-****-c22bb0eb0bde", "cgw_id": "5247ae10-****-****-****-dd36659a7f5d", "peer_subnets": [ "192.168.44.0/24" ], "psk": "abcd****" } } - 查看请求响应结果。
- 请求成功时,响应参数如下,id就是VPN连接的ID。
{ "vpn_connection": { "id": "98c5af8a-****-****-****-ae2280a6f4c3", "name": "vpn-1655", "vgw_id": "b32d91a4-****-****-****-e907174eb11d", "vgw_ip": "0c464dad-****-****-****-c22bb0eb0bde", "style": "STATIC", "cgw_id": "5247ae10-****-****-****-dd36659a7f5d", "peer_subnets": ["192.168.44.0/24"], "tunnel_local_address": "169.254.56.225/30", "tunnel_peer_address": "169.254.56.226/30", "enable_nqa": false, "ikepolicy": { "ike_version": "v2", "authentication_algorithm": "sha2-256", "encryption_algorithm": "aes-128", "dh_group": "group15", "authentication_method": "pre-share", "lifetime_seconds": 86400, "local_id_type": "ip", "local_id": "10.***.***.134", "peer_id_type": "ip", "peer_id": "88.***.***.164", "dpd": { "timeout": 15, "interval": 30, "msg": "seq-hash-notify" } }, "ipsecpolicy": { "authentication_algorithm": "sha2-256", "encryption_algorithm": "aes-128", "pfs": "group15", "transform_protocol": "esp", "lifetime_seconds": 3600, "encapsulation_mode": "tunnel" }, "created_at": "2022-11-26T13:41:34.626Z", "updated_at": "2022-11-26T13:41:34.626Z", "enterprise_project_id": "0", }, "request_id": "f74da97d-aa27-4f62-a87c-a33b5706964b" }
- 请求成功时,响应参数如下,id就是VPN连接的ID。
- 查询VPN连接详情。
- 发送“GET https://{endpoint}/v5/{project_id}/vpn-connection/{vpn_connection_id}”,project_id为项目ID。
- 在Request Header中增加“X-Auth-Token”。
- 查看请求响应结果。
- 请求成功时,响应参数如下,id就是VPN连接的ID。
{ "vpn_connection": { "id": "98c5af8a-****-****-****-ae2280a6f4c3", "name": "vpn-1655", "status": "DOWN", "vgw_id": "b32d91a4-****-****-****-e907174eb11d", "vgw_ip": "0c464dad-****-****-****-c22bb0eb0bde", "style": "STATIC", "cgw_id": "5247ae10-****-****-****-dd36659a7f5d", "peer_subnets": ["192.168.44.0/24"], "tunnel_local_address": "169.254.56.225/30", "tunnel_peer_address": "169.254.56.226/30", "enable_nqa": false, "ikepolicy": { "ike_version": "v2", "authentication_algorithm": "sha2-256", "encryption_algorithm": "aes-128", "dh_group": "group15", "authentication_method": "pre-share", "lifetime_seconds": 86400, "local_id_type": "ip", "local_id": "10.***.***.134", "peer_id_type": "ip", "peer_id": "88.***.***.164", "dpd": { "timeout": 15, "interval": 30, "msg": "seq-hash-notify" } }, "ipsecpolicy": { "authentication_algorithm": "sha2-256", "encryption_algorithm": "aes-128", "pfs": "group15", "transform_protocol": "esp", "lifetime_seconds": 3600, "encapsulation_mode": "tunnel" }, "created_at": "2022-11-26T13:41:34.626Z", "updated_at": "2022-11-26T13:41:34.626Z", "enterprise_project_id": "0", }, "request_id": "104c5608-b68b-462c-af17-ead2fb5ccee4" }
- 请求成功时,响应参数如下,id就是VPN连接的ID。
