AwsEc2VpnConnectionOptionsTunnelOptionsDetails - AWS Security Hub
ContentsSee Also

AwsEc2VpnConnectionOptionsTunnelOptionsDetails

The VPN tunnel options.

Contents

DpdTimeoutSeconds

The number of seconds after which a Dead Peer Detection (DPD) timeout occurs.

Type: Integer

Required: No

IkeVersions

The Internet Key Exchange (IKE) versions that are permitted for the VPN tunnel.

Type: Array of strings

Pattern: .*\S.*

Required: No

OutsideIpAddress

The external IP address of the VPN tunnel.

Type: String

Pattern: .*\S.*

Required: No

Phase1DhGroupNumbers

The permitted Diffie-Hellman group numbers for the VPN tunnel for phase 1 IKE negotiations.

Type: Array of integers

Required: No

Phase1EncryptionAlgorithms

The permitted encryption algorithms for the VPN tunnel for phase 1 IKE negotiations.

Type: Array of strings

Pattern: .*\S.*

Required: No

Phase1IntegrityAlgorithms

The permitted integrity algorithms for the VPN tunnel for phase 1 IKE negotiations.

Type: Array of strings

Pattern: .*\S.*

Required: No

Phase1LifetimeSeconds

The lifetime for phase 1 of the IKE negotiation, in seconds.

Type: Integer

Required: No

Phase2DhGroupNumbers

The permitted Diffie-Hellman group numbers for the VPN tunnel for phase 2 IKE negotiations.

Type: Array of integers

Required: No

Phase2EncryptionAlgorithms

The permitted encryption algorithms for the VPN tunnel for phase 2 IKE negotiations.

Type: Array of strings

Pattern: .*\S.*

Required: No

Phase2IntegrityAlgorithms

The permitted integrity algorithms for the VPN tunnel for phase 2 IKE negotiations.

Type: Array of strings

Pattern: .*\S.*

Required: No

Phase2LifetimeSeconds

The lifetime for phase 2 of the IKE negotiation, in seconds.

Type: Integer

Required: No

PreSharedKey

The preshared key to establish initial authentication between the virtual private gateway and the customer gateway.

Type: String

Pattern: .*\S.*

Required: No

RekeyFuzzPercentage

The percentage of the rekey window, which is determined by RekeyMarginTimeSeconds during which the rekey time is randomly selected.

Type: Integer

Required: No

RekeyMarginTimeSeconds

The margin time, in seconds, before the phase 2 lifetime expires, during which the AWS side of the VPN connection performs an IKE rekey.

Type: Integer

Required: No

ReplayWindowSize

The number of packets in an IKE replay window.

Type: Integer

Required: No

TunnelInsideCidr

The range of inside IPv4 addresses for the tunnel.

Type: String

Pattern: .*\S.*

Required: No

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: