CreateCustomerGateway - Amazon Elastic Compute Cloud

CreateCustomerGateway

Provides information to AWS about your VPN customer gateway device. The customer gateway is the appliance at your end of the VPN connection. (The device on the AWS side of the VPN connection is the virtual private gateway.) You must provide the Internet-routable IP address of the customer gateway's external interface. The IP address must be static and can be behind a device performing network address translation (NAT).

For devices that use Border Gateway Protocol (BGP), you can also provide the device's BGP Autonomous System Number (ASN). You can use an existing ASN assigned to your network. If you don't have an ASN already, you can use a private ASN (in the 64512 - 65534 range).

Note

Amazon EC2 supports all 2-byte ASN numbers in the range of 1 - 65534, with the exception of 7224, which is reserved in the us-east-1 Region, and 9059, which is reserved in the eu-west-1 Region.

For more information, see AWS Site-to-Site VPN in the AWS Site-to-Site VPN User Guide.

Important

To create more than one customer gateway with the same VPN type, IP address, and BGP ASN, specify a unique device name for each customer gateway. Identical requests return information about the existing customer gateway and do not create new customer gateways.

Request Parameters

The following parameters are for this specific action. For more information about required and optional parameters that are common to all actions, see Common Query Parameters.

BgpAsn

For devices that support BGP, the customer gateway's BGP ASN.

Default: 65000

Type: Integer

Required: Yes

CertificateArn

The Amazon Resource Name (ARN) for the customer gateway certificate.

Type: String

Required: No

DeviceName

A name for the customer gateway device.

Length Constraints: Up to 255 characters.

Type: String

Required: No

DryRun

Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.

Type: Boolean

Required: No

IpAddress

The Internet-routable IP address for the customer gateway's outside interface. The address must be static.

Type: String

Required: No

TagSpecification.N

The tags to apply to the customer gateway.

Type: Array of TagSpecification objects

Required: No

Type

The type of VPN connection that this customer gateway supports (ipsec.1).

Type: String

Valid Values: ipsec.1

Required: Yes

Response Elements

The following elements are returned by the service.

customerGateway

Information about the customer gateway.

Type: CustomerGateway object

requestId

The ID of the request.

Type: String

Errors

For information about the errors that are common to all actions, see Common Client Errors.

Example

Example

This example creates a customer gateway with the name my-device, the IP address 12.1.2.3, and BGP ASN 65534.

Sample Request

https://ec2.amazonaws.com/?Action=CreateCustomerGateway &Type=ipsec.1 &PublicIp=12.1.2.3 &BgpAsn=65534 &DeviceName=my-device &AUTHPARAMS

Sample Response

<CreateCustomerGatewayResponse xmlns="http://ec2.amazonaws.com/doc/2016-11-15/"> <requestId>7a62c49f-347e-4fc4-9331-6e8eEXAMPLE</requestId> <customerGateway> <customerGatewayId>cgw-11223344556677abc</customerGatewayId> <state>pending</state> <type>ipsec.1</type> <ipAddress>12.1.2.3</ipAddress> <bgpAsn>65534</bgpAsn> <deviceName>my-device</deviceName> <tagSet/> </customerGateway> </CreateCustomerGatewayResponse>

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: