Modifies the configurations of an SSL server.
Usage notes
- If you modify only the name of the SSL server, the operation is synchronous. If you also modify other configurations besides the name, the operation is asynchronous.
- When ModifySslVpnServer is an asynchronous operation, the system returns a request ID and runs the task in the background. You can call DescribeVpnGateway to query the status of the task.
- If a VPN gateway is in the updating state, the configurations of the SSL server are being modified.
- If a VPN gateway is in the active state, the configurations of the SSL server are modified.
- You cannot repeatedly call ModifySslVpnServer to modify the configurations of an SSL server within the specified period of time.
Debugging
Request parameters
Parameter | Type | Required | Example | Description |
---|---|---|---|---|
Action | String | Yes | ModifySslVpnServer | The operation that you want to perform. Set the value to ModifySslVpnServer. |
ClientToken | String | No | 02fb3da4-130e-11e9-8e44-0016e04115b | The client token that is used to ensure the idempotence of the request. You can use the client to generate the token, but you must make sure that the token is unique among different requests. The token can contain only ASCII characters. Note If you do not specify this parameter, the system automatically uses request ID as the client token. The request ID may be different for each request. |
RegionId | String | Yes | cn-hangzhou | The region ID of the VPN gateway. You can call the DescribeRegions operation to query the most recent list of regions. |
SslVpnServerId | String | Yes | vss-bp18q7hzj6largv4v**** | The ID of the SSL server. |
Name | String | No | test | The name of the SSL server. The name must be 1 to 100 characters in length, and cannot start with |
ClientIpPool | String | No | 10.30.30.0/24 | The client IP address pool. |
LocalSubnet | String | No | 10.20.20.0/24 | The CIDR block of the client. |
Proto | String | No | UDP | The protocol that is used by the SSL server. Valid values:
|
Cipher | String | No | AES-128-CBC | The encryption algorithm that is used by the SSL server. Valid values:
|
Port | Integer | No | 1194 | The port that is used by the SSL server. Valid values of port numbers: 1 to 65535. Default value: 1194. The following ports are not supported: 22, 2222, 22222, 9000, 9001, 9002, 7505, 80, 443, 53, 68, 123, 4510, 4560, 500, and 4500. |
Compress | Boolean | No | true | Specifies whether to enable data compression. Valid values:
|
EnableMultiFactorAuth | Boolean | No | false | Specifies whether to enable two-factor authentication.
|
IDaaSInstanceId | String | No | idaas-cn-hangzhou-**** | The ID of the Identity as a Service (IDaaS) instance. |
IDaaSRegionId | String | No | cn-hangzhou | The ID of the region where the IDaaS instance is created. |
Response parameters
Parameter | Type | Example | Description |
---|---|---|---|
InternetIp | String | 47.98.XX.XX | The public IP address. |
IDaaSInstanceId | String | idaas-cn-hangzhou-**** | The ID of the IDaaS instance. |
CreateTime | Long | 1492753580000 | The time when the SSL server was created. |
VpnGatewayId | String | vpn-bp1q8bgx4xnkm2ogj**** | The ID of the VPN gateway. |
Compress | Boolean | false | Indicates whether data compression is enabled. |
Port | Integer | 1194 | The port that is used by the SSL server. |
LocalSubnet | String | 10.20.20.0/24 | The CIDR block of the client. |
RegionId | String | cn-hangzhou | The ID of the region where the SSL server is created. |
Cipher | String | AES-128-CBC | The encryption algorithm. |
RequestId | String | DF11D6F6-E35A-41C3-9B20-6FC8A901FE65 | The request ID. |
Connections | Integer | 0 | The total number of current connections. |
SslVpnServerId | String | vss-bp18q7hzj6largv4v**** | The ID of the SSL server. |
MaxConnections | Integer | 5 | The maximum number of connections. |
Name | String | test | The name of the SSL server. |
EnableMultiFactorAuth | Boolean | false | Indicates whether two-factor authentication is enabled.
|
ClientIpPool | String | 10.30.30.0/24 | The client IP address pool. |
Proto | String | UDP | The protocol that is used by the SSL server. |
Examples
Sample requests
https://vpc.aliyuncs.com/?Action=ModifySslVpnServer
&RegionId=cn-hangzhou
&SslVpnServerId=vss-bp18q7hzj6largv4****
&<Common request parameters>
Sample success responses
XML
format
HTTP/1.1 200 OK
Content-Type:application/xml
<ModifySslVpnServerResponse>
<InternetIp>47.98.XX.XX</InternetIp>
<IDaaSInstanceId>idaas-cn-hangzhou-****</IDaaSInstanceId>
<CreateTime>1492753580000</CreateTime>
<VpnGatewayId>vpn-bp1q8bgx4xnkm2ogj****</VpnGatewayId>
<Compress>false</Compress>
<Port>1194</Port>
<LocalSubnet>10.20.20.0/24</LocalSubnet>
<RegionId>cn-hangzhou</RegionId>
<Cipher>AES-128-CBC</Cipher>
<RequestId>DF11D6F6-E35A-41C3-9B20-6FC8A901FE65</RequestId>
<Connections>0</Connections>
<SslVpnServerId>vss-bp18q7hzj6largv4v****</SslVpnServerId>
<MaxConnections>5</MaxConnections>
<Name>test</Name>
<EnableMultiFactorAuth>false</EnableMultiFactorAuth>
<ClientIpPool>10.30.30.0/24</ClientIpPool>
<Proto>UDP</Proto>
</ModifySslVpnServerResponse>
JSON
format
HTTP/1.1 200 OK
Content-Type:application/json
{
"InternetIp" : "47.98.XX.XX",
"IDaaSInstanceId" : "idaas-cn-hangzhou-****",
"CreateTime" : 1492753580000,
"VpnGatewayId" : "vpn-bp1q8bgx4xnkm2ogj****",
"Compress" : false,
"Port" : 1194,
"LocalSubnet" : "10.20.20.0/24",
"RegionId" : "cn-hangzhou",
"Cipher" : "AES-128-CBC",
"RequestId" : "DF11D6F6-E35A-41C3-9B20-6FC8A901FE65",
"Connections" : 0,
"SslVpnServerId" : "vss-bp18q7hzj6largv4v****",
"MaxConnections" : 5,
"Name" : "test",
"EnableMultiFactorAuth" : false,
"ClientIpPool" : "10.30.30.0/24",
"Proto" : "UDP"
}
Error codes
HttpCode | Error code | Error message | Description |
---|---|---|---|
400 | InvalidName | The name is not valid | The format of the name is invalid. |
400 | VpnGateway.Configuring | The specified service is configuring. | The operation is not allowed when the specified service is being configured. Try again later. |
400 | VpnGateway.FinancialLocked | The specified service is financial locked. | The service is suspended due to overdue payments. Top up your account first. |
400 | SslVpnServer.AddRouteError | Add route error whose destination is client IP pool, please check vpc route entry and relevant quota. | The system failed to add the route that points to the client CIDR block. Check the VPC route and quota. |
400 | ClientIpPool.NetmaskInvalid | The netmask length of client IP pool must be greater than or equal to 16 and less than or equal to 29. | The subnet mask of the client IP pool must range from 16 to 29. |
400 | ClientIpPool.SubnetInvalid | The specified client IP pool cannot be used. | The client CIDR block is unavailable. |
400 | MissingParameter.IDaaSInstanceId | The input parameter IDaaSInstanceId is mandatory when enable multi-factor authentication. | You must specify the IDaaSInstanceId parameter when you enable two-factor authentication. |
400 | OperationFailed.NoRamPermission | Vpn Service has no permission to operate your IDaaS instances. | The VPN service does not have the permissions to manage your IDaaS instance. |
400 | SystemBusy | The system is busy. Please try again later. | The system is unavailable. Try again later. |
400 | SslVpnServerPort.Illegal | The server port is not in the range of [1-65535]. | The port of the SSL server must be from 1 to 65535. |
403 | Forbbiden.SubUser | User not authorized to operate on the specified resource as your account is created by another user. | You are unauthorized to perform this operation on the specified resource. You can apply for the required permissions and try again. |
403 | Forbidden | User not authorized to operate on the specified resource. | You are unauthorized to perform this operation on the specified resource. You can apply for the required permissions and try again. |
404 | InvalidRegionId.NotFound | The specified region is not found during access authentication. | The specified area is not found during authentication. |
For a list of error codes, see Service error codes.