我正在尝试使用 PowerShell 与 AWS 中转网关建立新的 vpn 连接。我需要一些有关如何设置隧道选项的帮助。AWS 的示例文档非常有限。这是文档的链接:VPNTunnelSpecifications。
这是我的脚本:
foreach ($v in $vpn) {
$name = $v.vpnname
$peer = $v.peerip
$psk = $v.psk
$type = 'ipsec.1'
$tgwid = 'tgw-07b5dbf2e29'
$agency = $v.Agency
$program = $v.Program
$poc = $v.poc
$ph1dh = @(14, 15, 16, 17, 18, 22, 23, 24)
$ph1ike = @("ikev2")
$ph1enc = @("AES256")
$ph1int = @("SHA2-256")
$ph2dh = @(14, 15, 16, 17, 18, 22, 23, 24)
$ph2enc = @("AES256")
$ph2int = @("SHA2-256")
$TunnelOptions = @( @{key = "dpdtimeoutseconds"; value = 30 }, `
@{key = "IKEVersions"; value = $ph1ike }, `
@{key = "Phase1DHGroupNumbers"; value = $ph1dh }, `
@{key = "Phase1EncryptionAlgorithms"; value = $ph1enc }, `
@{key = "Phase1IntegrityAlgorithms"; value = $ph1int }, `
@{key = "Phase1LifetimeSeconds"; value = 28800 }, `
@{key = "Phase2DHGroupNumbers"; value = $ph2dh }, `
@{key = "Phase2EncryptionAlgorithms"; value = $ph2enc }, `
@{key = "Phase2IntegrityAlgorithms"; value = $ph2int }, `
@{key = "Phase2LifetimeSeconds"; value = 3600 }, `
@{key = "PreSharedKey"; value = $psk }
)
##create customer gateway
$cg = New-EC2CustomerGateway -type $type -PublicIp $peer -DeviceName $name
$cg
$cgid = $cg.CustomerGatewayId
$cgid
$vpngateway = New-EC2VpnConnection -CustomerGatewayId $cgid -TransitGatewayId $tgwid -Options_TunnelOption $TunnelOptions
$vpngateway
$VGWid = $vpngateway.VpnGatewayId
$VGWid
}
如果我运行脚本,我会上线
$vpngateway = New-EC2VpnConnection -CustomerGatewayId $cgid -TransitGatewayId $tgwid -Options_TunnelOption $TunnelOptions
以下错误:
New-EC2VpnConnection : Cannot bind parameter 'Options_TunnelOption'.
Cannot create object of type
"Amazon.EC2.Model.VpnTunnelOptionsSpecification". The key property was
not found for the Amazon.EC2.Model.VpnTunnelOptionsSpecification
object. The available property is: [DPDTimeoutSeconds <System.Int32>]
, [IKEVersions
<System.Collections.Generic.List`1[[Amazon.EC2.Model.IKEVersionsRequestListValue,
AWSSDK.EC2, Version=3.3.0.0, Culture=neutral,
PublicKeyToken=885c28607f98e604]]>] , [Phase1DHGroupNumbers
<System.Collections.Generic.List`1[[Amazon.EC2.Model.Phase1DHGroupNumbersRequestListValue,
AWSSDK.EC2, Version=3.3.0.0, Culture=neutral,
PublicKeyToken=885c28607f98e604]]>] , [Phase1EncryptionAlgorithms
<System.Collections.Generic.List`1[[Amazon.EC2.Model.Phase1EncryptionAlgorithmsRequestListValue,
AWSSDK.EC2, Version=3.3.0.0, Culture=neutral,
PublicKeyToken=885c28607f98e604]]>] , [Phase1IntegrityAlgorithms
<System.Collections.Generic.List`1[[Amazon.EC2.Model.Phase1IntegrityAlgorithmsRequestListValue,
AWSSDK.EC2, Version=3.3.0.0, Culture=neutral,
PublicKeyToken=885c28607f98e604]]>] , [Phase1LifetimeSeconds
<System.Int32>] , [Phase2DHGroupNumbers
<System.Collections.Generic.List`1[[Amazon.EC2.Model.Phase2DHGroupNumbersRequestListValue,
AWSSDK.EC2, Version=3.3.0.0, Culture=neutral,
PublicKeyToken=885c28607f98e604]]>] , [Phase2EncryptionAlgorithms
<System.Collections.Generic.List`1[[Amazon.EC2.Model.Phase2EncryptionAlgorithmsRequestListValue,
AWSSDK.EC2, Version=3.3.0.0, Culture=neutral,
PublicKeyToken=885c28607f98e604]]>] , [Phase2IntegrityAlgorithms
<System.Collections.Generic.List`1[[Amazon.EC2.Model.Phase2IntegrityAlgorithmsRequestListValue,
AWSSDK.EC2, Version=3.3.0.0, Culture=neutral,
PublicKeyToken=885c28607f98e604]]>] , [Phase2LifetimeSeconds
<System.Int32>] , [PreSharedKey <System.String>] ,
[RekeyFuzzPercentage <System.Int32>] , [RekeyMarginTimeSeconds
<System.Int32>] , [ReplayWindowSize <System.Int32>] ,
[TunnelInsideCidr <System.String>] At line:1 char:108
+ ... d $cgid -TransitGatewayId $tgwid -Options_TunnelOption $TunnelOptions
+ ~~~~~~~~~~~~~~
+ CategoryInfo : InvalidArgument: (:) [New-EC2VpnConnection], ParameterBindingException
+ FullyQualifiedErrorId : CannotConvertArgumentNoMessage,Amazon.PowerShell.Cmdlets.EC2.NewEC2VpnConnectionCmdlet