Skip to main content
Table of contents
This page describes what to do in case of an Icinga alert. For more information you could search the govuk-puppet repo for the source of the alert

Icinga alerts

Cannot ping across AWS-Carrenza VPN

There is a VPN tunnel between AWS and Carrenza for both the Staging and Production environment.

You can check the status and troubleshoot the VPN.

If the VPN is up/active and the ping probes are failing, check the following:

  1. The security groups of the AWS EC2 instances allow ping packets, i.e. ICMP packets

  2. The firewall in the vCloud in Carrenza allows ping packets

  3. The VPN routes have been propagated to the subnet of the AWS EC2 instances

  4. In the Carrenza vCloud Graphical User Interface (GUI), check that the subnet of the VPN includes the Carrenza endpoint that is being pinged.

This page was last reviewed on 28 February 2020. It needs to be reviewed again on 28 May 2020 by the page owner #re-govuk .
This page was set to be reviewed before 28 May 2020 by the page owner #re-govuk. This might mean the content is out of date.