This page describes what to do in case of an
Icinga alert.
For more information you could
search the govuk-puppet repo for the source of the alert
Warning
This document has not been updated for a while now. It may be out of date.
Last updated:
1 Jun 2020
Cannot ping across AWS-Carrenza VPN
There is a VPN tunnel between AWS and Carrenza for both the Staging and Production environment.
You can check the status and troubleshoot the VPN.
If the VPN is up/active and the ping probes are failing, check the following:
-
The security groups of the AWS EC2 instances allow ping packets, i.e. ICMP packets
-
The firewall in the vCloud in Carrenza allows ping packets
-
The VPN routes have been propagated to the subnet of the AWS EC2 instances
-
In the Carrenza vCloud Graphical User Interface (GUI), check that the subnet of the VPN includes the Carrenza endpoint that is being pinged.