Skip to main content
Table of contents
This page describes what to do in case of an Icinga alert. For more information you could search the govuk-puppet repo for the source of the alert

Icinga alerts

Cannot ping across AWS-Carrenza VPN

There is a VPN tunnel between AWS and Carrenza for both the Staging and Production environment.

To check the status and obtain troubleshooting information about the VPN, please consult the document here

If the VPN is up/active and the ping probes are failing, check the following:

  1. The security groups of the AWS EC2 instances allow ping packets, i.e. ICMP packets

  2. The firewall in the vCloud in Carrenza allows ping packets

  3. The VPN routes have been propagated to the subnet of the AWS EC2 instances

  4. In the Carrenza vCloud Graphical User Interface (GUI), check that the subnet of the VPN includes the Carrenza endpoint that is being pinged.

This page was last reviewed on 27 June 2019. It needs to be reviewed again on 27 December 2019 by the page owner #govuk-2ndline .
This page was set to be reviewed before 27 December 2019 by the page owner #govuk-2ndline. This might mean the content is out of date.