Medium

Ensure both VPN tunnels are up

Availability
Description

To ensure network traffic flows over your Virtual Private Network (VPN), it's essential to have your Amazon VPN tunnels in an UP state. Cloud Conformity continuously monitors your AWS VPN tunnels for any downtime and sends alert notifications if they become unavailable (DOWN). Optionally, you can create CloudWatch alarms that monitor the state of your VPN tunnels and send email notifications when the state changes to DOWN. You can use the AWS CloudWatch metric "TunnelState" to detect changes in VPN tunnel status. The metric reports a value of 0 for DOWN (offline) and 1 for UP (online), and its unit is Count.

Remediation

To ensure that your Amazon VPN tunnels are in an UP state, you can follow these remediation steps:

  1. Log in to the AWS Management Console.
  2. Navigate to the Amazon VPC dashboard.
  3. In the navigation pane, select "VPN Connections."
  4. Review the list of VPN connections and ensure that the "State" column displays "UP" for each VPN tunnel.
  5. If a VPN tunnel is in a DOWN state, try restarting the tunnel by selecting it and then selecting the "Actions" dropdown menu and choosing "Restart VPN Connection."
  6. If the issue persists, review the VPN configuration and ensure that all settings are correct.
  7. Consider creating CloudWatch alarms that monitor the state of your VPN tunnels and send email notifications when the tunnels state changes to DOWN, using the "TunnelState" metric.

By regularly monitoring the state of your VPN tunnels and ensuring that they are UP, you can ensure that network traffic flows over your Virtual Private Network and avoid potential downtime.

Enforced Resources
Note: Remediation steps provided by Lightlytics are meant to be suggestions and guidelines only. It is crucial to thoroughly verify and test any remediation steps before applying them to production environments. Each organization's infrastructure and security needs may differ, and blindly applying suggested remediation steps without proper testing could potentially cause unforeseen issues or vulnerabilities. Therefore, it is strongly recommended that you validate and customize any remediation steps to meet your organization's specific requirements and ensure that they align with your security policies and best practices.

Step into the Future of SecOps