- Newest
- Most votes
- Most comments
Hello, I believe as recommended, opening a support case would be the best bet. Even Developer Plan has Email support. In any case, I would recommend checking the CGW side logs. Since Site to Site VPN also has aCustomer Gateway which is on the On-Premise device. Also check for the timestamp when the tunnels went down exactly so that you can have the debug logs and check further. Also, Was the VPN ever working ? AWS VPN has 2 phases- It will be better to proceed with the troubleshooting steps on what phase has caused an issue. Phase-1: https://aws.amazon.com/premiumsupport/knowledge-center/vpn-tunnel-phase-1-ike/ Phase-2: https://aws.amazon.com/premiumsupport/knowledge-center/vpn-tunnel-phase-2-ipsec/
Another suggestion would be to check the troubleshooting from the CGW side by contacting the CGW side Vendor. Hope this helps.
I'd recommend that you create a support case for this - as you've been through the steps documented we (here on re:Post) don't have access to live systems in your account; but the support team can help you with that.
We have a basic account, so unfortunately that isn't possible either. Is there any way to understand what is going wrong with the connection? Or would deleting and recreating the VPN be a better bet?
Hello. AWS VPN logs are proprietary to AWS Internal VPN teams only and are not customer facing. You will have to Premium Support or contact the the accounts team to help you get the logs. However, they are not public facing and are not visible to any AWS customers despite the Support Plan level.
You can use Cloud watch logs to check the tunnel Status and Tunnel Data In/Out as per the link mentioned on the public facing document. https://docs.aws.amazon.com/vpn/latest/s2svpn/monitoring-cloudwatch-vpn.html
Understood, thanks!
Relevant content
- Accepted Answerasked 2 years ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 2 years ago
I would also recommend to check for any PHD which is Dashboard notifications received during the same time with respect to the VPN.
The fix was to create a DNAT config in the client vendor's network. I was trying to find logging for all VPN services but couldn't get anything. Could you guide me on where to find logs for the same?