Monitor your AWS Site to Site VPN tunnels Status

How can we monitor AWS Site to Site VPN tunnels Status and get notified when the vpn tunnels are down?

Goal: Monitor your vpn tunnels and send email to the operation when the vpn tunnel is down.

Architecture:

There is a site to site vpn connection between AWS cloud and on-premise network.

How can we monitor the vpn status and get notification in real time if the vpn connection is down ?

1. Create SNS Topic:

Create Topic

Input topic name ,and “Display name”(email title)

Click Create subscription

Input the email address that you want to receive notification

Before subscription is confirmed ,it shows “Pending confirmation” in Status

Click to confirm

Subscription confirmed

2. Cloudwatch Alert Setting:

Go to Cloudwatch page.

Click Alarms

Create alarm

Click "Select metric” and “Next”

Select VPN Connection Metrics

Select the Vpnid that you use and chose Metric Name “TunnelStatus”

Input Metric name ,chose Statistic to “Maximum”,Period

Tunnel status : up‘s value equal to “1", down‘s value equal to “0".

You want to receive notification when vpn status is down ,so select Lower/Equal ≤0

Select in alarm trigger to send a notification to your SNS topic

Input VPN Alarm Name

Create alarm

When alarm is created ,it will show insufficient data in state.

When vpn is down , we can get alert from SNS through email.

Thanks for reading!