Back to All Checks
Medium EC2 Regional

Both VPN tunnels for an AWS Site-to-Site VPN connection should be up

NISTISO 27001

Description

Checks whether both VPN tunnels for an AWS Site-to-Site VPN connection are up.

Remediation

To comply with this control, ensure that both tunnels of your AWS Site-to-Site VPN connection are operational. If one or both tunnels are down, troubleshoot the connection to restore full functionality.

Steps

  1. Sign in to the AWS Management Console and open the VPC console at https://console.aws.amazon.com/vpc/.
  2. In the VPC console, click on 'Site-to-Site VPN Connections' in the left navigation pane.
  3. Select the VPN connection you want to check.
  4. In the 'Tunnel Details' tab, check the status of each tunnel.
  5. If a tunnel is down, review the tunnel's configuration and your customer gateway configuration.
  6. Ensure that the customer gateway device is operational and properly configured.
  7. Verify that your firewall and security group settings allow traffic to and from the VPN connection.
  8. If necessary, consult the VPN connection logs for error messages and additional troubleshooting information.

Compliance

NISTISO 27001
Start Your Free Security Check