All Products
Search

This Product

    Bastionhost:Diagnose network issues

    Document Center

    Bastionhost:Diagnose network issues

    Last Updated:Mar 31, 2026

    Bastionhost checks connectivity between a bastion host and its managed assets automatically. Run a manual test anytime to confirm reachability or investigate a failure.

    Set up periodic connectivity checks

    1. Log on to the Bastionhost console. In the top navigation bar, select the region where your bastion host resides.

    2. In the bastion host list, find the target instance and click Manage.

    3. In the left-side navigation pane, click System Settings.

    4. On the Network Diagnosis tab, go to the Connectivity Check Settings section. Select Periodic Check of Asset Connectivity and set a check interval.

      Valid values: 1 hour to 24 hours.

    Check results appear in the Network Status column of the asset list. Possible values are Normal, Port Exception, Network Timeout, and Proxy Server Exception. For details on each status, see Manage a host.

    Run a manual connectivity test

    1. Log on to the Bastionhost console. In the top navigation bar, select the region where your bastion host resides.

    2. In the bastion host list, find the target instance and click Manage.

    3. In the left-side navigation pane, click System Settings.

    4. On the Network Diagnosis tab, go to the Connectivity Test section. Configure the Network Status and Port parameters, then click Test Connection.

      The test result appears in a message on the page. For more information about how to troubleshoot connectivity exceptions, see Handle connectivity exceptions.

    Note

    To check connectivity from the asset list, go to Assets > Hosts or Assets > Database and click Check Network Status of Asset. Network status on the O&M page syncs from the Assets page on each refresh. A manual test run from the O&M page does not write results back to the Assets page.

    Handle connectivity exceptions

    If a connectivity test fails, perform the following checks to identify the cause:

    • Check whether the security group rules allow access from the bastion host to the port of the specific host.

    • Check whether Cloud Firewall is deployed for the specific host and whether policies that allow access from the bastion host to the port of the specific host are configured. For more information, see Configure access control policies in scenarios in which Cloud Firewall is deployed together with Bastionhost.

    • Check whether an on-premises firewall is deployed for the specific host and whether policies that allow access from the bastion host to the port of the specific host are configured.

    Next steps