This topic explains why an SAG-100WM connected to a Cloud Enterprise Network (CEN) instance fails to ping Elastic Compute Service (ECS) instances also connected to the CEN instance, or an SAG-100WM connected to a Cloud Connect Network (CCN) instance fails to ping clients also connected to the CCN instance.
Symptoms
A terminal fails to access Alibaba Cloud. For example, a terminal connected to a CEN instance fails to ping ECS instances also connected to the CEN instance, or a terminal connected to a CCN instance fails to ping clients also connected to the CCN instance.
Causes
The connection between the on-premises terminal and the SAG-100WM device is faulty.
The VPN tunnel between the SAG-100WM device and Alibaba Cloud is faulty.
The ECS instance is faulty.
The Internet service provider (ISP) network is faulty.
Solutions
Log on to the SAG console.
Click the ID of the SAG instance and check whether its status is Ready.
If the status is Disconnected, refer to SAG device disconnections to troubleshoot errors.
If the status is Connected, refer to 3 to troubleshoot errors.
Check whether the CLOUD indicator light of the SAG-100WM device is on.
If the light is on, it indicates that the VPN tunnel between the SAG-100WM device and Alibaba Cloud is error-free. Log on to the ECS console to check whether the security group rules of the ECS instance allow network traffic from the on-premises network.
If the CLOUD indicator light is off, it indicates that the VPN tunnel between the SAG-100WM device and Alibaba Cloud is faulty. Refer to 4 to troubleshoot errors.
Check the intermediary device, such as the router.
Configure PPPoE for the WAN port and connect the WAN port to the ISP network without a router.
If the CLOUD light remains off, refer to 5 to troubleshoot errors.
Check whether the software installed on the SAG device has errors. If so, restart the SAG device.