All Products
Search

This Product

    VPN Gateway:Monitor system events of a VPN gateway

    Document Center

    VPN Gateway:Monitor system events of a VPN gateway

    Last Updated:Nov 06, 2023

    When you use a VPN gateway, CloudMonitor automatically monitors system events such as service failures, O&M events, and user service exceptions. This topic describes how to view system events in the CloudMonitor console and configure alert rules for system events.

    Background

    CloudMonitor monitors the following system events when you use a VPN gateway. Each system event has a default severity level. You can specify a custom severity level for a system event when you create an alert rule.

    System events are classified based on the following severity levels:

    • CRITICAL: critical We recommend that you handle such system events at the earliest opportunity.

    • WARN: warning We recommend that you handle such system events based on your requirements.

    • INFO: information You do not need to handle such system events.

    Important

    A system event occurs only when the status of VPN gateway resources changes.

    For example, if the initial health check status of an IPsec-VPN connection is Failed due to wrong configurations, the health check failed system event does not occur. The health check success or health check failed system event occurs only when the health check status changes from Failed to Successful or from Successful to Failed. If you have configured alert rules for system events, you are notified of the system event.

    System event

    Severity

    Description

    The certificate expires

    CRITICAL

    The SSL certificate associated with a ShangMi (SM) VPN gateway has expired.

    health check failed

    WARN

    In scenarios in which an IPsec-VPN connection is associated with a VPN gateway, the IPsec-VPN connection fails health checks.

    health check success

    INFO

    In scenarios in which an IPsec-VPN connection is associated with a VPN gateway, the IPsec-VPN connection passes health checks.

    Phase 1 negotiations fail

    WARN

    In scenarios in which an IPsec-VPN connection is associated with a VPN gateway, Phase 1 negotiations fail.

    Phase 1 negotiations succeed

    INFO

    In scenarios in which an IPsec-VPN connection is associated with a VPN gateway, Phase 1 negotiations succeed.

    Phase 2 negotiations fail

    WARN

    In scenarios in which an IPsec-VPN connection is associated with a VPN gateway, Phase 2 negotiations fail.

    Phase 2 negotiations succeed

    INFO

    In scenarios in which an IPsec-VPN connection is associated with a VPN gateway, Phase 2 negotiations succeed.

    The IPsec-VPN connection fails health checks

    WARN

    In scenarios in which an IPsec-VPN connection is associated with a transit router, the IPsec-VPN connection fails health checks.

    The IPsec-VPN connection passes health checks

    INFO

    In scenarios in which an IPsec-VPN connection is associated with a transit router, the IPsec-VPN connection passes health checks.

    Phase 1 negotiations fail

    WARN

    In scenarios in which an IPsec-VPN connection is associated with a transit router, Phase 1 negotiations fail.

    Phase 1 negotiations succeed

    INFO

    In scenarios in which an IPsec-VPN connection is associated with a transit router, Phase 1 negotiations succeed.

    Phase 2 negotiations fail

    WARN

    In scenarios in which an IPsec-VPN connection is associated with a transit router, Phase 2 negotiations fail.

    Phase 2 negotiations succeed

    INFO

    In scenarios in which an IPsec-VPN connection is associated with a transit router, Phase 2 negotiations succeed.

    View system events of a VPN gateway

    You can view system events of a VPN gateway in the CloudMonitor console.

    1. Log on to the CloudMonitor console.

    2. In the left-side navigation pane, choose Event Center > System Event.

    3. On the Event Monitoring tab, select VPN Gateway, select a severity level, an event name, and a time period, and then click Search.

    4. In the event list, you can view event information in the Event Level, Region, Resource, and Contents columns.

      You can also click Details in the Actions column to view the details about a system event. The information in the Event Details panel is in the JSON format.

    Create an alert rule for a VPN gateway system event

    We recommend that you create alert rules so that you can be notified in a timely manner when system events occur.

    1. Log on to the CloudMonitor console.

    2. In the left-side navigation pane, choose Event Center > System Event.

    3. On the System Event page, click the Event-triggered Alert Rules tab. On the Event-triggered Alert Rules tab, click Create Alert Rule.

    4. In the Create/Modify Event Alert panel, set the parameters and click OK.

      Select VPN Gateway in the Product Type section and set the other parameters. For more information about the other parameters, see Manage system event-triggered alert rules.

      After you create an alert rule, you can view it on the Event-triggered Alert Rules tab.

    What to do next

    If a system event occurs or you receive an alert notification, you can troubleshoot in the VPN Gateway console. For more information, see Troubleshoot IPsec-VPN connection issues.

    References

    For more information about system events of Alibaba Cloud services, see Overview.