If you or your connection uses a VPN to secure your data exchange, you can check the VPN status on the Subscriptions tab of the Connections page in the Redox dashboard.
A VPN status represents the state of the VPN tunnel configured between Redox and your organization, or your connection and Redox. You may want to check the VPN status if you see one or more failed requests to or from a VPN-secured configuration. Alternatively, you can monitor alerts or create a traffic alert rule to proactively receive notifications related to VPN issues.
For details about each VPN test and status type, check out the definitions at the end of this article.
- From the navigation menu, click the Connections page.
- All of your connections display on the page. Select the connection that you want to check.
- The Subscriptions page opens with more detailed information.
- Subscriptions: Shows the directionality of the information. Read more about subscriptions.
- VPN status: Displays the latest VPN status. Review the status definition table to find out what each color means.
- Locate the subscription that you want to check and hover over the status icon. The Network Status List modal appears with the details for the given subscription, along with the IP and port values.
![Check the status of a VPN connection]()
Check the status of a VPN connection - If you want more details about the VPN test or status, click the endpoint name.
- If your connection owns the endpoint, the endpoint settings page opens with Base Info, Status Info, and VPN Info sections.
![Check the endpoint details]()
Check the endpoint details - Base Info: Describes the subscription.
- Status Info: Displays the results from the VPN test(s). Review the status definition table at the end of this article to find out what each VPN test type means. A status check can include either a Security Association (SA), TCP heartbeat or ping, or both.If you see a ping instead of a TCP heartbeat
- VPN Info: Shows the sending and receiving IP addresses for VPN. It also shows the receiving port value.
- If you own the endpoint, the Developer settings page opens with the communication method, data format, and Status Info section (which is the same as the Status Info described above).
![VPN status in Developer settings]()
VPN status in Developer settings
A status check can include either a Security Association, TCP heartbeat or ping, or both.
- Security association (SA): Tests that both servers have the necessary information to exchange data securely. This tells you whether the VPN tunnel is active.
- TCP heartbeat: Tests whether the VPN endpoint is receiving data. This is our default check for VPN configurations receiving data from Redox and is recommended over a ping since it's more reliable. Sometimes an interface setup doesn't support TCP heartbeat, in which case, we may fall back to testing with a ping. Read more about TCP heartbeat or ping.
- Ping: Tests whether the VPN endpoint is receiving data. Read more about ping.
Review the table below for a breakdown of the possible statuses.
The overall status displays on the Subscriptions tab.
Status color | Notes |
|---|---|
Green | Success. For a node that sends data over VPN, this means that Redox has an established SA over VPN. For a node that receives data over VPN, this is a combined status of the SA and TCP heartbeat or ping tests. Since the combined status reflects the worst case status between the two, a green status means that Redox has an established SA over VPN and can communicate with the configured VPN IP (with a TCP heartbeat, test, Redox can also communicate with the configured port). |
Red | Failure. For a node that sends data over VPN, this means that Redox couldn't establish an SA over VPN. For a node that receives data over VPN, this is a combined status of the SA and TCP heartbeat or ping tests. Since the combined status reflects the worst case status between the two, a red status means that Redox either can't establish SA over VPN or can't communicate with the configured VPN IP (with a TCP heartbeat test, this would include not being able to communicate with the configured port). |
Yellow | Warning. For a node that receives data over VPN, the VPN is healthy, but the connection's firewall or interface is responding with an error. The VPN node may not be listening on the port that Redox is sending to or you need to complete routing rules. |
Gray | Unknown. For a node that sends data over VPN, this indicates that there's insufficient data to determine the VPN status. |
The detailed status either displays when you hover over the status icon on the Subscriptions tab. Alternatively, you can view the detailed status on the Endpoint settings page (if your connection owns the VPN node) or Developer settings (if your organization owns the VPN node).
VPN test type | Status color | Notes |
|---|---|---|
SA | Green | Success. Redox has an established SA over VPN. |
SA | Red | Failure. Redox couldn't establish an SA over VPN. |
TCP heartbeat | Green | Success. Redox can communicate with the configured VPN IP and port. |
TCP heartbeat | Yellow | Warning. The VPN is healthy, but the connection's firewall or interface is responding with an error. The VPN node may not be listening on the port to which Redox is sending or you need to complete routing rules. |
TCP heartbeat | Red | Failure. Redox can't communicate with the configured VPN IP and port, probably due to firewall, configuration, or networking issues. |
TCP heartbeat or ping | Gray | Unknown. Indicates that there's insufficient data to determine the receiving node's status. |
Ping | Green | Success. Redox can ping the configured VPN IP. |
Ping | Red | Failure. Redox can't communicate with the configured VPN IP. |