Testing a VPN

After you create a VPN connection, test it with the Skytap VPN Test tool.

Before you begin

  1. If the VPN is enabled in Skytap, disable it.
  2. Enable your remote VPN.
  3. Enabling logging on the remote VPN to capture any potential error messages.

Test the VPN

To test the VPN
  1. Click Test.
  2. Enter an IP address and remote port number from a machine on one of the included remote subnets. Ideally, enter the IP address of a machine that can respond to pings.

    If you do not provide a remote port, Skytap tests the VPN, but skips the TCP port connectivity test.

    VPN Test Dialog

  3. Click Test Connection.
  4. Skytap performs up to 4 connectivity tests and displays the results. If Phase 1 and Phase 2 pass, the VPN is properly configured and you should continue to Further VPN testing with Skytap environments. If Phase 1 and Phase 2 fail, see VPN test failures. VPN Test Results

Further VPN testing with Skytap environments

To check that traffic can flow between both local and remote subnets, use a VM to test the various protocols you want to use over the VPN (for example, Ping, Remote Desktop, SSH, SMB):

  1. Click Enable to begin sending traffic through the VPN.
  2. Connect a Skytap environment to the VPN.
  3. Test each protocol with a running machine on one of the included remote subnets. For example, to perform a ping test from Skytap to the machine on the remote network, access the VM command line, and type ping followed by the IP address on the other side of the VPN. You can also ping by hostname if you have an active DNS server as part of your VPN. If the test is successful, a series of replies indicating that packets were sent and received displays.

Test results and meaning

If the tests pass, the VPN is ready to use. If the tests fail, this can indicate a number of issues including:

  • The network routing isn’t properly configured. Review network firewall logs to confirm traffic and routes.
  • The VM operating system firewall is blocking traffic. Many Skytap VMs have their firewalls enabled by default; temporarily disable the firewall before continuing, or allow an ICMP echo function through the firewall.
  • The service itself may not be responsive. Check if the service is functional by accessing it locally or within the same network.

For more information, see Troubleshooting VPN issues.