Amazon EC2

Down VPN Tunnels

This plugin ensures that each AWS Virtual Private Network (VPN) connection has all tunnels up

Risk Level: Low

Description

This plugin ensures that each AWS Virtual Private Network (VPN) connection has all tunnels up. Having tunnel status as UP ensures that network traffic flow over Virtual Private Network is interrupted. It is recommended to fix all the VPN connections with low status.

About the Service

Amazon EC2: Amazon Elastic Compute Cloud (Amazon EC2) provides scalable computing capacity in the Amazon Web Services (AWS) Cloud. With the EC2 instance, you can launch as many virtual servers as you need, configure security and networking, and manage storage without worrying about the hardware needs of the process. Security Groups act as a firewall for an EC2 instance to control the incoming and outgoing traffic. You can read more about security groups here.

Impact

Having tunnel status as UP ensures that network traffic flow over Virtual Private Network is interrupted. It maximizes the uptime of all services utilizing the VPN connection.

Steps to Reproduce

Using AWS Console-

  1. Log In to your AWS Console.
  2. Open the VPC Management Console. You can use this link (https://console.aws.amazon.com/vpc) to navigate directly if already logged in. 
  3. Move to the Site-to-Site VPN Connections in the Virtual Private Network (VPN) section from the left navigation pane.
  4. You will find a list of VPN connections available. Select the one you wish to examine by clicking on the checkbox next to it.
  5. Move to the Tunnel Details tab. 
  6. If any of the Tunnel Status is set to Down, the vulnerability exists.
  7. Repeat steps for all the VPN connections you want to investigate.

Steps for Remediation

Establish a successful VPN connection using IKE or IPsec configuration:

  1. Log In to your AWS Console.
  2. Open the VPC Management Console. You can use this link (https://console.aws.amazon.com/vpc) to navigate directly if already logged in. 
  3. From the top-right corner, click on Support and select Support Center from the drop-down menu.
  4. Select the Technical Support option.
  5. Select Virtual Private Network (VPN) from the services section.
  6. Specify the vulnerable VPC IDs and the severity levels.
  7. In the Subject option, type “VPC Tunnels are DOWN”, add a Description for the issue along with supporting screenshots.
  8. After selecting an appropriate contact method, click on Create Case. You will be contacted by the AWS Support team.
  9. Repeat steps for all the vulnerable VPN connections.