I am wondering if anyone in the community has any experience/guidance in relation to troubleshooting connectivity between a Pega Cloud environment to/from their business systems (via VPN).
We have an active VPN with outbound initiatied HTTPS running and are now in the process of getting further services (some inbound initiated) such as IMAP/SMTP/SFTP up and running. Our developers have access within the Designer Studio to run the Email Wizard (which ultimately will provide authorised access), but are there some basic system management tools available which we can use to verify where traffic is routing and connectivity (e.g. Telnet, Ping, Traceroot)?
I do appreciate that the platform is hosted on AWS and that may restrict what is available.
***Updated by moderator: Lochan to add SR Exists group tag; updated topic Categories***
So this depends on whether this is Pega Cloud 1.0 (Legacy) or 2.1. since they use different methods of VPN connectivity. Let's assume 1.0. First piece of information is that the Pega side of the VPN does not restrict any ports, so so any issues that may seem are port related will usually (99.<many 9's>%) be on the customer side of the VPN. You can always test from the customer internal network using pings, telnets (to active ports on the servers, 443, e.g.). I will tell you that traceroute does not work reliably and should not be used. As for testing connectivity from the Pega side to the customer over VPN, any system management tools currently need to be run by the Pega Cloud Support team. This is due to the fact that those tools generally require access to the OS command line of the Pega Cloud Server, which is only accessible by Support.
EDIT 12/21/2016: So after looking at the associated SR, I see this is Cloud 2.1. This does not change my comments about testing from the customer side. However, testing from the Pega/AWS cloud side may need to include AWS support, depending on the network information required. The simple tests (ping, telnet, etc.) can still be accomplished by Pega Coud Support, but any type of network "sniffing" (packet tracing, performance, etc.) will require AWS get involved since they would be the only level of support that has access to those tools.