Monitoring an Internet connection

I have a bit of a conundrum:

We have a dedicated Internet connection that services the public WiFi network in our building. It has it's own edge router (Ubiquiti) to which we have a connection from the corporate network for management and monitoring purposes, but no traffic outbound to the Internet is allowed through this interface. We have an SNMP monitor set up from our Orion platform to the Edge Router. The Internet connection itself is through Bell Canada (Fibe Gigabit) and does not have a dedicated IP. We do not have any machines on that network that we could use to monitor the Internet connection.

I want to set up a monitor in Orion that will watch the actual Internet connection. We have had issues in the past where the edge router sees the internet connection as being active, but actual Internet connectivity is not functional for clients.

My initial thought was to set up a ping monitor on Bell's DNS servers, but I'm having issues routing that monitor through the Edge Router from the Orion server (not a very clean/secure solution). I then thought perhaps I could setup DDNS on the Bell HH 2000 and then ping that box from the outside, but then I found out Bell blocks ICMP to them. Not too keen on port-forwarding into the Edge Router for security reasons. 

My colleagues and I have been brainstorming and we can't find a clean, secure, simple solution. Anyone have any recommendations ? 

Parents Reply Children
  • Im not sure about  Ubiquiti, but if it has an CLI interface that allows login via SSH.

    You might be able to use your DDNS solution with a combination of running script from SAM to verify if this device available for SSH from the internet (allow only your organization public IP),

    another way if you don't have SAM is to have some alert always triggered with an action of execution external program that launch every X minutes a powershell script that checks that and doing somthing unless SSH isn't available, but its not reliable as doing it via SAM,

  • , is it a Unifi Device? if so I would look into their API docs and see if they expose the internet availability they have on the Unifi Dashboard via an API call, if they do then you could approach it the describes using SAM but doing it via an API call or use an API poller.