Thanks for posting about ping monitors for private locations! One thing to note about our ping monitors is that they don’t actually perform an ICMP ping request. Instead, they perform an HTTP HEAD request. If that fails they then attempt an HTTP GET request. It’s possible for an ICMP request to succeed from your host, but an HTTP HEAD request to fail.
If you’d like to emulate the HTTP GET request from your host:
# HEAD request
curl -Ivvv <your-endpoint>
# GET request
curl -Gvvv <your-endpoint>
More details about how to emulate the Verify SSL option for ping checks.
The -7 timeout typically indicates that the endpoint was not reached and no response was returned. Is a proxy needed to connect with HTTP? If so, you can use a scripted monitor to connect the proxy in the script first.
It’s also worth checking if the endpoint uses a custom certificate. If so, our minion may not be able to establish the SSL handshake without your root CA. For details on adding your CA to the minion and/or runner containers, I’ve just created a post about that yesterday. Good timing!