Agents Administration - Tests
 

Configuration of AzrVpnGtwyTest

This test monitors each VPN gateway that is configured for a resource group in the target Azure subscription. For every gateway, the test reports the configuration of the gateway, and measures the bandwidth/throughput used by the tunnels of the gateway in real-time, thus indicating to administrators if the configuration fulfills the throughput requirements. Based on these insights, administrators can even decide to switch to a VPN gateway configuration that is ideal for their specific needs. The test also monitors the incoming and outgoing traffic through each VPN gateway, and alerts administrators to potentially abnormal traffic levels. In addition, the test highlights issues that can impede smooth communication over the network such as unexpected gateway failures, packet drops, sudden route disconnects, and revoked certificates. This enables administrators to accurately identify what went wrong and why, so that the appropriate remedial measures can be employed.

The default parameters associated with this test are:

  • The TEST PERIOD list box helps the user to decide how often this test needs to be executed.

  • In the HOST text box, specify the HOST for which this test is to be configured.

  • Specify the GUID which uniquely identifies the Microsoft Azure Subscription to be monitored in the SUBSCRIPTION ID text box.To know the ID that maps to the target subscription, click here.

  • Specify the Directory ID of the Azure AD tenant to which the target subscription belongs in the TENANT ID text box. To know how to determine the Directory ID/Tenant ID, click here.

  • The eG agent communicates with the target Microsoft Azure Subscrption using Java API calls. To collect the required metrics, the eG agent requires an Access token in the form of an Application ID and the client secret value.Specify the Application ID of the created Application in the CLIENT ID text box. To know how to determine the Application ID, click here. Specify the client secret value in the CLIENT PASSWORD text box. To obtain the client secret value, click here.

  • Confirm the CLIENT PASSWORD by retyping it in the CONFIRM PASSWORD text box.

  • In some environments, all communication with the Azure cloud be routed through a proxy server. In such environments, you should make sure that the eG agent connects to the cloud via the proxy server and collects metrics. To enable metrics collection via a proxy, specify the IP address of the proxy server and the port at which the server listens against the PROXY HOST and PROXY PORT parameters. By default, these parameters are set to none , indicating that the eG agent is not configured to communicate via a proxy, by default.

  • If the proxy server requires authentication, then, specify a valid proxy user name and password in the PROXY USERNAME and PROXY PASSWORD parameters, respectively. Then, confirm the password by retyping it in the CONFIRM PASSWORD text box.

  • By default, the Log Analytics Workspace Name parameter is set to All. This indicates that the test reads event data from all Log Analytics Workspaces configured for the monitored VPN gateways, by default. However, if you want the test to use only specific Log Analytics Workspaces for metrics collection, then provide the names of these workspaces here as a comma-separated list. To determine the names of the workspaces, do the following: click here.

  • By default, Gateway Success DD flag is set to False. This means that by default, this test does not report detailed diagnosis for the Gateway success events measure. If you want to know the details of gateway connections established successfully, then set Gateway Success DD flag to True.

  • By default, Gateway Failed DD flag is set to False. This means that by default, this test does not report detailed diagnosis for the Gateway failed events measure. If you want to know the details of gateway connections that failed, then set Gateway Failed DD flag to True.

  • By default, Tunnel Connected DD flag is set to False. This means that by default, this test does not report detailed diagnosis for the Tunnels connected measure. If you want to know the details of all the tunnels that are connected to each VPN gateway, then set Tunnel Connected DD flag to True.

  • By default, Tunnel Disconnected DD flag is set to False. This means that by default, this test does not report detailed diagnosis for the Tunnels disconnected measure. If you want to know the details of all the tunnels that are disconnected from each VPN gateway, then set Tunnel Disconnected DD flag to True.

  • By default, Routes Connected DD flag is set to False. This means that by default, this test does not report detailed diagnosis for the Routes connected measure. If you want to know the details of all the routes that are connected to each VPN gateway, then set Routes Connected DD flag to True.

  • By default, Routes Disconnected DD flag is set to False. This means that by default, this test does not report detailed diagnosis for the Routes disconnected measure. If you want to know the details of all the routes that are disconnected from each VPN gateway, then set Routes Disconnected DD flag to True.

  • By default, Routes Updates DD flag is set to False. This means that by default, this test does not report detailed diagnosis for the Route updates measure. If you want to know the details of all the routes that are updated, then set Routes Updates DD flag to True.

  • By default, P2S Events DD flag is set to False. This means that by default, this test does not report detailed diagnosis for the P2S events measure. If you want to view the complete list of Point-to-Site control messages and events on each VPN gateway, then set P2S Events DD flag to True.

  • By default, IKE Events DD flag is set to False. This means that by default, this test does not report detailed diagnosis for the IKE events measure. If you want to view the complete list of IKE control messages and events on each VPN gateway, then set IKE Events DD flag to True.

  • To make diagnosis more efficient and accurate, eG embeds an optional detailed diagnostic capability. With this capability, the eG agents can be configured to run detailed, more elaborate tests as and when specific problems are detected. To enable the detailed diagnosis capability of this test, by default, for a particular server, choose the On option against DETAILED DIAGNOSIS. To disable the capability, click on the Off option.

    The option to selectively enable/disable the detailed diagnosis capability will be available only if the following conditions are fulfilled:

    • The eG manager license should allow the detailed diagnosis capability.

    • Both the bad and normal frequencies configured for the detailed diagnosis measures should not be 0.

  • If multiple components of the same component type are awaiting configuration, then an APPLY TO OTHER COMPONENTS button will appear in this page. Clicking on this button will allow you to apply the configuration to all/selected components of that type.

  • Once the necessary values have been provided, clicking on the UPDATE button will register the changes made.

When changing the configuration for specific servers, a “*” beside the text box corresponding to the parameter signifies that these values have to be manually configured by the user. The parameter values that require to be configured will typically be prefixed with a “$” or contain a series of “*”. A value of “none” in the parameter value indicates that the corresponding parameter value can be changed if required.