I have a IPSEC connection from On-PREM to Azure via VPN gateway. I want to monitor all traffic, aka src/dest, ports, and data that ever enters or leaves that VPN gateway. How would I accomplish this under Azure?
Asked
Active
Viewed 1,449 times
2 Answers
0
Not at the moment - your only options are
- To log traffic via NSGs for resources attached to VNETs
- deploy a 3rd party VPN gateway with associated Route tables.
Logging is the biggest restraint I've run into with the native VPN GATEWAY.
Hopefully this will improve with time.
kim
- 3,066
- 2
- 11
- 20
Casper Pieterse
- 11
- 2
0
You could check out Azure Network Watcher. It will log the flows from your networks. It won't provide exact transfer amounts of traffic, but it will show traffic distribution and patterns.
Included in the Azure Network Watcher is also packet capture and if I remember right it also will show what ports the traffic is going over as well as source and destination IPs.
There are also some easily found Power-Bi templates that will read the logs and let you do some interactive digging.
Alexander Graf
- 1
- 1