PDF
Download PDF
Download page Azure VPN Gateways.
Azure VPN Gateways
Azure VPN Gateway is a service that uses a specific type of virtual network gateway to send encrypted traffic between an Azure virtual network and on-premises locations over the public Internet.
You must configure cloud connections to monitor this entity. See Configure Azure Cloud Connection.
Cisco Cloud Observability displays Azure entities on the Observe page. Metrics are displayed for specific entity instances in the list and detail views.
This document contains references to third-party documentation. Cisco AppDynamics does not own any rights and assumes no responsibility for the accuracy or completeness of such third-party documentation.
Detail View
To display the detail view for an Azure VPN Gateway instance:
- Navigate to the Observe page.
- Under Networking & App Delivery, click Azure VPN Gateways.
The list view now displays. - Click an instance Name to display the detail view.
The detail view displays metrics, key performance indicators, and properties (attributes) related to the instance you selected.
Metrics and Key Performance Indicators
Cisco Cloud Observability displays the following metrics and key performance indicators (KPIs) for Azure VPN Gateway. See:
- Supported metrics for microsoft.network/vpngateway
- Supported metrics for microsoft.network/p2svpngateways
- Supported metrics for microsoft.network/expressroutegateways
| Display Name | Source Metric Name | Description |
| Gateway S2S Bandwidth (Bytes/Sec) | AverageBandwidth | Site-to-site bandwidth of a gateway in bytes per second. |
| CPU Utilization (%) | ExpressRouteGatewayCpuUtilization | CPU Utilization of the ExpressRoute Gateway. |
| Bits Received Per Second | ExpressRouteGatewayBitsPerSecond | Total Bits received on ExpressRoute Gateway per second. |
| Packets Received Per Second | ExpressRouteGatewayPacketsPerSecond | Total Packets received on ExpressRoute Gateway per second. |
| Frequency of Routes Change | ExpressRouteGatewayFrequencyOfRoutesChanged | Frequency of Routes change in ExpressRoute Gateway. |
Express Route Gateway Routes (Count)
|
| Count of Routes advertised to peer by ExpressRoute Gateway. |
ExpressRouteGatewayCountOfRoutesLearnedFromPeer | Count Of routes learned from peer by ExpressRoute Gateway. | |
| Number of VMs in the Virtual Network | ExpressRouteGatewayNumberOfVmInVnet | Number of VMs in the Virtual Network. |
| Gateway P2S Bandwidth (Bytes/Sec) |
| Point-to-site bandwidth of a gateway in bytes per second. |
| P2S Connection Count | P2SConnectionCount | Point-to-site connection count of a gateway. |
| VPN Gateway Egress Packets (Count) |
| Outgoing packet count of a tunnel. |
| VPN Gateway Ingress Packets (Count) |
| Incoming bytes of a tunnel. |
| Tunnel Traffic (Bytes) |
| Incoming bytes of a tunnel. |
TunnelEgressBytes | Outgoing bytes of a tunnel. | |
| Tunnel NAT Allocations (Count) | TunnelNatAllocations | Count of allocations for a NAT rule on a tunnel. |
Properties (Attributes)
Cisco Cloud Observability displays the following properties for Azure VPN Gateway.
| Display Name | Property Name | Description |
|---|---|---|
| Name | azure.name | The Resource Name of the Azure Resource. |
| Resource Group | azure.resource.group | The resource group of the Azure Resource. |
| Resource ID | azure.resource.id | The fully qualified ID of the Azure Resource. |
| Active-Active | azure.vpn_gateway.active_active | Indicates whether active-active mode is enabled for the virtual network gateway. |
| Allow Remote Vnet Traffic | azure.vpn_gateway.allow_remote_vnet_traffic | Specifies whether to allow remote Vnet traffic to pass through the gateway. |
| Allow Virtual WAN Traffic | azure.vpn_gateway.allow_virtual_wan_traffic | Specifies whether the virtual network gateway allows Virtual WAN traffic to flow through the gateway. |
| Minimum Scale Units for Auto Scaling | azure.vpn_gateway.auto_scale_configuration.min_scale_units | Specifies the minimum number of virtual network gateways to be deployed when autoscaling is enabled. |
| BGP ASN | azure.vpn_gateway.bgp_settings.asn | The BGP Autonomous System Number (ASN) associated with this virtual network gateway. |
| BGP Peering Address | azure.vpn_gateway.bgp_settings.bgp_peering_address | The IP address for the BGP peering interface on the virtual network gateway. |
| BGP Peer Weight | azure.vpn_gateway.bgp_settings.peer_weight | Specifies the weight for the BGP peer. The higher the weight, the more preferred the peer is. |
| Custom Routes Address Prefixes | azure.vpn_gateway.custom_routes.address_prefixes | A list of address prefixes for custom routes in the virtual network gateway. |
| Disable IPSec Replay Protection | azure.vpn_gateway.disable_ip_sec_replay_protection | A boolean value indicating whether IPSec replay protection is disabled for the virtual network gateway. |
| Enable BGP | azure.vpn_gateway.enable_bgp | Specifies whether BGP (Border Gateway Protocol) is enabled for this virtual network gateway. Default is false. |
| Enable BGP Route Translation for NAT | azure.vpn_gateway.enable_bgp_route_translation_for_nat | Enables BGP route translation for Network Address Translation (NAT) on this virtual network gateway. Default is false. |
| Enable DNS Forwarding | azure.vpn_gateway.enable_dns_forwarding | Specifies whether DNS forwarding is enabled on the virtual network gateway. |
| Enable Private IP Address | azure.vpn_gateway.enable_private_ip_address | Indicates whether private IP address is enabled for the virtual network gateway. |
| Gateway Default Site ID | azure.vpn_gateway.gateway_default_site.id | The ID of the default site for the virtual network gateway. |
| Gateway Type | azure.vpn_gateway.gateway_type | Specifies the type of this virtual network gateway. Possible values are 'Vpn' and 'ExpressRoute'. |
| Migrate to CSES | azure.vpn_gateway.is_migrate_to_cses | Specifies whether the virtual network gateway is in the process of being migrated to the Cloud Services Environment (CSES) or not. |
| Migration Phase | azure.vpn_gateway.migration_phase | The phase of the migration process for the virtual network gateway. |
| Packet Capture Diagnostic State | azure.vpn_gateway.packet_capture_diagnostic_state | Indicates whether packet capture diagnostic is enabled or disabled for this virtual network gateway. |
| Provisioning State | azure.vpn_gateway.provisioning_state | The provisioning state of the virtual network gateway resource. |
| Resource GUID | azure.vpn_gateway.resource_guid | Specifies the unique identifier for this virtual network gateway resource. |
| SKU Capacity | azure.vpn_gateway.sku.capacity | The capacity of the virtual network gateway SKU. |
| SKU Name | azure.vpn_gateway.sku.name | The name of the SKU (stock keeping unit) for the virtual network gateway. |
| SKU Tier | azure.vpn_gateway.sku.tier | Specifies the SKU tier of the virtual network gateway. |
| Tunnel Inbound Authentication Root Certificates | azure.vpn_gateway.tunnel_inbound_auth_root_certificates | A list of base-64 encoded strings that represent the root certificates of the authentication certificate authorities used for tunnel inbound authentication. |
| Tunnel Outbound Authentication Certificate Path | azure.vpn_gateway.tunnel_outbound_auth_certificate_path | Specifies the path of the certificate used for tunnel outbound authentication. |
| Virtual Network Extended Location Resource ID | azure.vpn_gateway.vnet_extended_location_resource_id | The resource ID of the virtual network extended location associated with the virtual network gateway. |
| Azure Active Directory Audience | azure.vpn_gateway.vpn_client_configuration.aad_audience | The Azure Active Directory audience(s) for the virtual network gateway VPN client configuration. |
| AAD Issuer | azure.vpn_gateway.vpn_client_configuration.aad_issuer | The issuer of the Azure Active Directory used for authentication of Point-to-Site VPN clients. |
| VPN Client Configuration - AAD Tenant | azure.vpn_gateway.vpn_client_configuration.aad_tenant | The issuer of the Azure Active Directory used for authentication of Point-to-Site VPN clients. |
| VPN Client Radius Server Address | azure.vpn_gateway.vpn_client_configuration.radius_server_address | The address of the RADIUS server for VPN clients connecting to the virtual network gateway. |
| VPN Client Configuration - RADIUS Server Secret | azure.vpn_gateway.vpn_client_configuration.radius_server_secret | The secret used to authenticate against the RADIUS server for VPN client authentication. |
| VPN Client Configuration Authentication Types | azure.vpn_gateway.vpn_client_configuration.vpn_authentication_types | The authentication types used by the VPN clients connecting to the virtual network gateway. |
| VPN Client Configuration Address Prefixes | azure.vpn_gateway.vpn_client_configuration.vpn_client_address_pool.address_prefixes | The address prefixes for the VPN client address pool associated with the virtual network gateway. |
| Allocated IP Addresses for VPN Client Connection Health | azure.vpn_gateway.vpn_client_configuration.vpn_client_connection_health.allocated_ip_addresses | A list of IP addresses allocated for VPN client connections that are currently connected to the virtual network gateway. |
| Total Egress Bytes Transferred | azure.vpn_gateway.vpn_client_configuration.vpn_client_connection_health.total_egress_bytes_transferred | The total number of bytes transferred out of the virtual network gateway for VPN client connections. |
| VPN Client Connection Health - Total Ingress Bytes Transferred | azure.vpn_gateway.vpn_client_configuration.vpn_client_connection_health.total_ingress_bytes_transferred | Specifies the total number of ingress bytes transferred for the VPN client connection health. |
| VPN Client Configuration - VPN Client Connections Count | azure.vpn_gateway.vpn_client_configuration.vpn_client_connection_health.vpn_client_connections_count | Specifies the number of VPN client connections allowed for the virtual network gateway. |
| VPN Client Protocols | azure.vpn_gateway.vpn_client_configuration.vpn_client_protocols | Specifies the VPN client protocols that are allowed for the virtual network gateway. |
| VPN Gateway Generation | azure.vpn_gateway.vpn_gateway_generation | Specifies the type of VPN connection that the virtual network gateway supports. Valid values are 'RouteBased' and 'PolicyBased'. |
| VPN Type | azure.vpn_gateway.vpn_type | Specifies the type of VPN connection that the virtual network gateway supports. Valid values are 'RouteBased' and 'PolicyBased'. |
| Account ID | cloud.account.id | The cloud account ID the resource is assigned to. |
| Platform | cloud.platform | The cloud platform in use. |
| Region | cloud.region | The location of the Azure Function resource. |
Retention and Purge Time-To-Live (TTL)
For all cloud and infrastructure entities, the retention TTL is 180 minutes (3 hours) and the purge TTL is 525,600 minutes (365 days).
Microsoft Azure, the Microsoft Azure logo, Azure, and any other Microsoft Azure Marks used in these materials are trademarks of Microsoft Corporation or its affiliates in the United States and/or other countries.