When you have network connections that are critical to your business, it’s important to monitor them at all times. Azure Network Watcher is a collection of network monitoring and troubleshooting tools. Not only does it allow you to set up automated monitoring, but it also gives you a suite of tools that will allow you to diagnose almost any network issue.
In this course, you’ll learn about both troubleshooting and monitoring. We’ll start with the troubleshooting tools: IP Flow Verify, Security Group View, Next Hop, Connection Troubleshoot, and VPN Troubleshoot. Then you’ll see how to use the monitoring and analysis tools: Connection Monitor, Logs, Traffic Analytics, and Network Performance Monitor.
Learning Objectives
- Use Network Watcher’s troubleshooting tools to diagnose Azure networking issues
- Configure Network Watcher’s monitoring tools to alert you when there are critical network issues
- Use Network Watcher’s analysis tools to get a more comprehensive view of networking issues
Intended Audience
- People who want to become Azure cloud architects
- People who are preparing to take Microsoft’s AZ-303 exam
Prerequisites
- Basic knowledge of Azure virtual networks
To see the full range of Microsoft Azure Content, visit the Azure Training Library.
If the connection you're troubleshooting involves a virtual network gateway, then you can get more information by using the VPN troubleshoot tool. This is especially helpful if you're having problems with the VPN connection to an on-premises location. It's also possible to have a VPN connection between two virtual networks, though, and that's what I'm going to use in this example. It takes a long time to create virtual network gateways, so bare that in mind if you want to set up your own gateways and follow along with this demo. First, go to the VPN troubleshoot page. Now select the resource group that contains the connection you want to check. Then select the location. You also have to tell it where to store the data that it collects, so click on storage account. And then choose either an existing one or create a new one. I'll pick this one. Now you have to select a container. I have one called network watcher logs. It gives you a list of gateways and connections in this location. You'll notice that it says healthy next to GW1 and GW2.
Those were the results when I ran a test on them before, but that doesn't necessarily mean that the gateways are still healthy. You have to run another test to find out. You can select as many of the items as you want and it will test them all at the same time. I'll just select GW1 and GW2. Then click start troubleshooting. It takes a long time to run, so I'll fast-forward. Okay, it's finished and it says that gateway one is unhealthy. It says that your VPN connectivity is impacted because the site to site VPN tunnels are disconnected. It also gives further details saying that the site to site VPN tunnels could not connect because of IKE or connectivity issues. IKE stands for internet key exchange. The reason it got this error is because I changed the shared key on the VNet1 to VNet2 connection, which caused the connection to fail. So it did a good job of diagnosing the problem. And that's it for the VPN troubleshoot tool.
Guy launched his first training website in 1995 and he's been helping people learn IT technologies ever since. He has been a sysadmin, instructor, sales engineer, IT manager, and entrepreneur. In his most recent venture, he founded and led a cloud-based training infrastructure company that provided virtual labs for some of the largest software vendors in the world. Guy’s passion is making complex technology easy to understand. His activities outside of work have included riding an elephant and skydiving (although not at the same time).