Deploy Packet Capture for Azure VPN Gateway

Introduction

We can capture the Azure VPN connection's network packets using VPN Gateway Packet Capture. We can select the multiple tunnel network packets using this VPN Gateway Packet Capture.

The packet capture data files are generated in PCAP format.

The Azure VPN Gateway packet capture requires the Azure Storage account, and we must create the SAS token to store the PCAP file.

In our previous article, we learned how to configure the Packet capture for the specific Virtual Machine's network traffic using Network Watcher.

This article teaches us how to capture the Azure VPN gateway's traffic using VPN Gateway Packet Capture.

Step 1. Create a Container in the Storage account, open the container, and click Shared Access Signature (SAS) under the Security + networking.

Step 2. Select Blob under the Allowed services, Select Container under the Allowed resource types, and click Generate SAS and connection string.

Step 3. Copy the Blob service SAS URL.

Step 4. Click the VPN Gateway packet Capture under the Help.

Step 5. Click the Start Packet Capture.

Step 6. The maximum Capture file size is 500M, so we can choose the file Size.

The Max packet buffer size: The capture will only contain the contents of each packet truncated to this size.

We can specify the Source Subnet and the Destination Subnet.

We can set the Source and the Destination port.

Once the requirements are completed, you can click the Start Packet Capture.

Step 7. Click the Stop Packet Capture to stop the packet capture.

Step 8. Paste the SAS URL and click Stop Packet Capture.

Step 9. Open the Container and download the pcap file to analyze the traffic.

Summary

This article taught us how to configure the VPN connection traffic using the Azure VPN Gateway packet capture. If you have any questions, feel free to ask under the comment box.