Azure Virtual Network Gateway does not record any P2SDiagnosticLog events

Luca Castelli 20 Reputation points
2024-02-12T10:50:01.32+00:00

I'm using a "virtual network gateway" for Point-to-Site VPN connections using client certificate authentication. I enabled all the diagnostic logs for the virtual network gateway like the following JSON, but on the Analytics logs it seams only the IKEDiagnosticLog are recorded and the aren't any logs on P2SDiagnosticLog category.
How can I record the P2SDiagnosticLog events ?

{ "id": "/subscriptions/xxxxxxxx-xxx-xxx-xxx-xxxxxxxxxxx/resourceGroups/rg-shared-westeu/providers/Microsoft.Network/virtualNetworkGateways/vgw-shared-westeu/providers/microsoft.insights/diagnosticSettings/VirtualNetworkGatewayDiagnostic", "name": "VirtualNetworkGatewayDiagnostic", "properties": { "logs": [ { "category": "GatewayDiagnosticLog", "categoryGroup": null, "enabled": true, "retentionPolicy": { "days": 0, "enabled": false } }, { "category": "TunnelDiagnosticLog", "categoryGroup": null, "enabled": true, "retentionPolicy": { "days": 0, "enabled": false } }, { "category": "RouteDiagnosticLog", "categoryGroup": null, "enabled": true, "retentionPolicy": { "days": 0, "enabled": false } }, { "category": "IKEDiagnosticLog", "categoryGroup": null, "enabled": true, "retentionPolicy": { "days": 0, "enabled": false } }, { "category": "P2SDiagnosticLog", "categoryGroup": null, "enabled": true, "retentionPolicy": { "days": 0, "enabled": false } } ], "metrics": [ { "timeGrain": null, "enabled": true, "retentionPolicy": { "days": 0, "enabled": false }, "category": "AllMetrics" } ], "workspaceId": "/subscriptions/xxxxxxxx-xxx-xxx-xxx-xxxxxxxxxxx/resourceGroups/rg-shared-westeu/providers/Microsoft.OperationalInsights/workspaces/log-shared-westeu", "logAnalyticsDestinationType": null } }

Azure VPN Gateway
Azure VPN Gateway
An Azure service that enables the connection of on-premises networks to Azure through site-to-site virtual private networks.
1,508 questions
{count} votes

Accepted answer
  1. KapilAnanth-MSFT 43,896 Reputation points Microsoft Employee
    2024-02-15T06:43:32.55+00:00

    @Luca Castelli ,

    To troubleshoot further, I believe we will need a specialized 1:1 session, where a support engineer can have a screen share session to pinpoint the issue.

    If you have a support plan you may file a support ticket, else please check the Private messages, where we will try and help you get an one-time free technical support.

    Post working with Azure Support, you found the RCA as

    SSTP VPN connections are not logged by design.

    And informed us you will be upgrading the current "Basic" Virtual Network Gateway to a different SKU in order to implement OpenVPN authentication which are logged on the workspace Cheers,

    Kapil

    1 person found this answer helpful.
    0 comments No comments

0 additional answers

Sort by: Most helpful

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.