Share via


Testing the configuration (site-to-site)

Updated: February 1, 2011

Applies To: Forefront Threat Management Gateway (TMG)

After you have configured the site-to-site VPN, you can test the connection by trying to access a computer on the remote network from a computer on the local network (for which network rules and access policy allow access). If you can access the computer on the remote network, you have correctly configured the site-to-site VPN connection.

Checking site-to-site VPN connectivity

To check site-to-site VPN connectivity

  1. In the Forefront TMG Management console, in the tree, click the Monitoring node.

  2. In the details pane, on the Sessions tab, verify whether your VPN session is listed. The site-to-site VPN session has the following properties:

    • Session Type shows VPN Site-to-Site.

    • Client Host Name shows the remote VPN server’s public IP address (if the session was initiated by the local VPN server, this field will be empty).

    • Client IP shows the IP address assigned for the VPN session.

    • Application Name shows that this is a VPN connection and displays the protocol used for the connection. Application Name is not displayed by default. To add it, right-click one of the column headings in the Sessions tab, and click Application Name.

  3. To create a session filter that displays only site-to-site VPN sessions:

    1. On the Tasks tab, click Edit Filter.

    2. In the Edit Filter dialog box, in Filter by, select Session Type. In Condition, select Equals; and in Value, select VPN Remote Site.

    3. Click Add To List, and then click Start Query. You must click Start Query to save the filter.

Concepts

Configuring site-to-site VPN access