You can view statistics and access logs for the edge gateways deployed for Advanced Networking Services.

Navigate to an edge gateway in vCloud Director, right click and select Edge Gateway Services. VMware vCloud Edge Gateway Services appears in a new browser tab. By default the Dashboard tab is selected. Statistics and status information are accessible from the following areas of Advanced Networking Services:

Dashboard

SSL VPN-Plus

IPsec VPN

Firewall Rules – Edge Gateway and Trust Groups

Note

Advanced Networking Services includes two types of firewalls—the edge gateway firewall and the firewall to establish Trust Groups (referred to as a distributed firewall in the Advanced Networking Services Web UI). Configuring the edge gateway firewall is available for both Dedicated Cloud and Virtual Private Cloud subscription services. However, configuring the firewall to establish Trust Groups is possible only when you have the vCloud Air Dedicated Cloud subscription service.

Dashboard

The Dashboard provides operational visibility for Advanced Networking Services. The Dashboard displays graphs for the traffic flowing through the interfaces of the selected edge gateway and connection statistics for the firewall and load balancer services.

Note

For additional statistics and historical data, you can configure vRealize Operations to query more advanced data and historical metrics.

vCloud Edge Gateway Services

Select the period for which you want to view the statistics.

SSL VPN-Plus Dashboard

The dashboard displays the status of the service, number of active SSL VPN sessions, and session statistics and data flow details. Click Details next to Number of Active Sessions to view information about the concurrent connections to private networks behind the edge gateway.

Statistics on the SSL VPN-Plus Dashboard
Statistics on the SSL VPN-Plus Dashboard

IPsec VPN

Click the IPSEC VPN tab > Show IPsec Statistics to display the status of the tunnel.

IPsec VPN Tunnel Status

Firewall Rules

You can view statistics for edge gateway firewall rules in the following way:

1

Navigate to a Firewall tab:

For an edge gateway firewall, see Log In and Navigate to Advanced Networking Services for information.

For a firewall for Trust Groups, see Add a Trust Groups Firewall Rule for information.

2

On the Firewall tab, click select columns (column display icon) and select the Stats check box.

The page refreshes and the Stats column appears in the table.

3

Click stats (the stats icon) for a rule.

Statistics for an Edge Gateway Firewall Rule
Statistics for an Edge Gateway Firewall Rule

You can view the traffic related to the rule—traffic packets and size.

Statistics for a Trust Group Firewall Rule
Statistics for a Trust Group Firewall Rule

You can enable logging an edge gateway for all the major features in Advanced Networking Services:

How To Enable Logging Per Feature

Navigation for Feature

Description

Firewall tab > Action cell of a rule and click edit] > Log option

Logs all sessions matching this rule.

DHCP > DHCP Service Status > Enable logging check box

NAT > Add (add icon) icon > Add DNAT Rule or Add SNAT Rule > Enable logging check box

Logs the address translation.

Routing tab > Global Configuration > Dynamic Routing Configuration > Edit > Enable Logging check box

Load Balancer tab > Global Configuration > Edit > Logging check box

IPSEC VPN tab > Logging Policy section > Enable logging check box

Logs the traffic flow between the local subnet and peer subnet.

SSL VPN-Plus tab > Server Settings > Logging Policy > Change > Enable logging check box

SSL VPN-Plus tab > General Settings > Change > Enable logging check box

Maintains a log of the traffic passing through the SSL VPN gateway.

Collecting log data is a multi-step process:

1

Enable logging for the features for which you need log data as described in the table above.

2

Configure a syslog server to receive the log data. See Capturing vCloud Air Edge Gateway Data with Syslog in the VMware vCloud Blog.

The logged data is accessible via your configured syslog server.