References > Template Reference > Microsoft DirectAccess > Microsoft DirectAccess 2012

Microsoft DirectAccess 2012

This template assesses the overall health of Microsoft DirectAceess server installed on Windows 2012.

Prerequisites

RPC and WMI access to the domain controller.

Credentials

Windows Administrator on the domain controller.

Monitored Components

For details on monitors, see SAM Component Monitor Types.

Components without predetermined threshold values provide guidance such as "use the lowest threshold possible" or "use the highest threshold possible" to help you find a threshold appropriate for your application.

Teredo Relay: In - Error Packets

This monitor returns the total number of error packets received by the Teredo relay.

By default, this monitor has the Count statistic as difference box checked. It will show the statistic since the last polling period.

Teredo Relay: In - Success Packets

This monitor returns the total number of error packets received by the Teredo relay.

By default, this monitor has the Count statistic as difference box checked. It will show the statistic since the last polling period.

Teredo Relay: In - Error and Success Packets

This monitor returns the rate of total packets received by the Teredo relay.

Teredo Relay: Out - Error Packets

This monitor returns the total number of packets failed to be sent by the Teredo relay.

By default, this monitor has the Count statistic as difference box checked. It will show the statistic since the last polling period.

Teredo Relay: Out - Error and Success Packets

This monitor returns the rate of total packets sent by the Teredo relay.

Network Interface (6TO4 Adapter): Packets Received Errors

This monitor returns the number of inbound packets that contained errors preventing them from being deliverable to a higher-layer protocol.

By default, this monitor has the Count statistic as difference box checked. It will show the statistic since the last polling period.

Network Interface (6TO4 Adapter): Packets Received/sec

This monitor returns the rate at which packets are received on the network interface.

Network Interface (6TO4 Adapter): Packets Sent Non-Unicast/sec

This monitor returns the rate at which packets are requested to be transmitted to non-unicast (subnet broadcast or subnet multicast) addresses by higher-level protocols.  The rate includes the packets that were discarded or not sent.

Network Interface (6TO4 Adapter): Packets Sent Unicast/sec

This monitor returns the rate at which packets are requested to be transmitted to subnet-unicast addresses by higher-level protocols. The rate includes the packets that were discarded or not sent.

Network Interface (6TO4 Adapter): Packets Sent/sec

This monitor returns the rate at which packets are sent on the network interface.

Network Interface (6TO4 Adapter): Packets/sec

This monitor returns the rate at which packets are sent and received on the network interface.

IPHTTPS Global: Authentication Errors

This monitor returns the total authentication errors.

By default, this monitor has the Count statistic as difference box checked. It will show the statistic since the last polling period.

IPHTTPS Global: Receive Errors on the Server

This monitor returns the total receive errors on the server.

By default, this monitor has the Count statistic as difference box checked. It will show the statistic since the last polling period.

IPHTTPS Global: Transmit Errors on the Server

This monitor returns the total transmit errors on the server.

By default, this monitor has the Count statistic as difference box checked. It will show the statistic since the last polling period.

IPHTTPS Global: Bytes Received

This monitor returns the total bytes received on the IPHTTPS server.

By default, this monitor has the Count statistic as difference box checked. It will show the statistic since the last polling period.

IPHTTPS Global: Packets Received

This monitor returns the total packets received on the server.

By default, this monitor has the Count statistic as difference box checked. It will show the statistic since the last polling period.

IPHTTPS Global: Bytes Sent

This monitor returns the total bytes sent on the IPHTTPS server.

By default, this monitor has the Count statistic as difference box checked. It will show the statistic since the last polling period.

IPHTTPS Global: Packets Sent

This monitor returns the total packets sent from the server.

By default, this monitor has the Count statistic as difference box checked. It will show the statistic since the last polling period.

IPHTTPS Global: Sessions

This monitor returns the total number of sessions on the server.

By default, this monitor has the Count statistic as difference box checked. It will show the statistic since the last polling period.

Network Interface (isatap): Packets Received Errors

This monitor returns the number of inbound packets that contained errors preventing them from being deliverable to a higher-layer protocol.

By default, this monitor has the Count statistic as difference box checked. It will show the statistic since the last polling period.

Before using this monitor, you should provide the correct instance field. For example, the instance should resemble the following:

isatap.<DOMAIN> where <DOMAIN> FQDN is the name of your domain.

Example: isatap.example.com

Network Interface (isatap): Packets Received/sec

This monitor returns the rate at which packets are received on the network interface.

Before using this monitor, you should provide the correct instance field. For example, the instance should resemble the following:

isatap.<DOMAIN> where <DOMAIN> FQDN is the name of your domain.

Example: isatap.example.com

Network Interface (isatap): Packets Sent Non-Unicast/sec

This monitor returns the rate at which packets are requested to be transmitted to non-unicast (subnet broadcast or subnet multicast) addresses by higher-level protocols.  The rate includes the packets that were discarded or not sent.

Before using this monitor, you should provide the correct instance field. For example, the instance should resemble the following:

isatap.<DOMAIN> where <DOMAIN> FQDN is the name of your domain.

Example: isatap.example.com

Network Interface (isatap): Packets Sent Unicast/sec

This monitor returns the rate at which packets are requested to be transmitted to subnet-unicast addresses by higher-level protocols.  The rate includes the packets that were discarded or not sent.

Before using this monitor, you should provide the correct instance field. For example, the instance should resemble the following:

isatap.<DOMAIN> where <DOMAIN> FQDN is the name of your domain.

Example: isatap.example.com

Network Interface (isatap): Packets Sent/sec

This monitor returns the rate at which packets are sent on the network interface.

Before using this monitor, you should provide the correct instance field. For example, the instance should resemble the following:

isatap.<DOMAIN> where <DOMAIN> FQDN is the name of your domain.

Example: isatap.example.com

Network Interface (isatap): Packets/sec

This monitor returns the rate at which packets are sent and received on the network interface.

Before using this monitor, you should provide the correct instance field. For example, the instance should resemble the following:

isatap.<DOMAIN> where <DOMAIN> FQDN is the name of your domain.

Example: isatap.example.com

IPsec AuthIP IPv4: Active Extended Mode SAs

This monitor returns the number of currently active extended mode security associations.

IPsec AuthIP IPv4: Active Main Mode SAs

This monitor returns the number of currently active main mode security associations.

IPsec AuthIP IPv4: Active Quick Mode SAs

This monitor returns the number of currently active quick mode security associations.

IPsec AuthIP IPv4: Failed Extended Mode Negotiations/sec

This monitor returns the rate of failed extended mode negotiations.

IPsec AuthIP IPv4: Failed Main Mode Negotiations/sec

This monitor returns the rate of failed main mode negotiations.

IPsec AuthIP IPv4: Failed Quick Mode Negotiations/sec

This monitor returns the rate of failed quick mode negotiations.

IPsec AuthIP IPv4: Pending Extended Mode Negotiations

This monitor returns the number of pending extended mode negotiations.

IPsec AuthIP IPv4: Pending Main Mode Negotiations

This monitor returns the number of pending main mode negotiations.

IPsec AuthIP IPv4: Pending Quick Mode Negotiations

This monitor returns the number of pending quick mode negotiations.

IPsec AuthIP IPv6: Active Extended Mode SAs

This monitor returns the number of currently active extended mode security associations.

IPsec AuthIP IPv6: Active Main Mode SAs

This monitor returns the number of currently active main mode security associations.

IPsec AuthIP IPv6: Active Quick Mode SAs

This monitor returns the number of currently active quick mode security associations.

IPsec AuthIP IPv6: Failed Extended Mode Negotiations/sec

This monitor returns the rate of failed extended mode negotiations.

IPsec AuthIP IPv6: Failed Main Mode Negotiations/sec

This monitor returns the rate of failed main mode negotiations.

IPsec AuthIP IPv6: Failed Quick Mode Negotiations/sec

This monitor returns the rate of failed quick mode negotiations.

IPsec AuthIP IPv6: Pending Extended Mode Negotiations

This monitor returns the number of pending extended mode negotiations.

IPsec AuthIP IPv6: Pending Main Mode Negotiations

This monitor returns the number of pending main mode negotiations.

IPsec AuthIP IPv6: Pending Quick Mode Negotiations

This monitor returns the number of pending quick mode negotiations.

IPsec DoS Protection: Current State Entries

This monitor returns the number of state entries in the table. A state entry is a pair of IPv6 addresses that is authorized to pass through from a public to an internal interface.

IPsec DoS Protection: Per IP Rate Limit Queues

This monitor returns the current number of per internal IP address rate limit queues for unauthenticated IKEv1, IKEv2, AuthIP, or ESP IPv6 packets. An unauthenticated packet is an IPsec packet without an associated state entry. A state entry is a pair of IPv6 addresses that is authorized to pass through from a public to an internal interface. Unauthenticated packets are placed in a separate queue for each destination IP address that is available on the internal interface.

IPsec DoS Protection: State Entries/sec

This monitor returns the rate at which state entries are created by the IPsec Denial of Service Protection component. A state entry is a pair of IPv6 addresses that is authorized to pass through from a public to an internal interface.

IPsec Driver: Bytes Received in Tunnel Mode/sec

This monitor returns the rate of bytes received using tunnel mode.

Service: Remote Access Connection Manager

This service manages dial-up and virtual private network (VPN) connections from this computer to the Internet or other remote networks. If this service is disabled, any services that explicitly depend on it will fail to start.

Service: Remote Access Management service

This service logs, monitors, and manages DirectAccess and VPN connections to the server.

Remote Access Warning and Error Events

This service monitors Warning and Error events.

TCP Port: Direct Access

This monitor tests the ability of a DirectAccess service to accept incoming sessions. The Forefront UAG DirectAccess server is listening on TCP port 443 for traffic from IP-HTTPS-based DirectAccess clients.

Configuring Windows Remote Management (WinRM)

  1. If not already done so, install PowerShell 2.0 and WinRM on the SAM and target servers. Powershell 2.0 can be found here: http://support.microsoft.com/kb/968930.
  2. On the SAM server, open a command prompt as an Administrator. To do this, go to the Start menu and right-click the cmd.exe and then select Run as Administrator.
  3. Enter the following in the command prompt:
    winrm quickconfig
    winrm set winrm/config/client @{TrustedHosts="*"}
  4. On the target server, open a command prompt as an Administrator and enter the following:
    winrm quickconfig
    winrm set winrm/config/client @{TrustedHosts="IP_ADDRESS"}

    where IP address is the IP address of your SAM server.