This Rule generates alerts when The IPsec tunnel is not functioning because the local endpoint was misconfigured
The IPsec tunnel is not functioning because the local endpoint was misconfigured.
The local endpoint is not a local address on the TMG Server computer.
The routing table is not configured so that the best route to the remote endpoint is via an adapter containing the local endpoint.
Configure the local endpoint to one of the IP addresses on the TMG Server computer. If network load balancing (NLB) is configured, specify the virtual IP address. If the VPN tunnel should be assigned to a specific server, then configure the local endpoint to the IP address of that server.
Add a route rule that allows traffic to pass via the specified local endpoint to the remote endpoint.
Target | Microsoft.Forefront.TMG.VPN.ServerComponent |
Category | EventCollection |
Enabled | True |
Alert Generate | False |
Remotable | True |
ID | Module Type | TypeId | RunAs |
---|---|---|---|
DS | DataSource | Microsoft.Forefront.TMG.Rule.AlertGenerate.DS | Default |
WA | WriteAction | Microsoft.Forefront.TMG.Rule.AlertGenerate.WA | Default |
<Rule ID="Microsoft.Forefront.TMG.The_IPsec_tunnel_is_not_functioning_because_the_local_endpoint_was_misconfigured.Rule" Enabled="true" Target="Microsoft.Forefront.TMG.VPN.ServerComponent" ConfirmDelivery="true" Remotable="true" Priority="Normal" DiscardLevel="100">
<Category>EventCollection</Category>
<DataSources>
<DataSource ID="DS" TypeID="Microsoft.Forefront.TMG.Rule.AlertGenerate.DS">
<ComputerName>$Target/Host/Host/Property[Type="Windows!Microsoft.Windows.Computer"]/NetworkName$</ComputerName>
<LogName>Application</LogName>
<EventsPattern>^(21245)$</EventsPattern>
<EventType>1</EventType>
<SourcePattern>Microsoft Forefront TMG Firewall</SourcePattern>
</DataSource>
</DataSources>
<WriteActions>
<WriteAction ID="WA" TypeID="Microsoft.Forefront.TMG.Rule.AlertGenerate.WA">
<AlertMessageId>$MPElement[Name="Microsoft.Forefront.TMG.The_IPsec_tunnel_is_not_functioning_because_the_local_endpoint_was_misconfigured.AlertMessage"]$</AlertMessageId>
<DomainName>$Target/Host/Host/Property[Type="Windows!Microsoft.Windows.Computer"]/DomainDnsName$</DomainName>
<Priority>1</Priority>
<Severity>2</Severity>
</WriteAction>
</WriteActions>
</Rule>