In Windows Azure Pack we can create NAT rules and Site 2 Site VPN connections.
The Gateway servers handles the connection and we have them monitored with Operations Manager
But from a operations point of view more info is always better
But due to the Network Virtualization we just cant push a agent to the server
So for each of our gateway clusters we created a VM in our Windows Azure Pack Portal and another VM behind a Site 2 Site VPN
So on our network we have created a Site to Site VPN
and after creating the Site to Site VPN tunnnel we can verify that we can ping a VM on the other side of the tunnel
and verify internet connection though a ping against a google dns server
Next step was to issue a SCOM Certificate from our CA server
Setup a host file so the Virtual Machine can find its way home to the operations manager server
And ensure that only each VM used for the probe can access the Operations Manager server though firewall rules
We then need a rule so the Operations Manager server can contact the agent on the VM
We then install the Operations Manager agent run the momcert import tool and points to our certificate
And after that we approve the agent in the Operations Manager Console
We then can setup a ping rule with the worlds best management pack from our friends at OpsLogix
And after a few minutes we can see the management pack in action and we can monitor our Site to Site connection
And to test if our endpoint stops responding we power off the VM used for the probe , we could have used internal interface of the firewall
but targeting a VM also lets us know that the basic infrastructure is alive
and after our threadshold is reached we can see that our endpoint is down and we can react
This is a very crude monitoring that works for the basic task of probing the Site to Site functionality
Additional montoring though logs and events on the gateways is also needed but this gives it the basic functionality of the gateway service