Monitoring server connectivity

You can verify connectivity to specific network servers using a Microsoft Forefront Threat Management Gateway connectivity verifier. This topic provides information about creating, configuring and managing connectivity verifiers.

Where to start: To configure connectivity verifiers, in the Forefront TMG Management console tree, click the Monitoring node. Then click the Connectivity Verifiers tab.

Creating a connectivity verifier

1. On the Tasks tab, click Create a New Connectivity Verifier.
2. Complete the New Connectivity Verifier Wizard. On the Connectivity Verification Details page, specify the server or URL to which you want to connect and the connection method. The following methods can be used:
   • PING. Forefront TMG sends a Ping request (ICMP ECHO_REQUEST) to the specific server and waits for an ICMP ECHO_REPLY. Use this method to verify that a specific server is available.
   • TCP connect. Forefront TMG tries to establish a TCP connection to a specific port on the specified server. Use this method to verify that a specific service is available on the destination server.
   • HTTP request. Forefront TMG sends an HTTP GET request and waits for a reply. Use this method to verify that a Web server is available.

Configuring connectivity verifiers

In addition to the connectivity verifier properties you specify in the New Connectivity Verifier Wizard, you can configure a timeout and alert as follows:

1. On the Connectivity Verifiers tab, click the connectivity verifier you want to modify, and then select Edit Selected Verifier on the Tasks tab.
2. On the General tab, modify the name of the connectivity verifier if required.
3. On the Properties tab, do the following:
   • In Monitor connection to this server, modify the name of the destination server.
   • In Select this method to verify the connection, modify the connection method.
   • In Timeout, specify how long Forefront TMG should wait before reporting that the server is not available.
   • To specify that an alert should be triggered when the timeout is exceeded, click Trigger an alert if the server response is not within the specified timeout.

Disabling and deleting a connectivity verifier

On the Connectivity Verifiers tab, do the following on the Tasks tab:

• Select Disable Selected Verifiers to disable the verifier. To enable the verifier, you can click Enable Selected Verifiers as required.
• Select Delete Selected Verifiers to permanently delete a verifier.

Configuring server farm connectivity verifiers

Connectivity verifiers for server farms are not created using the New Connectivity Verifier Wizard. When you create a server farm, you specify a connection method to be used when checking the connectivity status for the servers in the farm. After creating the server farm, a connectivity verifier is automatically created for the farm and appears on the Connectivity Verifiers tab. You can edit the connection method in the properties for the server farm or from the Connectivity Verifiers tab. You cannot create or delete a connectivity verifier for a server farm directly from the Connectivity Verifiers tab.

Analyzing HTTP GET Responses

When you configure a connectivity verifier method to send an HTTP GET request, the monitored server is expected to return an HTTP response. Depending on the response, Forefront TMG will mark the connectivity verifier status, as detailed in the following table.