Merge pull request #249245 from cherylmc/packet-capture2

freshness updates

Author: v-shils

articles/vpn-gateway/media/packet-capture/generate-sas.png

@@ -5,7 +5,7 @@ description: Learn about packet capture functionality that you can use on VPN ga
 author: cherylmc
 ms.service: vpn-gateway
 ms.topic: how-to
-ms.date: 01/31/2022
+ms.date: 08/24/2023
 ms.author: cherylmc
 ---
 
@@ -15,9 +15,9 @@ Connectivity and performance-related problems are often complex. It can take sig
 
 There are some commonly available packet capture tools. Getting relevant packet captures with these tools can be cumbersome, especially in high-volume traffic scenarios. The filtering capabilities provided by Azure VPN Gateway packet capture are a major differentiator. You can use VPN Gateway packet capture together with commonly available packet capture tools.
 
-## VPN Gateway packet capture filtering capabilities
+## About packet capture for VPN Gateway
 
-You can run VPN Gateway packet capture on the gateway or on a specific connection, depending on your needs. You can also run packet capture on multiple tunnels at the same time. You can capture one-way or bi-directional traffic, IKE and ESP traffic, and inner packets along with filtering on a VPN gateway.
+You can run VPN Gateway packet capture on the gateway, or on a specific connection, depending on your needs. You can also run packet capture on multiple tunnels at the same time. You can capture one-way or bi-directional traffic, IKE and ESP traffic, and inner packets along with filtering on a VPN gateway.
 
 It's helpful to use a five-tuple filter (source subnet, destination subnet, source port, destination port, protocol) and TCP flags (SYN, ACK, FIN, URG, PSH, RST) when you're isolating problems in high-volume traffic.
 
@@ -32,7 +32,8 @@ The following examples of JSON and a JSON schema provide explanations of each pr
 > [!NOTE]  
 > Set the **CaptureSingleDirectionTrafficOnly** option to **false** if you want to capture both inner and outer packets.
 
-### Example JSON
+**Example JSON**
+
 ```JSON-interactive
 {
   "TracingFlags": 11,
@@ -61,7 +62,9 @@ The following examples of JSON and a JSON schema provide explanations of each pr
   ]
 }
 ```
-### JSON schema
+
+**JSON schema**
+
 ```JSON-interactive
 {
     "type": "object",
@@ -316,40 +319,60 @@ The following examples of JSON and a JSON schema provide explanations of each pr
 }
 ```
 
-## Start packet capture - portal
+### Key considerations
+
+- Running packet capture can affect performance. Remember to stop the packet capture when you don't need it.
+- Suggested minimum packet capture duration is 600 seconds. Because of sync issues among multiple components on the path, shorter packet captures might not provide complete data.
+- Packet capture data files are generated in PCAP format. Use Wireshark or other commonly available applications to open PCAP files.
+- Packet captures aren't supported on policy-based gateways.
+- The maximum filesize of packet capture data files is 500 MB.
+- If the `SASurl` parameter isn't configured correctly, the trace might fail with Storage errors. For examples of how to correctly generate an `SASurl` parameter, see [Stop-AzVirtualNetworkGatewayPacketCapture](/powershell/module/az.network/stop-azvirtualnetworkgatewaypacketcapture).
+- If you're configuring a User Delegated SAS, make sure the user account is granted proper RBAC permissions on the storage account such as Storage Blob Data Owner.
+
+## Packet capture - portal
 
-You can set up packet capture in the Azure portal by navigating to the VPN Gateway Packet Capture blade in the Azure portal and clicking the **Start Packet Capture button**
+This section helps you start and stop a packet capture using the Azure portal.
 
-> [!NOTE]  
-> Do not select the **Capture Single Direction Traffic Only** option if you want to capture both inner and outer packets.
+### Start packet capture - portal
+
+You can set up packet capture in the Azure portal.
 
-:::image type="content" source="./media/packet-capture/portal.jpg" alt-text="Screenshot of start packet capture in the portal." lightbox="./media/packet-capture/portal.jpg":::
+1. Go to your VPN gateway in the Azure portal.
+1. On the left, select **VPN Gateway Packet Capture** to open the VPN Gateway Packet Capture page.
+1. Select **Start Packet Capture**.
 
-## Stop packet capture - portal
+   :::image type="content" source="./media/packet-capture/packet-capture-portal.png" alt-text="Screenshot of start packet capture in the portal." lightbox="./media/packet-capture/packet-capture-portal.png":::
 
-A valid SAS (or Shared Access Signature) Uri with read/write access is required to complete a packet capture. When a packet capture is stopped, the output of the packet capture is written to the container that is referenced by the SAS Uri. To get the SAS Uri, navigate to the required storage account and generate a SAS token and URL with the correct permissions.
+1. On the **Start Packet Capture** page, make any necessary adjustments. Don't select the "Capture Single Direction Traffic Only" option if you want to capture both inner and outer packets. 
+1. Once you've configured the settings, click **Start Packet Capture**.
 
-:::image type="content" source="./media/packet-capture/sastoken.jpg" alt-text="Screenshot of SAS Uri Token." lightbox="./media/packet-capture/sastoken.jpg":::
+### Stop packet capture - portal
 
-* Copy the Blob SAS URL as it will be needed in the next step.
+To complete a packet capture, you need to provide a valid SAS (or Shared Access Signature) URL with read/write access. When a packet capture is stopped, the output of the packet capture is written to the container that is referenced by the SAS URL.
 
-* Navigate to the VPN Gateway Packet Capture blade in the Azure portal and clicking the **Stop Packet Capture** button
+1. To get the SAS URL, go to the storage account.
+1. Go to the container you want to use and right-click to show the dropdown list. Select **Generate SAS** to open the Generate SAS page.
+1. On the Generate SAS page, configure your settings. Make sure that you have granted read and write access.
+1. Click **Generate SAS token and URL**.
+1. The SAS token and SAS URL is generated and appears below the button immediately. Copy the Blob SAS URL.
 
-* Paste the SAS URL (from the previous step) in the **Output Sas Uri** text box and click **Stop Packet Capture**.
+   :::image type="content" source="./media/packet-capture/generate-sas.png" alt-text="Screenshot of generate SAS token." lightbox="./media/packet-capture/generate-sas.png":::
 
-:::image type="content" source="./media/packet-capture/stopcapture.jpg" alt-text="Screenshot of stop packet capture in the portal." lightbox="./media/packet-capture/stopcapture.jpg":::
+1. Go back to the VPN Gateway Packet Capture page in the Azure portal and click the **Stop Packet Capture** button.
 
-* The packet capture (pcap) file will be stored in the specified account
+1. Paste the SAS URL (from the previous step) in the **Output Sas Url** text box and click **Stop Packet Capture**.
+
+1. The packet capture (pcap) file will be stored in the specified account.
 
 ## Packet capture - PowerShell
 
 The following examples show PowerShell commands that start and stop packet captures. For more information on parameter options, see [Start-AzVirtualnetworkGatewayPacketCapture](/powershell/module/az.network/start-azvirtualnetworkgatewaypacketcapture).
 
->
-### Prerequisite
+**Prerequisites**
+
+* Packet capture data needs to be logged into a storage account on your subscription. See [create storage account](../storage/common/storage-account-create.md).
 
-* Packet capture data will need to be logged into a storage account on your subscription. See [create storage account](../storage/common/storage-account-create.md).
-* To stop the packet capture, you will need to generate the `SASUrl` for your storage account. See [create a user delegation SAS](../storage/blobs/storage-blob-user-delegation-sas-create-powershell.md).
+* To stop the packet capture, you'll need to generate the `SASUrl` for your storage account. See [create a user delegation SAS](../storage/blobs/storage-blob-user-delegation-sas-create-powershell.md).
 
 ### Start packet capture for a VPN gateway
 
@@ -383,18 +406,6 @@ Stop-AzVirtualNetworkGatewayConnectionPacketCapture -ResourceGroupName "YourReso
 
 For more information on parameter options, see [Stop-AzVirtualNetworkGatewayConnectionPacketCapture](/powershell/module/az.network/stop-azvirtualnetworkgatewayconnectionpacketcapture).
 
-## Key considerations
-
-- Running packet capture can affect performance. Remember to stop the packet capture when you don't need it.
-- Suggested minimum packet capture duration is 600 seconds. Because of sync issues among multiple components on the path, shorter packet captures might not provide complete data.
-- Packet capture data files are generated in PCAP format. Use Wireshark or other commonly available applications to open PCAP files.
-- Packet captures aren't supported on policy-based gateways.
-- The maximum filesize of packet capture data files is 500MB.
-- If the `SASurl` parameter isn't configured correctly, the trace might fail with Storage errors. For examples of how to correctly generate an `SASurl` parameter, see [Stop-AzVirtualNetworkGatewayPacketCapture](/powershell/module/az.network/stop-azvirtualnetworkgatewaypacketcapture).
-- If you are configuring a User Delegated SAS, make sure the user account is granted proper RBAC permissions on the storage account such as Storage Blob Data Owner.
-
-
-
 ## Next steps
 
-For more information about VPN Gateway, see [What is VPN Gateway?](vpn-gateway-about-vpngateways.md).
+For more information about VPN Gateway, see [What is VPN Gateway?](vpn-gateway-about-vpngateways.md)