GitHub Repository: https://github.com/imabdk/Microsoft-Tunnel-Gateway

What it checks:

1. Service and container status (mst-cli health + Docker/Podman container validation)
2. Configuration files and sync status from logs
3. Certificate expiration (warns if under 30 days)
4. Recent errors in logs (last 30 minutes of mstunnel-agent, mstunnel_monitor, ocserv)
5. Server configuration (routes, DNS, ports from admin-settings.json)
6. Listening ports

Read more…

Automate Your Prerequisites

If you’re deploying multiple tunnel servers or rebuilding environments, save yourself the hassle and automate it. I’ve created shell scripts to handle all the prerequisites and configuration steps.

Available Scripts

GitHub Repository: https://github.com/imabdk/Microsoft-Tunnel-Gateway

• setup-prerequisites-ubuntu.sh – System prerequisites and package installation (Docker, kernel modules, jq)
• setup-auditing-ubuntu.sh – Configure audit logging for security compliance
• setup-firewall-ubuntu.sh – Firewall configuration and rules setup

Read more…

Expand Your Readiness Checks

The official readiness script is a good start, but it has a blind spot in regards to checking for outbound connectivity: redirect chains. When an endpoint redirects to another domain that’s blocked, the script just throws “Error: not expected” without telling you what’s actually being blocked.

That’s why I built a custom diagnostic tool – to trace those redirect chains and tell you exactly which domain is causing the problem.

Read more…

• Always run mst-readiness.sh before installation
• Validates OS, network, firewall, and system requirements
• Saves you from troubleshooting issues that could’ve been caught upfront
• Download from directly from Microsoft: https://aka.ms/microsofttunnelready

Read more…