FIX: The connection owner for a VPN site-to-site connection is lost when you join an EMS by using an imported configuration in Forefront Threat Management Gateway 2010 Service Pack 1

Article ID: 2591274 - View products that this article applies to.
Expand all | Collapse all

SYMPTOMS

Consider the following scenario in Microsoft Forefront Threat Management Gateway (TMG) 2010 Service Pack 1 (SP1):
  • You configure a site-to-site virtual private network (VPN) connection from a remote TMG site to your corporate TMG network.
  • You join the remote TMG site to the corporate TMG domain and then restart the domain controller.
  • You create a new array on the server that is running Microsoft Enterprise Management Server (EMS) where the remote TMG site is to be joined.
  • You export the remote TMG site that includes the site-to-site VPN connection information.
  • You import the remote TMG site configuration to the new array on the EMS without importing server-specific information.
  • You join the imported remote TMG site to the created and prepared array.

In this scenario, the site-to-site VPN connection does not connect. Additionally, the following error message is logged in the Application event log:
The Forefront TMG computer specified as the connection owner for VPN site-to-site network "name" is not valid. Either the connection owner is not configured in the array, or the specified computer was removed from the array. This network will be disabled.

RESOLUTION

To resolve this problem, install the service pack that is described in the following Microsoft Knowledge Base article:
2555840 Description of Service Pack 2 for Microsoft Forefront Threat Management Gateway 2010

STATUS

Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.

REFERENCES

For more information about how to letbclients on remote networks connect to resources on your corporate network by establishing a site-to-site virtual private network (VPN), visit the following Microsoft TechNet website:
Configuring site-to-site VPN access
For more information about software update terminology, click the following article number to view the article in the Microsoft Knowledge Base:
824684 Description of the standard terminology that is used to describe Microsoft software updates

Properties

Article ID: 2591274 - Last Review: October 31, 2011 - Revision: 2.0
APPLIES TO
  • Microsoft Forefront Threat Management Gateway 2010 Service Pack 1, when used with:
    • Microsoft Forefront Threat Management Gateway 2010 Enterprise
    • Microsoft Forefront Threat Management Gateway 2010 Standard
Keywords: 
kbfix kbbug kbexpertiseinter kbsurveynew KB2591274

Give Feedback

 

Contact us for more help

Contact us for more help
Connect with Answer Desk for expert help.
Get more support from smallbusiness.support.microsoft.com