When Microsoft Forefront Unified Access Gateway 2010 clients use Remote Network Access to access the internal network by using Secure Sockets Tunneling Protocol (SSTP), clients may see the VPN connection disconnect immediately. When this occurs, clients see the following message displayed at the notification area icon:

Forefront UAG Remote Network Access Connection ended.This message occurs immediately after the connection is established. The connection may consistently fail for specific users.


The SSTP connection may disconnect immediately if the Default domain name that is specified on the Unified Access Gateway repository contains a fully qualified domain name (FQDN) that is longer than 15 characters.


This problem is fixed in Rollup 1 for Forefront Unified Access Gateway 2010 Service Pack 4.


To work around this problem, change the Default domain name on the Unified Access Gateway repository to use the NetBIOS name of the domain. To do this, follow these steps:

  1. Open the Forefront Unified Access Gateway Management, click Admin, and then click Authentication and Authorization Servers.

  2. Select the correct repository, and then click Edit.

  3. Change the Default domain name to use the NetBIOS name of the domain, click OK, and then click Close.

  4. Click Activate configuration, and then wait for the changes to be applied.


Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.


Learn about the terminology that Microsoft uses to describe software updates.

Need more help?

Expand your skills
Explore Training
Get new features first
Join Microsoft Insiders

Was this information helpful?

What affected your experience?

Thank you for your feedback!