Symptoms
When Microsoft Forefront Unified Access Gateway 2010 clients use Remote Network Access to access the internal network by using Secure Sockets Tunneling Protocol (SSTP), clients may see the VPN connection disconnect immediately. When this occurs, clients see the following message displayed at the notification area icon:
Forefront UAG Remote Network Access Connection ended.This message occurs immediately after the connection is established. The connection may consistently fail for specific users.
Cause
The SSTP connection may disconnect immediately if the Default domain name that is specified on the Unified Access Gateway repository contains a fully qualified domain name (FQDN) that is longer than 15 characters.
Resolution
This problem is fixed in Rollup 1 for Forefront Unified Access Gateway 2010 Service Pack 4.
Workaround
To work around this problem, change the Default domain name on the Unified Access Gateway repository to use the NetBIOS name of the domain. To do this, follow these steps:
-
Open the Forefront Unified Access Gateway Management, click Admin, and then click Authentication and Authorization Servers.
-
Select the correct repository, and then click Edit.
-
Change the Default domain name to use the NetBIOS name of the domain, click OK, and then click Close.
-
Click Activate configuration, and then wait for the changes to be applied.
Status
Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.
References
Learn about the terminology that Microsoft uses to describe software updates.