FIX: The VPN connection disconnects immediately when a Unified Access Gateway 2010 client uses SSTP

Applies to: Forefront Unified Access Gateway 2010

Symptoms


When Microsoft Forefront Unified Access Gateway 2010 clients use Remote Network Access to access the internal network by using Secure Sockets Tunneling Protocol (SSTP), clients may see the VPN connection disconnect immediately. When this occurs, clients see the following message displayed at the notification area icon:

Forefront UAG Remote Network Access Connection ended.
This message occurs immediately after the connection is established. The connection may consistently fail for specific users.

Cause


The SSTP connection may disconnect immediately if the Default domain name that is specified on the Unified Access Gateway repository contains a fully qualified domain name (FQDN) that is longer than 15 characters.

Resolution


This problem is fixed in Rollup 1 for Forefront Unified Access Gateway 2010 Service Pack 4.

Workaround


To work around this problem, change the Default domain name on the Unified Access Gateway repository to use the NetBIOS name of the domain. To do this, follow these steps:
  1. Open the Forefront Unified Access Gateway Management, click Admin, and then click Authentication and Authorization Servers.
  2. Select the correct repository, and then click Edit.
  3. Change the Default domain name to use the NetBIOS name of the domain, click OK, and then click Close.
  4. Click Activate configuration, and then wait for the changes to be applied.

Status


Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.

References


Learn about the terminology that Microsoft uses to describe software updates.