UAG now not working

Fri, 06 Apr 2012 17:54:33 -0700 

So, DA/UAG worked yesterday, and I brought a laptop home and used it
for a couple of hours last night, but since then I've been testing
DA/UAG at work, one part of which was rebooting the UAG server to see
what would happen, and after rebooting, the UAG server broke. The DCA
utility on the clients shows that DA is broken.

Oddly enough, though, I can put a laptop outside the network, and ping
internal hosts and get directory listings of my file server and
connect to internal web sites, all of which are Win2k3 machines. So, I
poked around a bunch, and found the following:

First thing I noticed is that the web site I put up on it for IPHTTPS
was just gone. Not in IIS at all, just gone. I've recreated the web
site, and it keeps disappearing, with and without reboots. It seems to
be time dependent, though I'm not sure of that.

I looked in the event logs, and find in the System log a set of three
events that seem to be connected with the IPHTTPS web site
disappearing:

      15300 for HttpEvent saying:
          SSL Certificate Settings deleted for Port : 67.xxx.yyy.zzz443 .
and
     15300 for HttpEvent saying:
          SSL Certificate Settings deleted for Port : 0.0.0.0:6002 .
and
     15301 for HttpEvent saying:
          SSL Certificate Settings created by an admin process for
Port : 0.0.0.0:6002 .

In the Application log I found a couple of these that probably aren't
related, but might be worth mentinoing - I'm not running an NLB
configuration, it's a single box for this pilot project:

     23474 for Microsoft Forefront TMG Control saying:
          Forefront TMG detected Windows Filtering Platform filters
that may cause policy conflicts on the server G1. The following
providers may define filters that conflict with the Forefront TMG
firewall policy: UAG-DA NLB.

In the Security log *many* of the following, starting with my DCs
immediately after booting, then other machines:

     4653 for IPSec Main Mode
          Text in this varies by computer.

I'm guessing that the IPSec failure audits are the root cause, but my
googling is not revealing any magic sauce for me.

Does the collective oracle have anything for this poor supplicant?

Kurt

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Reply via email to