I'll check on it on Monday - if you remember, do let me know. Thanks,
Kurt On Fri, Apr 6, 2012 at 19:20, John Cook <john.c...@pfsf.org> wrote: > I don't have access to one right now but I would go into the console for the > rules and check through them. You can test them with a query I just don't > remember the details. > John W. Cook > Systems Administrator > Partnership for Strong Families > > ----- Original Message ----- > From: Kurt Buff [mailto:kurt.b...@gmail.com] > Sent: Friday, April 06, 2012 08:54 PM > To: NT System Admin Issues <ntsysadmin@lyris.sunbelt-software.com> > Subject: UAG now not working > > So, DA/UAG worked yesterday, and I brought a laptop home and used it > for a couple of hours last night, but since then I've been testing > DA/UAG at work, one part of which was rebooting the UAG server to see > what would happen, and after rebooting, the UAG server broke. The DCA > utility on the clients shows that DA is broken. > > Oddly enough, though, I can put a laptop outside the network, and ping > internal hosts and get directory listings of my file server and > connect to internal web sites, all of which are Win2k3 machines. So, I > poked around a bunch, and found the following: > > First thing I noticed is that the web site I put up on it for IPHTTPS > was just gone. Not in IIS at all, just gone. I've recreated the web > site, and it keeps disappearing, with and without reboots. It seems to > be time dependent, though I'm not sure of that. > > I looked in the event logs, and find in the System log a set of three > events that seem to be connected with the IPHTTPS web site > disappearing: > > 15300 for HttpEvent saying: > SSL Certificate Settings deleted for Port : 67.xxx.yyy.zzz443 . > and > 15300 for HttpEvent saying: > SSL Certificate Settings deleted for Port : 0.0.0.0:6002 . > and > 15301 for HttpEvent saying: > SSL Certificate Settings created by an admin process for > Port : 0.0.0.0:6002 . > > In the Application log I found a couple of these that probably aren't > related, but might be worth mentinoing - I'm not running an NLB > configuration, it's a single box for this pilot project: > > 23474 for Microsoft Forefront TMG Control saying: > Forefront TMG detected Windows Filtering Platform filters > that may cause policy conflicts on the server G1. The following > providers may define filters that conflict with the Forefront TMG > firewall policy: UAG-DA NLB. > > In the Security log *many* of the following, starting with my DCs > immediately after booting, then other machines: > > 4653 for IPSec Main Mode > Text in this varies by computer. > > I'm guessing that the IPSec failure audits are the root cause, but my > googling is not revealing any magic sauce for me. > > Does the collective oracle have anything for this poor supplicant? > > Kurt > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > CONFIDENTIALITY STATEMENT: The information transmitted, or contained or > attached to or with this Notice is intended only for the person or entity to > which it is addressed and may contain Protected Health Information (PHI), > confidential and/or privileged material. Any review, transmission, > dissemination, or other use of, and taking any action in reliance upon this > information by persons or entities other than the intended recipient without > the express written consent of the sender are prohibited. This information > may be protected by the Health Insurance Portability and Accountability Act > of 1996 (HIPAA), and other Federal and Florida laws. Improper or unauthorized > use or disclosure of this information could result in civil and/or criminal > penalties. > Consider the environment. Please don't print this e-mail unless you really > need to. > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin