I'm not finding what you're referring to. I'm going to go home for the evening, and come at this with fresh eyes in the morning.
My inclination is to start over, and redo the server from scratch, but I'd like to see if I can figure this out. Kurt On Fri, Apr 6, 2012 at 19:20, John Cook <[email protected]> wrote: > I don't have access to one right now but I would go into the console for the > rules and check through them. You can test them with a query I just don't > remember the details. > John W. Cook > Systems Administrator > Partnership for Strong Families > > ----- Original Message ----- > From: Kurt Buff [mailto:[email protected]] > Sent: Friday, April 06, 2012 08:54 PM > To: NT System Admin Issues <[email protected]> > Subject: UAG now not working > > So, DA/UAG worked yesterday, and I brought a laptop home and used it > for a couple of hours last night, but since then I've been testing > DA/UAG at work, one part of which was rebooting the UAG server to see > what would happen, and after rebooting, the UAG server broke. The DCA > utility on the clients shows that DA is broken. > > Oddly enough, though, I can put a laptop outside the network, and ping > internal hosts and get directory listings of my file server and > connect to internal web sites, all of which are Win2k3 machines. So, I > poked around a bunch, and found the following: > > First thing I noticed is that the web site I put up on it for IPHTTPS > was just gone. Not in IIS at all, just gone. I've recreated the web > site, and it keeps disappearing, with and without reboots. It seems to > be time dependent, though I'm not sure of that. > > I looked in the event logs, and find in the System log a set of three > events that seem to be connected with the IPHTTPS web site > disappearing: > > 15300 for HttpEvent saying: > SSL Certificate Settings deleted for Port : 67.xxx.yyy.zzz443 . > and > 15300 for HttpEvent saying: > SSL Certificate Settings deleted for Port : 0.0.0.0:6002 . > and > 15301 for HttpEvent saying: > SSL Certificate Settings created by an admin process for > Port : 0.0.0.0:6002 . > > In the Application log I found a couple of these that probably aren't > related, but might be worth mentinoing - I'm not running an NLB > configuration, it's a single box for this pilot project: > > 23474 for Microsoft Forefront TMG Control saying: > Forefront TMG detected Windows Filtering Platform filters > that may cause policy conflicts on the server G1. The following > providers may define filters that conflict with the Forefront TMG > firewall policy: UAG-DA NLB. > > In the Security log *many* of the following, starting with my DCs > immediately after booting, then other machines: > > 4653 for IPSec Main Mode > Text in this varies by computer. > > I'm guessing that the IPSec failure audits are the root cause, but my > googling is not revealing any magic sauce for me. > > Does the collective oracle have anything for this poor supplicant? > > Kurt > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin > > CONFIDENTIALITY STATEMENT: The information transmitted, or contained or > attached to or with this Notice is intended only for the person or entity to > which it is addressed and may contain Protected Health Information (PHI), > confidential and/or privileged material. Any review, transmission, > dissemination, or other use of, and taking any action in reliance upon this > information by persons or entities other than the intended recipient without > the express written consent of the sender are prohibited. This information > may be protected by the Health Insurance Portability and Accountability Act > of 1996 (HIPAA), and other Federal and Florida laws. Improper or unauthorized > use or disclosure of this information could result in civil and/or criminal > penalties. > Consider the environment. Please don't print this e-mail unless you really > need to. > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
