Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.

FIX: The connection owner for a VPN site-to-site connection is lost when you join an EMS by using an imported configuration in Forefront Threat Management Gateway 2010 Service Pack 1


View products that this article applies to.

Symptoms

Consider the following scenario in Microsoft Forefront Threat Management Gateway (TMG) 2010 Service Pack 1 (SP1):
  • You configure a site-to-site virtual private network (VPN) connection from a remote TMG site to your corporate TMG network.
  • You join the remote TMG site to the corporate TMG domain and then restart the domain controller.
  • You create a new array on the server that is running Microsoft Enterprise Management Server (EMS) where the remote TMG site is to be joined.
  • You export the remote TMG site that includes the site-to-site VPN connection information.
  • You import the remote TMG site configuration to the new array on the EMS without importing server-specific information.
  • You join the imported remote TMG site to the created and prepared array.

In this scenario, the site-to-site VPN connection does not connect. Additionally, the following error message is logged in the Application event log:
The Forefront TMG computer specified as the connection owner for VPN site-to-site network "name" is not valid. Either the connection owner is not configured in the array, or the specified computer was removed from the array. This network will be disabled.

↑ Back to the top


Resolution

To resolve this problem, install the service pack that is described in the following Microsoft Knowledge Base article:
2555840 Description of Service Pack 2 for Microsoft Forefront Threat Management Gateway 2010

↑ Back to the top


Status

Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.

↑ Back to the top


References

For more information about how to letbclients on remote networks connect to resources on your corporate network by establishing a site-to-site virtual private network (VPN), visit the following Microsoft TechNet website:For more information about software update terminology, click the following article number to view the article in the Microsoft Knowledge Base:
824684 Description of the standard terminology that is used to describe Microsoft software updates

↑ Back to the top


Keywords: kbfix, kbbug, kbexpertiseinter, kbsurveynew, kb

↑ Back to the top

Article Info
Article ID : 2591274
Revision : 1
Created on : 1/7/2017
Published on : 10/31/2011
Exists online : False
Views : 372