Publishing FTP with UAG

Those with a sharp eyesight may have noticed that the FTP template that was available with IAG is not available in UAG. Publishing FTP is not in high demand, but if you need to do it, it is possible using simple tunneling. Here are the steps: 1. Create a new application on your UAG trunk…


The UAG DirectAccess Web Monitor shows “Network Security” as Not Healthy

Symptom: When checking the Current Status of DirectAccess using the Web Monitor, you may find that the report shows “Network Security” as Not Healthy. More Information: When activating the UAG DirectAccess configuration, the internal interface selected in the UAG DirectAccess wizard is configured with IPsec Denial of Service Protection (DoSP or ipsecdos). DoSP helps to…


ClickOnce publishing redux!

A topic of concern for some customers has been publishing ClickOnce applications. ClickOnce is a deployment technology that allows you to create self-updating Windows-based applications that can be installed and run with minimal user interaction. The way ClickOnce applications operate is simple: the user launches a website, and clicks a button or a link. The…


Want to do some customizations?

If so, then I have some great news for you. PACKT publishing just announced my upcoming book – “Mastering Microsoft Forefront UAG 2010 Customization”. I’ve been working on it for a few months with my colleague Rainier Amara from Microsoft in the UK, and we are finishing the last chapter in the next few days….


Cannot connect to SharePoint on Windows Phones

If you try to configure your Windows Phone to connect to a SharePoint server via UAG, as discussed in my blogs (1,2), you might find yourself getting connection errors, like “Can’t connect. We’re having trouble connecting to the server. This typically occurs when the address is incorrect or when you’re not connected to either the…


War of the interfaces

In a recent blog post ( , I discussed a situation where one or more of the virtual interfaces used by DA can go bad, and suggested a procedure to reset them by removing them from the device manager, and installing them. Since then, my good friend Ricardo Polo from Brazil has written a tool…


Problems with UAG activation after enabling SSTP

When trying to configure and enable SSTP on a UAG server or array, you might find that activation is failing. Other related symptoms may include: Error events in the System event logs titled “The Microsoft Forefront TMG Control service terminated with service-specific error %%-2147023175” (event ID 7024) Error events in the System event logs titled…


Trunk cannot be activated due to Invalid External Port address

Users who upgraded their UAG server to Update 1 may receive an error upon activation “Error: Trunk <Trunk name> cannot be activated due to the following: Invalid External Port address. Please choose a different port.” This situation may happen if you are running a UAG array, and the array has a redirect trunk (from HTTP…


RPC port limitation may break UAG and TMG servers

The RPC (Remote Procedure Call) protocol is used by many services and applications, and part of that protocol is known as “dynamic port allocation”. This means that a program that uses RPC will choose a random secondary port above 1024 to be used for the communication (these are also known as “Ephemeral ports”). This rarely…


The Path to SharePoint enlightenment

A common question about SharePoint publishing with UAG comes up in a situation where the organization has multiple areas on a single SharePoint server, and wants to provide different users with access to just the areas that are appropriate for them. For example, suppose that the team from one project should have access only to…