The following adapter and IP address related events are sent to Windows Event Viewer when a Forefront UAG activation is unsuccessful.
10089
UAG DirectAccess is configured to use the internal "%1" IPv6 interface. Traffic to other internal IPv6 interfaces will not be forwarded. Remove the following IPv6 addresses %2 from the "%3" internal network interface.
10091
The adapter configured as external-facing is connected to a domain. This interface cannot be used with UAG DirectAccess.
10092
The selected internal IPv6 address %1 cannot be found on this server.
10093
The selected internal IPv4 address %1 cannot be found on this server.
10094
The selected internet-facing IPv4 address "%1" cannot be found on this server.
10095
The selected internal and external addresses were identified on the same network interface "%1".
10096
The selected internet-facing IPv4 network interface %1 does not support IPv4.
10097
The selected second internet-facing IPv4 address %1 cannot be found on this server.
10099
The UAG DirectAccess server must be configured with two, static, consecutive, public, IPv4 addresses, on the Internet-facing physical interface. Configure the IPv4 addresses, and then try again.
10100
The UAG DirectAccess server requires an IPv6 address on the internal-facing interface. Configure an IPv6 address on the internal-facing interface.
10111
The adapter configured as external-facing is not communicating with the external network. Ensure that the adapter is enabled, and that the network cable is connected.
10118
The selected internet-facing network interface %1 does not support IPv6.
Cause—the Forefront UAG activation, configures the internal interface selected in the Forefront UAG DirectAccess Configuration Wizard with settings such as forwarding enabled and IPsec Denial of Service Protection (DoSP). If more than one internal IPv6 interface is configured, for example if ISATAP was configured in the Forefront UAG DirectAccess Configuration Wizard, and an array node is configured with a native IPv6 address, the Forefront UAG activation does not configure the extra settings on the additional internal IPv6 interfaces and traffic is only forwarded through the internal IPv6 interface specified in the Forefront UAG DirectAccess Configuration Wizard. This is a Warning level event.
Solution— Remove the internal IPv6 interfaces not configured in the Forefront UAG DirectAccess Configuration Wizard so that all internal traffic passes through the specified internal IPv6 interface.
Cause—If the external interface detects that it can reach a domain controller, it sets the Windows Firewall with Advanced Security Profile to "Domain Profile", which disables the IPsec rules required for the DirectAccess server to receive connections from DirectAccess clients (connection security rules, firewall rules, etc). This event may occur when the external-facing interface was previously connected to the domain, but was later reconfigured so that it could no longer access the domain. Warning: Serious problems may occur if you modify the registry incorrectly using the Registry Editor or another method. These problems may require that you reinstall your operating system. Modify the registry at your own risk.
Solution 1— Delete the entries in IntranetAuth that contain the external-facing IP addresses:
Solution 2—Restart the Microsoft Forefront UAG Configuration Manager (ConfigMgrCom) service, and reactivate Forefront UAG.
Cause 1—When Forefront UAG DirectAccess is configured in an array with NLB and NLB did not create the internal IPv6 VIP before the Forefront UAG DirectAccess activation steps take place.
Solution 1—Reactivate Forefront UAG.
Cause 2—When an internal facing IPv6 address is selected and applied in the Forefront UAG DirectAccess Configuration Wizard, and is then changed between applying and activating Forefront UAG.
Solution 2—Ensure that:
10093 - The selected internal IPv4 address %1 cannot be found on this server.
Cause 1—When Forefront UAG DirectAccess is configured in an array with NLB and NLB did not create the internal IPv4 VIP before the Forefront UAG DirectAccess activation steps take place.
Cause 2—When an internal facing IPv4 address is selected and applied in the Forefront UAG DirectAccess Configuration Wizard, and is then changed between applying and activating Forefront UAG.
10094 - The selected Internet-facing IPv4 address "%1" cannot be found on this server.
Cause 1—When Forefront UAG DirectAccess is configured in an array with NLB and NLB did not create the external IPv4 VIPs before the Forefront UAG DirectAccess activation steps take place.
Cause 2—When an Internet-facing IPv4 address is selected and applied in the Forefront UAG DirectAccess Configuration Wizard, and is then changed between applying and activating Forefront UAG.
10095 - The selected internal and external addresses were identified on the same network interface "%1".
Cause—The same the internal and external-facing IPv4 addresses specified in the Forefront UAG DirectAccess Configuration Wizard are configured on the same network interface.
Solution— Ensure that the internal and external IPv4 addresses are configured on the correct network interfaces.
Cause—IPv4 is disabled on the specified Internet-facing network interface of an array node.
Solution— Enable IPv4 on the specified network interface of the array node:
10097 - The selected second internet-facing IPv4 address %1 cannot be found on this server.
Cause—When the second Internet-facing IPv4 address is selected and applied in the Forefront UAG DirectAccess Configuration Wizard, and is then changed between applying and activating Forefront UAG.
Solution—Ensure that:
10099 - The UAG DirectAccess server must be configured with two, static, consecutive, public, IPv4 addresses, on the Internet-facing physical interface. Configure the IPv4 addresses, and then try again.
Cause—When a node is added in an external load balancing scenario, and the node is not configured with two static, consecutive, public Internet-facing DIP addresses.
10100 - The UAG DirectAccess server requires an IPv6 address on the internal-facing interface. Configure an IPv6 address on the internal-facing interface.
Cause—When configuring external load balancing in the Forefront UAG DirectAccess Configuration Wizard, the system validates that the internal facing IPv6 DIP exists on the AMS. When Forefront UAG is activated, if one or more of the nodes is not configured with an internal facing IPv6 DIP the activation fails.
10111 - The adapter configured as external-facing is not communicating with the external network. Ensure that the adapter is enabled, and that the network cable is connected.
Cause—No communication activity can be detected from the external-facing adapter.
Solution—Verify that:
10118 - The selected internet-facing network interface %1 does not support IPv6.
Cause—IPv6 is disabled on the specified Internet-facing network interface of an array node.
Solution— Enable IPv6 on the specified network interface of the array node:
Maheshkumar S Tiwari edited Revision 4. Comment: Added tags