Overview:

When connecting via SSTP (Network Connector) in UAG and requesting a machine certificate for Direct Access, you get the error message RPC Unavialable.

Cause:

The issue is that caused by the the TMG Rule that enforces strict RPC compliance, which breakes DCOM.

How to Fix:

1. Open Forefront TMG on the UAG Server.
2. Select Firewall Policy in the TMG Console.
3. Right click on PublishingRule::IpVPNAccessRule and select Configure RPC Protocol.
4. Unselect Enfoce strict RPC compliance.
5. Save and Activate the TMG configuration.

The Bad News?

Everytime you activate your UAG configuration, you will need to reapply this change.  :(

Author:

Kevin Saye, Security Technical Specialist -- Microsoft