This error could appear upon re-launching the UAG console after having finished the Getting Started Wizard and having closed the console. This error actually means that the server is unable to communicate with its Domain Controller, probably because of incorrect network settings. If, for example, the "internal network" IP ranges were defined during the first stage of the Getting Started Wizard, but the Domain Controller's IP belongs to another range, then TMG will not allow network traffic to it. This is a security mechanism, as any IP outside the range that is defined as "internal" is considered to be "external", and thus tightly controlled. By default, TMG will initially block access to the external network. To resolve this, launch the TMG console and go to the Network tab. Switch to Networks and inspect IP ranges defined there. If the Domain Controller is on a subnet that does not belong to any of the ranges specified, change it, and click Apply.

This service is supposed to be started automatically, so if it is failing to do so or stopping on its own, this would be highly unusual. It would be a good idea, in general, to observe the services after the installation has completed, and seeing if any that have been configured to start automatically have not started. Some services may stop without it being a problem. For example, it is perfectly normal for the UAG Watchdog service to be stopped, even though it's set to start automatically. If a service is stopped, the reason will typically be listed in the system's event log, which you can view using the Event Viewer in Administrative tools. You can also view a service's dependencies, to see if it stops because of another service. A common cause for service issues is when a domain group policy enforces some configuration for the service that causes a problem. For example, many organizations have a policy to prevent the RRAS service from starting, which could cause many problems with UAG and TMG. Another cause for service issues may be an unsupported platform, such as certain versions of VM software. If there are no apparent causes for the service issue, you may need to contact Microsoft support.

In that case, the server may be able to send data to the backend network (and its Domain Controller), but data may not be able to return. To resolve this, perform basic network analysis, possibly using a network diagram or a network troubleshooting tool to verify that traffic can go back-and-forth on all the appropriate TCP/IP ports.

This could also occur if the computer itself has some system folders named using Double-Byte characters. If you suspect this to be the problem, simply try to reinstall, specifying a folder on your drive that does not include a double-byte character and is not part of a system folder that has a double byte character.

This issue may occur because of a failure to install or to configure the SQL Server software, which is normally part of the TMG installation. Such a failure could happen on a machine that had SQL installed and then removed in a way that left some leftovers behind. We have seen such issues mainly in cases where a server had a pre-release version of UAG or TMG installed on it, and then removed. Essentially, if you are able to perform a complete removal of UAG and all other components, including SQL Server 2008, this should allow a re-install to succeed, but it might also land the machine in a state that's virtually unrecoverable. In other words, if you have stumbled into this error, your time would usually be best invested in formatting the server and re-installing everything from scratch. That's another one of those situations where a Virtual Machine snapshot can become very time-saving.