Event ID 584 — TS Gateway Server Configuration

Applies To: Windows Server 2008

For remote clients to successfully connect to internal network resources (computers) through a Terminal Services Gateway (TS Gateway) server, the TS Gateway server must be configured correctly. The TS Gateway server must be configured to use an appropriate Secure Sockets Layer (SSL)-compatible X.509 certificate, and authorization policy settings must be configured correctly. Terminal Services connection authorization policies (TS CAPs) specify who can connect to the TS Gateway server. Terminal Services resource authorization policies (TS RAPs) specify the internal network resources that clients can connect to through a TS Gateway server.

Event Details

Product: Windows Operating System
ID: 584
Source: Microsoft-Windows-TerminalServices-Gateway
Version: 6.0
Symbolic Name: AAG_EVENT_RADIUS_SERVER_DELETE_FAILED
Message: The Network Policy Server (NPS) "%1" could not be deleted from the central connection authorization policy. The following error occurred: "%2".

Resolve

Review event log for Network Policy Server events

There is no specific resolution for this issue. Therefore, consider reviewing the Network Policy Server (NPS) event log to locate events that can assist in troubleshooting this issue.

If you have configured local Terminal Services connection authorization policies (TS CAPs), perform the following procedure on the TS Gateway server. If you have configured central TS CAPs, perform the following procedure on the NPS server where the central TS CAPs are stored.

To search the event log to find NPS events:

  1. On the TS Gateway server or the central NPS server, click Start, point to Administrative Tools, and then click Event Viewer.
  2. Navigate to Windows Logs\Application, and then search for events that contain the word NPS. If you find any NPS events, note the event ID and source of the relevant events for further investigation.
  3. Navigate to Windows Logs\System, and then search for events that contain the word NPS. If you find any NPS events, note the event ID and source of the relevant events for further investigation.
  4. While you are still in the Windows Logs\System event log, filter the current log to search for any NPS events. For example, you can select the NPS check box. If any events correspond to the event sources that you have selected, note the event ID and source of the relevant events for further investigation.

Verify

To verify that the TS Gateway server is configured correctly, examine Event Viewer logs and search for the following event messages. These event messages indicate that the Terminal Services Gateway service is running, and that clients are successfully connecting to internal network resources through the TS Gateway server.

To perform this procedure, you do not need to have membership in the local Administrators group. Therefore, as a security best practice, consider performing this task as a user without administrative credentials.

To verify that the TS Gateway server is configured correctly:

  1. On the TS Gateway server, click Start, point to Administrative Tools, and then click Event Viewer.
  2. In the Event Viewer console tree, navigate to Application and Services Logs\Microsoft\Windows\TerminalServices-Gateway, and then search for the following events:
    • Event ID 101, Source TerminalServices-Gateway: This event indicates that the Terminal Services Gateway service is running.
    • Event ID 200, Source TerminalServices-Gateway: This event indicates that the client connected to the TS Gateway server.
    • Event ID 302, Source TerminalServices-Gateway: This event indicates that the client connected to an internal network resource through the TS Gateway server.

TS Gateway Server Configuration

Terminal Services