question

ChrisWY27 avatar image
1 Vote"
ChrisWY27 asked FrancoisDeschenes-8063 commented

remotewebaccess.com Anywhere access broken on Server 2016 Again?

Last year a similar issue occurred and by manually applying the registry edits from these two threads most seemed to resolve their issues:

https://docs.microsoft.com/en-us/answers/questions/319165/remotewebaccesscom-down-again.html?childToView=836766#answer-836766

https://docs.microsoft.com/en-us/answers/questions/318584/are-the-problems-with-remotewebaccesscom-domain-an.html?page=2&pageSize=10&sort=oldest

The problem is as of yesterday (May 3 2022) I am now experiencing the issue again. Re-applying the registry tweaks does not solve the issue either unfortunately. More so, I am not able to un-register my domain through the wizard or change to a new one, I am seeing the same issue as this user on their fresh install: https://docs.microsoft.com/en-us/answers/questions/814489/cloud-services-integration-amp-anywhere-access-not.html?childToView=836816#answer-836816

Looking at my Dashboard.log in the ProgramData\Microsoft\Windows Server\Logs folder I see the below:

[5840] 220504.122339.7059: DomainConfigWizard: Next Page: progressPage
[6024] 220504.122340.0497: DomainManagerObjectModel: InvokeAsync: action resulted in exception: System.ServiceModel.FaultException`1[Microsoft.WindowsServerSolutions.RemoteAccess.Domains.DomainManagerFault]: The creator of this fault did not specify a Reason. (Fault Detail is equal to DomainManagerFault:[Reason:CommunicationFailure, Message:CommitDomain failed, Detail:System.Web.Services.Protocols.SoapException: Live Dynamic DNS has encountered an internal error. This error has been logged. ---> Microsoft.Rest.Azure.CloudException: The access token is from the wrong issuer 'https://sts.windows.net/72f988bf-86f1-41af-91ab-2d7cd011db47/'. It must match the tenant 'https://sts.windows.net/33e01921-4d64-4f8c-a055-5bdaffd5e33d/' associated with this subscription. Please use the authority (URL) 'https://login.windows.net/33e01921-4d64-4f8c-a055-5bdaffd5e33d' to get the token. Note, if the subscription is transferred to another tenant there is no impact to the services, but information about new tenant could take time to propagate (up to an hour). If you just transferred your subscription and see this error message, please try back later.
at Microsoft.WindowsServerSolutions.DDNS.AzureRmDnsServer.GetARecords(String domainName) in E:\WSE-ServicesAndTools\src\ServicesAndTools\DDNS\DDNS\AzureR...).
[6024] 220504.122340.0497: DomainManagerObjectModel: InvokeAsync: handling exception by transferring to eventArgs
[5840] 220504.122340.0653: DomainConfigWizard: Error occurred in Domain Manager Object Model operations: System.ServiceModel.FaultException`1[Microsoft.WindowsServerSolutions.RemoteAccess.Domains.DomainManagerFault]: The creator of this fault did not specify a Reason. (Fault Detail is equal to DomainManagerFault:[Reason:CommunicationFailure, Message:CommitDomain failed, Detail:System.Web.Services.Protocols.SoapException: Live Dynamic DNS has encountered an internal error. This error has been logged. ---> Microsoft.Rest.Azure.CloudException: The access token is from the wrong issuer 'https://sts.windows.net/72f988bf-86f1-41af-91ab-2d7cd011db47/'. It must match the tenant 'https://sts.windows.net/33e01921-4d64-4f8c-a055-5bdaffd5e33d/' associated with this subscription. Please use the authority (URL) 'https://login.windows.net/33e01921-4d64-4f8c-a055-5bdaffd5e33d' to get the token. Note, if the subscription is transferred to another tenant there is no impact to the services, but information about new tenant could take time to propagate (up to an hour). If you just transferred your subscription and see this error message, please try back later.
at Microsoft.WindowsServerSolutions.DDNS.AzureRmDnsServer.GetARecords(String domainName) in E:\WSE-ServicesAndTools\src\ServicesAndTools\DDNS\DDNS\AzureR...).
[5840] 220504.122340.0653: DomainConfigWizard: FailReason from Domain Manager Object Model operations: CommunicationFailure

This gives some insight to the root cause but I am not sure how to go from here to fix this.


windows-server-essentials
· 7
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

We were able to get things working on our local test setups.
Can you please verify your setups and see if the issue went away for you.

Thanks and Regards
Samriddhi

1 Vote 1 ·
ChrisWY27 avatar image ChrisWY27 SamriddhiChaturvedi-1672 ·

Mine just came back online on its own. Thank you for taking care of this!!!

@SamriddhiChaturvedi-1672 I want to ask though. How likely is this issue to return? Will we be good until the 2027 EOL date?

2 Votes 2 ·

No issue is not likely to come back !

Regards
Samriddhi

1 Vote 1 ·
Show more comments

Same here. The kicker is I'm a military member and it's going to be at least 6 weeks before I can physically get in front of the machine.

Hope nothing requires attention between now and then....

0 Votes 0 ·

Hi
We have made some changes and changes and expect the issue to go away.
Can you please verify at your end/setups ?

0 Votes 0 ·
ChrisWY27 avatar image ChrisWY27 SamriddhiChaturvedi-1672 ·

Still seeing the same issue. Made sure all updates were applies and rebooted. I attached my dashboard.log with the sensitive data covered in x's. I had to convert it to a pdf as the forum wasn't allowing me to upload it as a .log or .txt file. The server is still trying to update remotewebaccess using my old ip address not my current public ip.201203-dashboard.pdf


0 Votes 0 ·
dashboard.pdf (53.7 KiB)
SamriddhiChaturvedi-1672 avatar image
2 Votes"
SamriddhiChaturvedi-1672 answered

We were able to get things working on our local test setups.
Can you please verify your setups and see if the issue went away for you.

Thanks and Regards
Samriddhi

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

MichaelWestphal-0301 avatar image
1 Vote"
MichaelWestphal-0301 answered SamriddhiChaturvedi-1672 commented

Hello Chris,

I have the same problems since Monday.
The logs show the same errors.

The Server think I have the same IP- Address since Monday, what is not true.

I hope that this will be fixed by Microsoft soon.

· 2
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

I looked for any updates that could have caused this but didn't see any yet this week happening before the change. Mine too stopped working Monday at like 3am EST.

0 Votes 0 ·

We were able to get things working on our local test setups.
Can you please verify your setups and see if the issue went away for you.

Thanks and Regards
Samriddhi

0 Votes 0 ·
RobC-CTL avatar image
1 Vote"
RobC-CTL answered SamriddhiChaturvedi-1672 commented

I am seeing the same issue after a router reboot changed the external IP address. I am not seeing the same error in my Dashboard.log but I am seeing something odd, the old external IP address is shown

[7788] 220505.095922.2483: ConnectivityCenter: DomainNameProviderCredentials.CredentialsStatus: True
[3512] 220505.095922.2483: ConnectivityCenter: Job finish. Result: Success
[10524] 220505.095922.2483: ConnectivityCenter: Job DomainNameProviderCredentialsDiagnosticsJob complete, 64% done.
[6420] 220505.095922.4824: ConnectivityCenter: DomainServiceReachableInfo.ReachableStatus: True
[11200] 220505.095922.4824: ConnectivityCenter: Job finish. Result: Success
[10524] 220505.095922.4824: ConnectivityCenter: Job DomainServiceReachableDiagnosticsJob complete, 71% done.
[4720] 220505.095922.4980: ConnectivityCenter: DomainNameResolveableInfo.ExternalIP: 86.170.204.53
[9816] 220505.095922.4980: ConnectivityCenter: Job finish. Result: Success
[10524] 220505.095922.4980: ConnectivityCenter: Job DomainNameResolveableDiagnosticsJob complete, 78% done.
[10260] 220505.095922.4980: ConnectivityCenter: DDNSUpdateAttemptionInfo.DDNSUpdateStatus: False
[7456] 220505.095922.4980: ConnectivityCenter: Job finish. Result: Success
[10524] 220505.095922.4980: ConnectivityCenter: Job DDNSUpdateDiagnosticsJob complete, 85% done.
[10016] 220505.095922.4980: ConnectivityCenter: Global event triggered for port: 80.
[8224] 220505.095922.6543: ConnectivityCenter: Service Call Finished on Port: 443
[8224] 220505.095922.6543: ConnectivityCenter: Global event triggered for port: 443.
[10016] 220505.095922.6543: ConnectivityCenter: ConnectivityInfo.HttpsInbound: True
[10016] 220505.095922.6543: ConnectivityCenter: ConnectivityInfo.Inbound: True
[216] 220505.095922.6543: ConnectivityCenter: Job finish. Result: Success
[10524] 220505.095922.6543: ConnectivityCenter: Job InboundConnectivityDiagnosticsJob complete, 92% done.
[7052] 220505.095928.8261: DomainManagerObjectModel: Calling KeepAlive for instanceID=2
[7052] 220505.095928.8261: DomainManagerObjectModel: KeepAlive succeeded for instanceID=2
[7280] 220505.095938.1855: ConnectivityCenter: NdfDiagnoseIncident returns 0x0,
[7280] 220505.095938.1855: ConnectivityCenter: 0 root causes identfied
[7280] 220505.095938.1855: ConnectivityCenter: DoubleNatInfo.DoubleNat: False
[4540] 220505.095938.1855: ConnectivityCenter: Job finish. Result: Success
[10524] 220505.095938.1855: ConnectivityCenter: Job DoubleNatDiagnosticsJob complete, 100% done.
[6164] 220505.095938.2168: ConnectivityCenter: Microsoft.WindowsServerSolutions.Connectivity.Analyzers.FirewallConfigurationAnalyzer analyze completed. 0 suggestions found.
[6164] 220505.095938.2168: ConnectivityCenter: Microsoft.WindowsServerSolutions.Connectivity.Analyzers.InboundConnectivityAnalyzer analyze completed. 0 suggestions found.
[6164] 220505.095938.2168: ConnectivityCenter: Microsoft.WindowsServerSolutions.Connectivity.Analyzers.DoubleNatConfigurationAnalyzer analyze completed. 0 suggestions found.
[6164] 220505.095938.2168: ConnectivityCenter: RemoteAccessAnalyzer: VPN server deployment result: InstallationSucceeded
[6164] 220505.095938.2168: ConnectivityCenter: Microsoft.WindowsServerSolutions.Connectivity.Analyzers.RemoteAccessAnalyzer analyze completed. 0 suggestions found.
[6164] 220505.095938.2168: ConnectivityCenter: Microsoft.WindowsServerSolutions.Connectivity.Analyzers.DomainNameConfigAnalyzer analyze completed. 0 suggestions found.
[6164] 220505.095938.2168: ConnectivityCenter: Microsoft.WindowsServerSolutions.Connectivity.Analyzers.DomainNameExpireAnalyzer analyze completed. 0 suggestions found.
[6164] 220505.095938.2168: ConnectivityCenter: Microsoft.WindowsServerSolutions.Connectivity.Analyzers.DomainNameNearlyExpireAnalyzer analyze completed. 0 suggestions found.
[6164] 220505.095938.2168: ConnectivityCenter: Microsoft.WindowsServerSolutions.Connectivity.Analyzers.DomainNameProviderCredentialsAnalyzer analyze completed. 0 suggestions found.
[6164] 220505.095938.2324: ConnectivityCenter: Microsoft.WindowsServerSolutions.Connectivity.Analyzers.DomainNameResolveableAnalyzer analyze completed. 0 suggestions found.
[6164] 220505.095938.2324: ConnectivityCenter: Microsoft.WindowsServerSolutions.Connectivity.Analyzers.DomainServiceReachableAnalyzer analyze completed. 0 suggestions found.
[6164] 220505.095938.2793: ConnectivityCenter: DDNSUpdateAnalyzer: DDNS update failed, should be manual fixed
[6164] 220505.095938.2793: ConnectivityCenter: Microsoft.WindowsServerSolutions.Connectivity.Analyzers.DDNSUpdateAnalyzer analyze completed. 1 suggestions found.
[6164] 220505.095938.2793: ConnectivityCenter: Microsoft.WindowsServerSolutions.Connectivity.Analyzers.CertificateAnalyzer analyze completed. 0 suggestions found.
[6164] 220505.095938.2793: ConnectivityCenter: Microsoft.WindowsServerSolutions.Connectivity.Analyzers.IisConfigurationAnalyzer analyze completed. 0 suggestions found.
[6164] 220505.095938.2793: ConnectivityCenter: Microsoft.WindowsServerSolutions.Connectivity.Analyzers.TsGatewayConfigurationAnalyzer analyze completed. 0 suggestions found.
[6164] 220505.095938.2793: ConnectivityCenter: Current SQM Data is 2064383.
[10524] 220505.095938.2793: ConnectivityCenter: Diagnositcs completed. Status: Success
[10524] 220505.095938.2949: ConnectivityCenter: Suggestion: An error occurred while updating the dynamic DNS information for your server with the information that you gave your domain name service provider. Please try again later. If this problem continues, contact your domain name service provider for support.
[10524] 220505.095938.2949: ConnectivityCenter: Overall status: Error
[10524] 220505.095938.2949: ConnectivityCenter: Properties updated.


I have updated .Net to 4.8 just in case there is something odd there but I can't test that until I restart the server which will be later this evening

· 4
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Same issue here. Service when down after a router reboot and public IP address change.
If I ping my old domain (domain).remotewebaccess.com it returns the OLD public address I had before.

Very strange.

1 Vote 1 ·

So the .Net update didn't have any effect, I suspected it wouldn't but it was worth a shot.

1 Vote 1 ·

The dashboard log might only happen if you try to repair or alter the anywhere access domain name through the wizard.

Where did you find the other log? I'll check mine.

0 Votes 0 ·

We were able to get things working on our local test setups.
Can you please verify your setups and see if the issue went away for you.

Thanks and Regards
Samriddhi

0 Votes 0 ·
DannyAndonoff-9272 avatar image
1 Vote"
DannyAndonoff-9272 answered

Rebooting the server doesn't fix it.
I have 2 sites with this problem.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

ChrisWY27 avatar image
0 Votes"
ChrisWY27 answered SamriddhiChaturvedi-1672 commented

I did a fresh install of Server 2016 in a VM to test and even an out of the box non-updated version has the same issue so I don't think this has to do with a recent update, it seems some endpoint the feature depends on has changed.

· 3
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

We were able to get things working on our local test setups.
Can you please verify your setups and see if the issue went away for you.

Thanks and Regards
Samriddhi

0 Votes 0 ·
DanHansen-3915 avatar image DanHansen-3915 SamriddhiChaturvedi-1672 ·

Hooray, working again here! Thank you so much, greatly appreciated. Windows Server 2012 R2 Standard with Essentials Role. :)

0 Votes 0 ·

We were able to get things working on our local test setups.
Can you please verify your setups and see if the issue went away for you.

Thanks and Regards
Samriddhi

0 Votes 0 ·
ThomasAngermund-0398 avatar image
1 Vote"
ThomasAngermund-0398 answered JoshK-5485 commented

Same here in Germany. But 2 servers are ok (2012R2 Essentials) and another has the problems described. All Updates installed on all servers

· 10
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

same here in Bermuda, started this morning when one of my isp's went down. I have tried everything

1 Vote 1 ·

Perhaps you can nudge this guy to come up with a new fix like they did last year haha

https://sbsland.me/category/computers-and-internet/troubleshooting/

0 Votes 0 ·

i sent him a massage.

2 Votes 2 ·

Any update on this? I cant repair or release the domain. This is going to be a nightmare for me.

0 Votes 0 ·

what i did: I switch to dyndns and a free certifcate. This helps for a moment.

1 Vote 1 ·
JoshK-5485 avatar image JoshK-5485 ThomasAngermund-0398 ·

This is what I ended up doing as well. Hopefully it can be fixed, and I can switch back.

0 Votes 0 ·
Show more comments
ChrisWY27 avatar image ChrisWY27 KevinBowles-1568 ·

Isn't it great when you spend lots of money on an enterprise level product to provision for a customer buying in that the product will at least function until the end of life date only for the company to leave you hanging in the wind half way though it's total shelf life?

0 Votes 0 ·
GergelySzabo-2516 avatar image
1 Vote"
GergelySzabo-2516 answered

Same here in Budapest, Hungary. The regedit workaround did not help, still old IP is shown.
I added the dinamic IP to the host file of the endpoint client and that helped but this is not a solution, as every time IP changes, I need to edit host file on the endpoints.
Let me know if there is a solution.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

ThomasAngermund-0398 avatar image
1 Vote"
ThomasAngermund-0398 answered

Check your Router. My Router/Modem is able to handle DynDNS.
You need an certificate and set all informations / certificate in the dashboard where you connect also to microsoft.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

KevinBowles-1568 avatar image
1 Vote"
KevinBowles-1568 answered

Still not working here at multiple sites. setup a ddns and client software but that gives me a different url which means i would need to reprogram 50 remote clients that have the remotewebaccess.com address coded into their software... not cool.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

ChrisWY27 avatar image
0 Votes"
ChrisWY27 answered
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.