External users cannot connect to RDS that are published on a Windows Server 2008 R2-based RD Gateway server through Forefront UAG

A new hotfix was released today regarding running Remote Desktop Services (RDS) on a Remote Desktop Gateway (RD Gateway) server that is running Windows Server 2008 R2 through Forefront Unified Access Gateway (UAG) in a network environment.

Article ID: 2649422 - Last Review: January 11, 2012 - Revision: 1.0
External users cannot connect to RDS that are published on a Windows Server 2008 R2-based RD Gateway server through Forefront UAG

Remote Desktop Services (RDS) are published on a Remote Desktop Gateway (RD Gateway) server that is running Windows Server 2008 R2 through Forefront Unified Access Gateway (UAG) in a network environment. Sometimes, external users cannot connect to the published RDS, and they receive the following error message:

Additionally, an event that resembles the following is logged on the RD Gateway server:

Event ID: 203
Source: Microsoft-Windows-TerminalServices-Gateway
Symbolic Name: AAG_EVENT_MAX_CONNECTIONS_REACHED
Message: The number of simultaneous connections to the RD Gateway server has reached the maximum number that was configured by the administrator. The server is therefore not accepting any new connections. The connection attempt by user "%1" on client computer "%2", using the authentication method "%3" has been denied. For information about how to modify the maximum connection limit, see the "Specify the Maximum Number of Allowable Connections for RD Gateway" topic in the RD Gateway Help.

Cause:This issue occurs because user connections are not closed correctly. Therefore, some Forefront Network (Edge) tunnels are leaked. When the number of concurrent connections to the RD Gateway server has reached the maximum number, all new connection requests are denied. 

Source and hotfix: http://support.microsoft.com/kb/2649422/en-us?sd=rss&spid=14134