locked
Cannot access direct access clients from local network, but they're able to access local network. RRS feed

  • Question

  • Direct Access (UAG+TMG) on Win2k8R2.

    I can't ping Direct Access clients (Win7), f.e. on 3G, or somehow access them from local network.

    At the same time DA clients are able to access all local network resources & ping them too. DA assistant shows ok.

    Nslookup of DA client name on local machine gives me correct ipv6 2001:... ip.

    I suspect missing some TMG rules as wireshark shows me icmp goes from local machine to DA server, when I try to ping DA client.

    I created a rule in TMG firewall policy:

    allow

    protocols=icmpv6 echo, ping

    from=all networks & localhost+anywhere ipv6

    to=all networks & localhost+anywhere ipv6

    all users

    Is there something I'm missing?

    P.S. I've run the following script & reg file before installation:

    1)

    set o = createobject("fpc.root") 
    set arr = o.Arrays.Item(1) 
    set policy = arr.ArrayPolicy 
    set IPV6Settings = policy.IPv6Settings 
    IPV6Settings.DirectAccessEnabled = vbTrue 
    arr.save 

    2)

    Windows Registry Editor Version 5.00

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RAT\Stingray\Debug\ISACTRL]

    "CTRL_SKIP_DISABLE_IPV6_PROTOCOLS"=dword:00000001

    Best regards,

    Valeriy


    Tuesday, March 6, 2012 3:44 PM

Answers

All replies