locked
DNS not working after IPv6 Subnet Change RRS feed

  • Question

  • Hi,

    I had a running Direct Access Installation, Access to IPv6 only resource, Dual Stack Resources and IPv4 only Resources was working.

    I had to change the IPv6 Addresses internally, which also affected the Direct Access server by receiving a new IPv6 Address.

    When I now try to adjust the DNS Server Addresses within the wizard as mentioned from Richard Hicks (https://directaccess.richardhicks.com/2015/09/22/directaccess-dns-not-working-properly/), I still receive the IP Address from the Old configuration, when I click on "Detect". This means that no DNS Resolution can be done anymore from the Direct Access Clients, because those IPs aren't available anymore. I have now changed the DNS Server IPs to my internal DC, which is fine for Services running on IPv6 or Dual Stack, but this configuration will not let Direct Access Clients access to IPv4 Service only. So the DNS Service on the Direct Access Server has to be used.

    Now I tried to check or configure the listener IP Address of the DNS Service of the Direct Access Server, but I don't find any Information about this topic.

    Is there another way to adjust this, than removing Direct Access and installing again?


    Blog Twitter


    Thursday, May 19, 2016 9:40 AM

Answers

All replies

  • Hi,

    That might be because DNS64 service is still binded with the original address with 3333 on your Lan interface of your DirectAccess Gateway. Have a look at IPv6 configuration of the internal network card, you will see an IPv6 address but not on the good address space.


    BenoitS - Simple by Design http://danstoncloud.com/blogs/simplebydesign/default.aspx

    • Proposed as answer by BenoitSMVP Thursday, May 19, 2016 11:27 AM
    • Unproposed as answer by Martin Wüthrich Thursday, May 19, 2016 11:31 AM
    Thursday, May 19, 2016 11:27 AM
  • Hi Benoit,

    thanks for your reply.

    The configuration of the NIC itself is fine within the new IP Range. Within the Wizard (Step 2 -> Remote Access Setup -> Network Adapters), I've got a Edge configuration, on the LAN and WAN Interface, all IPs are shown correctly.


    Blog Twitter

    Thursday, May 19, 2016 11:31 AM
  • Hi,

    I got a similar problem with a DirectAccess system using an external IPv6 DNS Server when the client had to replace his appliance by another one.

    I finally found that, even if you reconfigure the network correctly on the DirectAccess server, the DNS server IPv6 address is not updated in the "DirectAccess Server Settings" GPO.

    Because all DirectAccess settings in this GPO can't be edited using GPMC and the only official way to change this entry was to delete the configuration then recreate the DirectAccess infrastructure, I had to manually edit the registry.pol in the SYSVOL folder using Registry Workshop to reflect the DNS change in DirectAccess.

    Gerald

    Thursday, May 19, 2016 12:38 PM
  • I didn't found a way to change the DNS Listener, I needed to to build up a new Infrastructure.

    Blog Twitter

    Thursday, May 19, 2016 5:34 PM