none
DirectAccess on Server 2012, IPHTTPS randomly goes unhealthy RRS feed

  • Question

  • Hi!

    We have DirectAccess on Server 2012 and are getting the following
    error in the Event Log (Event ID 10038) several times a day:

    IPHTTPS monitor has gone from HEALTHY state to UNHEALTHY state on 2013-08-30 at 06:57 on SERVER. The failure heuristic IDs for state change of IPHTTPS are 80080004.

    The monitor goes healthy again by itself and the time is goes from unhealthy
    to healthy is always around four minutes.

    The error occurs randomly.

    Tuesday, September 10, 2013 6:46 AM

Answers

  • Nice to hear that you solved it!

    I changed the NIC on our server last week and haven't got any
    errors since then.
    Good to know is when I changed the NIC the DA configuration stopped working.
    Had to remove the configuration then running the configuration wizard again
    to set it up. All DirectAccess clients also stopped working and we had to apply
    the new policy to get DirectAccess to work on them again.

    On some clients we even we got problems that they couldn't reach internal
    resources when they were on our internal network. To solve that we had to remove
    the following registry key and then reboot the PC to get the new DA policy:

    HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\DNSClient

    • Marked as answer by Onners Monday, May 12, 2014 10:24 AM
    Monday, May 12, 2014 10:23 AM

All replies

  • Hi Onners

    run this command in PowerShell on the server:

    Get-NetIPHttpsConfiguration

    what is the AuthMode?


    Tamir Levy

    Monday, January 27, 2014 4:58 PM
  • Hi!

    The output for AuthMode is empty.

    Tuesday, January 28, 2014 9:55 AM
  • Hi guys

    any luck on this issue?

    we're having the same behavior here without any solution :/


    Tamir Levy

    Sunday, April 27, 2014 3:03 PM
  • In our case I think it has to do with a issue with Server 2012 and VmWare.

    Apparently if you use the NIC E1000 with Server 2012 it can cause random network drops,
    I got recommended to use VMXNET 3 instead.

    I haven´t tried to change the NIC because i'm afraid that it wrecks
    the DirectAccess configuration.

    Will post on the forum if someone knows if it is safe to do a NIC switch and if it is
    I will try that.

    Monday, April 28, 2014 9:48 AM
  • Thank for the info and your fast answer man. nice to know

    we also use a virtual server for the DirectAccess server, though it is with Hyper-V and not with VMWare.

    in our case, after some investigations we noticed that when the problem happens IPv4 is unchecked under the External network adapter (we have 2 NIC topology)

    after we check the IPv4 - everything works fine!

    we still haven't found what is the reason why the option is unchecked randomly, but at least we know how to fix it

    cheers!

    Monday, April 28, 2014 2:12 PM
  • Nice to hear that you solved it!

    I changed the NIC on our server last week and haven't got any
    errors since then.
    Good to know is when I changed the NIC the DA configuration stopped working.
    Had to remove the configuration then running the configuration wizard again
    to set it up. All DirectAccess clients also stopped working and we had to apply
    the new policy to get DirectAccess to work on them again.

    On some clients we even we got problems that they couldn't reach internal
    resources when they were on our internal network. To solve that we had to remove
    the following registry key and then reboot the PC to get the new DA policy:

    HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\DNSClient

    • Marked as answer by Onners Monday, May 12, 2014 10:24 AM
    Monday, May 12, 2014 10:23 AM