locked
Connection IP or DNS RRS feed

  • Question

  • <p>Hi there</p><p>I have a uncommon question. I am using direct access with split tunnel (some DNS requests do I send into the tunnel and the rest to the internet) Now I have a application which I think it is communicating via IP address of course this is not working via da connection. The developer tells me it does DNS but I doubt that. How can I check if the application uses DNS or IP address?&nbsp;</p><p>Is this just possible via application code?&nbsp;</p><p>Thanks for any idea.&nbsp;</p><p><br /></p>
    Monday, September 18, 2017 8:06 PM

All replies

  • I work very often with applications that don't like to connect over DirectAccess, and I have found the most helpful tool to be Resource Monitor that is built into Windows. If you open Resource Monitor and then head over to the Network tab, simply choose the process for the application that you are having trouble with and then drop down the "TCP Connections" section of the screen. This will show you what network resources the application is trying to contact. If you are connected via DirectAccess you should see it contacting IPv6 addresses on this screen. If you see internal IPv4 addresses listed in the Remote Address field, then you know the application is calling for that IP address specifically.

    Even if/when you get the application to communicate via a DNS name instead of an IP address, it may or may not work over DA. Applications that are not capable of IPv6 do not connect over DirectAccess, and if you find yourself in that boat let me know, because the company I work for developed an add-on for DirectAccess that fixes that issue. It's a client service that gets installed and intercepts traffic from the problematic application, translates it into IPv6, and then sends that corrected traffic on its way over the DA tunnel.

    Wednesday, September 20, 2017 1:25 PM