locked
Direct Access on Windows 8 Enterprise RRS feed

  • Question

  • I am testing direct access on windows 8 enterprise and direct access doesnt seem to work .

    Checks I have done till now are :-

    1.

    PPP adapter TATA DOCOMO 3G:

       Connection-specific DNS Suffix  . :
       Description . . . . . . . . . . . : TATA DOCOMO 3G
       Physical Address. . . . . . . . . :
       DHCP Enabled. . . . . . . . . . . : No
       Autoconfiguration Enabled . . . . : Yes
       IPv4 Address. . . . . . . . . . . : 49.249.136.127(Preferred)
       Subnet Mask . . . . . . . . . . . : 255.255.255.255
       Default Gateway . . . . . . . . . : 0.0.0.0
       DNS Servers . . . . . . . . . . . : 121.242.190.210
                                           121.242.190.181
       Primary WINS Server . . . . . . . : 10.11.12.13
       Secondary WINS Server . . . . . . : 10.11.12.14
       NetBIOS over Tcpip. . . . . . . . : Disabled

    --------------------------------------------------------------------------------------------------------------

    Tunnel adapter isatap.{A9DE3CA9-BBD1-4EF2-A955-5B9E06906E70}:

       Media State . . . . . . . . . . . : Media disconnected
       Connection-specific DNS Suffix  . :
       Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
       Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
       DHCP Enabled. . . . . . . . . . . : No
       Autoconfiguration Enabled . . . . : Yes

    Tunnel adapter 6TO4 Adapter:

       Connection-specific DNS Suffix  . :
       Description . . . . . . . . . . . : Microsoft 6to4 Adapter
       Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
       DHCP Enabled. . . . . . . . . . . : No
       Autoconfiguration Enabled . . . . : Yes
       IPv6 Address. . . . . . . . . . . : 2002:31f9:887f::31f9:887f(Preferred)
       Default Gateway . . . . . . . . . :
       DNS Servers . . . . . . . . . . . : 121.242.190.210
                                           121.242.190.181
       NetBIOS over Tcpip. . . . . . . . : Disabled

    Tunnel adapter Teredo Tunneling Pseudo-Interface:

       Connection-specific DNS Suffix  . :
       Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
       Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
       DHCP Enabled. . . . . . . . . . . : No
       Autoconfiguration Enabled . . . . : Yes
       IPv6 Address. . . . . . . . . . . : 2001:0:405a:eb13:2c09:1db2:ce06:7780(Preferred)
       Link-local IPv6 Address . . . . . : fe80::2c09:1db2:ce06:7780%19(Preferred)
       Default Gateway . . . . . . . . . :
       DHCPv6 IAID . . . . . . . . . . . : 520093696
       DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-3F-3A-8A-D8-D3-85-9A-9D-80
       NetBIOS over Tcpip. . . . . . . . : Disabled

    Tunnel adapter iphttpsinterface:

       Connection-specific DNS Suffix  . :
       Description . . . . . . . . . . . : iphttpsinterface
       Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
       DHCP Enabled. . . . . . . . . . . : No
       Autoconfiguration Enabled . . . . : Yes
       IPv6 Address. . . . . . . . . . . : 2002:405a:eb13:8100:6c10:7ff3:9be7:929(Preferred)
       Temporary IPv6 Address. . . . . . : 2002:405a:eb13:8100:d428:ba73:7532:3cb6(Preferred)
       Link-local IPv6 Address . . . . . : fe80::6c10:7ff3:9be7:929%20(Preferred)
       Default Gateway . . . . . . . . . : fe80::8497:a9cf:65c6:4ad3%20
       DHCPv6 IAID . . . . . . . . . . . : 469762048
       DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-3F-3A-8A-D8-D3-85-9A-9D-80
       NetBIOS over Tcpip. . . . . . . . : Disabled

    -----------------------------------------------------------------------------

    C:\Windows\system32\LogSpace\{576A97DF-9030-45DC-B836-7265291E209E}>netsh dns show state

    Name Resolution Policy Table Options
    --------------------------------------------------------------------

    Query Failure Behavior                : Always fall back to LLMNR and NetBIOS
                                            if the name does not exist in DNS or
                                            if the DNS servers are unreachable
                                            when on a private network

    Query Resolution Behavior             : Resolve only IPv6 addresses for names

    Network Location Behavior             : Let Network ID determine when Direct
                                            Access settings are to be used

    Machine Location                      : Outside corporate network

    Direct Access Settings                : Configured and Enabled

    DNSSEC Settings                       : Not Configured

    ---------------------------------------------------------------------------------------------------


    C:\Windows\system32\LogSpace\{576A97DF-9030-45DC-B836-7265291E209E}>Certutil -store my 
    my "Personal"
    ================ Certificate 0 ================
    Serial Number: 134e10180000000365a2
    Issuer: CN=certificates1.abc.com, OU=IT, O=abc Systems Inc, L=Exton, S=PA, DC=abc, DC=com, C=US
     NotBefore: 11/21/2012 4:32 AM
     NotAfter: 11/21/2013 4:32 AM
    Subject: CN=Testpc-Punl.abc.com
    Non-root Certificate

    Thursday, November 22, 2012 7:02 AM

All replies

  • Hi,

    It looks like your client has established all 3 methods of connecting to the DirectAccess server.
    Can you verify that all three actually is configured against your DA server.
    netsh interface 6to4 show relay
    netsh interface teredo show state
    netsh interface httpstunnel show interface

    What is it that doesnt work?
    Can your client resolve any internal servers?
    Can you ping any IPv6 adresses? (Try for example to ping the one listed in netsh namespace show policy)


    Jonas Blom | Relevo AB | http://blog.nrpt.se

    Thursday, November 22, 2012 8:17 AM