none
Dynamic IPv6 addresses not reachable RRS feed

  • Question

  • Hello,

    I am currently implementing IPv6 for use with Direct Access.

    So the default settings are not that much of a problem, the following has been done:

    1. DNS: Reverse DNS for IPv6 (fd32:faa6:5eaf:da4b::/64)
    2. DNS-Servers: Assignment of static IPv6 address (fd32:faa6:5eaf:da4b::11; fd32:faa6:5eaf:da4b::12)
    3. DHCP: Distrubution of IPv6 (fd32:faa6:5eaf:da4b::/64), Options-setting for DNS-Servers (see 2)

    The clients are getting their new IPv6 address without issue, but they are not able to reach the static server addresses as a result neither ping nor nslookup are working.

    If I compare the routes on a server and a client I see that the clients are missing the following route: "fd32:faa6:5eaf:da4b::/64"

    The servers which were assigned a static IP have this route and are able to communicate.

    I found the following link from another user with the same problem:
    http://blog.dabasinskas.net/setting-up-ipv6-in-my-home-environment/

    He solved the problem with a startup script to add this route, but I think that this is not a real solution.

    Could someone provide a solution or a explanation for this problem?

    Thanks in advance
    Paul

    Tuesday, February 16, 2016 1:34 PM

Answers

  • Hi Whity88,

    Sorry for delay.I only found the workaround you just post.I suggest you open a case with Microsoft, more in-depth investigation can be done so that you would get a more satisfying explanation and solution to this issue.
    Here is the link:
    https://support.microsoft.com/en-us/gp/support-options-for-business

    Best Regards,

    Cartman


    Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact tnmff@microsoft.com.

    • Marked as answer by PauloW4 Wednesday, March 2, 2016 7:22 AM
    Tuesday, March 1, 2016 9:16 AM

All replies

  • Hi Paul,

              If the DirectAccess client is on the Internet Protocol version 6 (IPv6) Internet (it has been assigned a globally routable IPv6 address by the local Internet service provider), it can reach the DirectAccess server in the following ways:

            

    1.If the DirectAccess server is also on the IPv6 Internet, the routing infrastructure of the IPv6 Internet forwards IPv6 traffic directly to the DirectAccess server (IPv6 reachability end-to-end).

    2.If the DirectAccess server is on the Internet Protocol version 4 (IPv4) Internet and using 6to4, the routing infrastructure of the IPv6 Internet forwards the traffic to a 6to4 relay, which forwards the encapsulated IPv6 traffic across the IPv4 Internet to the DirectAccess server (IPv6 reachability from DirectAccess client to the 6to4 relay, IPv4-encapsulated IPv6 reachability from the 6to4 relay to the DirectAccess server).

          In either case, there must be a routing path between the DirectAccess client and server that allows the following types of IPv6 traffic:

    1.Internet Control Message Protocol for IPv6 (ICMPv6) (IPv6 Next Header value of 58)

    2.Internet Key Exchange (IKE)/Authenticating Internet Protocol (AuthIP) (User Datagram Protocol [UDP] ports 500 and 4500)

    3.Internet Protocol security (IPsec) Encapsulating Security Payload (ESP) (IPv6 Next Header value of 50)

    Here is the link To troubleshoot connectivity from a DirectAccess client on the IPv6 Internet to the DirectAccess server:

    https://technet.microsoft.com/en-us/library/ee844198%28v=ws.10%29.aspx?f=255&MSPPError=-2147217396

      Best Regards,

    Cartman


    Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact tnmff@microsoft.com.

    Wednesday, February 17, 2016 6:12 AM
  • Hello Cartman,

    thanks for the reply.We currently have only a external IPv4 address.

    The connection between client and server is no problem, but currently NAT64 seems to have a problem discussed in the following thread:

    https://social.technet.microsoft.com/Forums/windowsserver/en-US/e8d43997-e0a2-4abd-aec6-5f1c69b4eb7d/directaccess-error-windows-is-unable-to-resolve-dns-names-for-probes?forum=winserverNIS

    I just wanted to implement IPv6 as to not have to translate a IPv4 address (client external) into an IPv6 (Direct Access) back into an IPv4 (internal LAN).

    Regards

    Paul

    Wednesday, February 17, 2016 7:15 AM
  • Hi Whity88,

    Sorry for delay.I only found the workaround you just post.I suggest you open a case with Microsoft, more in-depth investigation can be done so that you would get a more satisfying explanation and solution to this issue.
    Here is the link:
    https://support.microsoft.com/en-us/gp/support-options-for-business

    Best Regards,

    Cartman


    Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact tnmff@microsoft.com.

    • Marked as answer by PauloW4 Wednesday, March 2, 2016 7:22 AM
    Tuesday, March 1, 2016 9:16 AM
  • Hello Cartman,

    thanks for the reply, I will do that.

    Regards

    Paul

    Wednesday, March 2, 2016 7:22 AM