none
Manage out Direct Access Clients: Getting Error "Transmit failed Error Code 1231' RRS feed

  • Question

  • Hello All,

     

    Greetings...

     

    I have configured Direct Access in UAG array. I am using UAG's DNS 64 method for name resolution for DA clients. Everyhting works fine from Direct Acess client point of view. But I can not manage out DA clients. 

    I have already done folllwowing things

    1) Added custom MAnagement server in MAnagement servers list in DA console.

    2) DNS server is configured for dynamic IPV6 updates that DA clients will register in DNS.

    3) Created seperate GPO  that allows inboud IPV6 : Echo Reply packets and RDP port 3389 TCP connection. This GPO is applied to DA clients along with UAG DA GPO.

    But still I am getting transit failure message if I try to Ping from any of the management servers.

    Any idea? Thank you for your quick reply.

     

    Rgds

    Ashu

     

     

    Wednesday, June 29, 2011 7:49 PM

Answers

  • Hi Ashu,

    In the configuration of the inbound firewall rules, you muste specify to allow Edge Traversal Rules I think. It's under Advanced / Edge Traversal / Allow Edge Traversal.

    Sorry for the delay of my answer :(


    Olivier Detilleux - Service Line Manager | Core Infrastructure Department - vNext http://www.vnext.fr - http://myitforum.com/cs2/blogs/forefrontsecurity/
    • Marked as answer by Erez Benari Friday, August 26, 2011 11:44 PM
    Tuesday, July 5, 2011 10:20 AM

All replies

  • Hi Ashu,

    Did you configure your RDP firewall rule with the Edge traversal rules ?


    Olivier Detilleux - Service Line Manager | Core Infrastructure Department - vNext http://www.vnext.fr - http://myitforum.com/cs2/blogs/forefrontsecurity/
    Thursday, June 30, 2011 10:23 AM
  • Hello Oliver,

    I configured Inboind firewall rules on windows 7 client machines. Do you mean i should create rule in underlying TMG on UAG?

    Rgds

    Ashu

     

     

    Thursday, June 30, 2011 1:57 PM
  • Hi Ashu,

    In the configuration of the inbound firewall rules, you muste specify to allow Edge Traversal Rules I think. It's under Advanced / Edge Traversal / Allow Edge Traversal.

    Sorry for the delay of my answer :(


    Olivier Detilleux - Service Line Manager | Core Infrastructure Department - vNext http://www.vnext.fr - http://myitforum.com/cs2/blogs/forefrontsecurity/
    • Marked as answer by Erez Benari Friday, August 26, 2011 11:44 PM
    Tuesday, July 5, 2011 10:20 AM
  • Please keep in mind. If you create inbound rules with edge traversler enabled; These rules should be applied on private and public profiles. They should also be configured with Remote IPv6 prefix. Otherwise your clients might be exposed from other hosts (e.g. internet).

    Boudewijn Plomp, BPMi Infrastructure & Security

    Tuesday, August 28, 2012 12:14 PM