locked
directaccess tunnels will not come up Windows 2012R2 RRS feed

  • Question

  • Guys I'm having problems configuring Direct Access on Windows Server 2012R2. My network location server and Direct Access servers are on separate boxes. I am using a wildcard cert on the HTTPS listener. I am using our internal enterprise ca to issue certs to clients. Also I'm publishing Direct Access via TMG 2010. Basically the tunnels will not come up I have already verified the machine certs they are both configured for client and workstation authentication. If I connect in via a Windows 8.1 client and do a ipconfig/all I actually have addresses also the iphttps interface shows active. I can even ping the DA server by its ipv6 address and I can ping back to the client. So my question is what steps do I need to take in order to get the tunnels up? Everything I'm reading says its certs but I'm not seeing it.
    Friday, September 18, 2015 9:14 PM

Answers

  • I think I have it going now the problem was with the local windows firewall on the server. After running a gpresult I found a gpo that was disabling the profiles on the servers firewall. I went in denied policy read to all of my servers that I'm using in DirectAccess. After that the tunnels were created.
    • Marked as answer by OSU75 Wednesday, September 23, 2015 8:10 PM
    Saturday, September 19, 2015 3:43 AM