Direct Access Authentication Problems RRS feed

  • Question

  • We have now two customers with similar Direct Access problems that appeared in the last time. Direct Access is working sometimes, sometimes not. It happen that some clients can connect successfully to a DA server, and other clients can not connect to the same DA server at the same time. The DA status on the server is always ok, all components have a green mark. The windows 10 client (various versions) also says that Direct Access is configured correctly, but stay sometimes at "connecting" state forever.

    When comparing the DA client logs of a working and a not working client, we have a client authentication problem on the not working client, according The "security associations" in the firewall applet are empty for main mode and quick mode.

    Our DA installations are configured to use certificate authentication for Windows 7 backward compatibility. For testing, we have changed the authentication on a affected DA server to machine/user with the DA Kerberos Proxy by clearing the checkbox "use computer certificates" in the DA setup wizard. But we have the same problems: Some clients can successfully connect, some not.

    Haven't found any information how to troubleshoot these DA authentication problems, wherever using certificate based- or Kerberos machine/user authentication. 

    Thank you all in advance for any help.


    Wednesday, July 24, 2019 1:25 PM