none
DA Array Member not connecting to IPSecDoS IPv6 interfaces RRS feed

  • Question

  • I have deployed DA on a UAG 2 member array. The Array Manager is listed as Healthy, but the Array member is listed as Not Healthy for all columns in the Web Monitor.

    I attempted to follow the steps listed here: http://social.technet.microsoft.com/Forums/forefront/en-US/8965b7de-8814-40ed-b189-37b53bb1b88b/direct-access-monitor-network-security-not-heathly?forum=forefrontedgeiag

    I cannot enable the interfaces with the netsh ipsecdos add interface cmd on the unhealthy server...

    But I cannot get the UAG member interfaces to enable. Here are some results on each server:

    UAG Array Manager - Healthy:

    C:\Users\name>netsh int ipv6 show int

    Idx     Met         MTU          State                Name
    ---  ----------  ----------  ------------  ---------------------------
      1          50  4294967295  connected     Loopback Pseudo-Interface 1
     30          10        1280  connected     isatap.domain.org
     10          50        1280  connected     Local Area Connection* 9
     31          10        1280  connected     isatap.{GUID}
     11          10        1500  connected     10.9.2.x
     14          10        1280  connected     6TO4 Adapter
     32          50        1280  connected     IPHTTPSInterface
     13          10        1500  connected     External


    C:\Users\name>netsh ipsecdos show int
    Public interfaces: External, 6TO4 Adapter, Local Area Connection* 9, IPHTTPSInte
    rface
    Internal interfaces: isatap.domain.org
    Ok.

    UAG Array Member = Not Healthy:

    C:\Users\name>netsh int ipv6 show int

    Idx     Met         MTU          State                Name
    ---  ----------  ----------  ------------  ---------------------------
      1          50  4294967295  connected     Loopback Pseudo-Interface 1
     10          50        1280  disconnected  Local Area Connection* 9
     11          10        1500  connected     10.9.2.x
     13          10        1500  connected     External


    C:\Users\name>netsh ipsecdos show int
    IPsec DoS Protection has not been enabled.

    Any help would be appreciated!!!

    Wednesday, December 11, 2013 6:58 PM

All replies

  • I was able to manually enable all of the interfaces accept Teredo. I changed it to server and added the servervirtualip for the first ip in the UAG DA NLB.

    I was also able to add all of the interfaces to ipsecdos.

    I ran gpupdate and rebooted both servers. I still show all columns on the 2nd array member listed as Not Healthy

    Wednesday, December 11, 2013 10:32 PM