Problem with DirectAccess
We've trying a few too get up and running using Direct Access We have the corpnet. 10.0.0.0/24 with running AD with group policy for Client1 in network 131.107.0.5 with DNS serverI NET1 in same subnet (131.107.0.1. These are connected through EDGE1 131.107.0.2 - 10.0.0.2 running Direct Acces service. Client1 have acquired user cert and is member of the corpnet domain. But the connection from Client1 says it's unauthenciated. DC1 in corpnet running AD and cert enrolling has computer Client1 in security group and delivers cert too Client1 when connected too Corpnet. DC1 corpnet 10.0.0.3 (AD, cert enrolling, DNS) App1 corpnet 10.0.0.1 (IIS w security bindings) EDGE1 corpnet 10.0.0.2 external 131.107.0.2-3 (Direct Acces feature, CRL Distribution, IIS) Inet1 131.107.0.1 (DNS) Client 137.107.0.5 ipv6 up and running and Isatap Anyone know what problems may be? I don't know exactly which information is needed. Just ask and ill provide more info. All clients/servers is running win2008 R2
September 22nd, 2010 9:46am

Hi, do you have some firewall between Client1 and EDGE1 ? ref: http://technet.microsoft.com/en-us/library/ee382257(WS.10).aspxEdoardo Benussi - Microsoft MVP Management Infrastructure - Systems Administration https://mvp.support.microsoft.com/Profile/Benussi Windows Server Italian Forum Moderator edo[at]mvps[dot]org
Free Windows Admin Tool Kit Click here and download it now
September 22nd, 2010 10:13am

No firewall is running on either Edge1 or Client1, Nothing is in between them except an empty Cisco Switch. Edit: We haven't really understood how DA should be configured on Client1. We had it running in corpnet getting certs and joining domain but haven't done anything else regarding DA on Client1. EDIT2: The conlusion on DA is that it isn't ready for using in real enviroment yet. Seems like the feature is too young. Not woking properly and poorly documentated. We've been 6 persons trying too resolv this problem for 8 hours now and thats not how it should be.
September 22nd, 2010 10:22am

We've considered this very much. And we got an idea just now. When we configured through an step by step guide nowhere we applied som kinds of rules for the Client regarding IPV6, we configured ipv6 and got it up and running but never told the client to use it. May this be the problem?
Free Windows Admin Tool Kit Click here and download it now
September 22nd, 2010 5:25pm

I recommend you to read the "DirectAccess Step By Step Guide" that you can find here http://www.microsoft.com/downloads/en/details.aspx?displaylang=en&FamilyID=8d47ed5f-d217-4d84-b698-f39360d82fac HTHEdoardo Benussi - Microsoft MVP Management Infrastructure - Systems Administration https://mvp.support.microsoft.com/Profile/Benussi Windows Server Italian Forum Moderator edo[at]mvps[dot]org
September 23rd, 2010 4:41am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics