Hi,
The result of your netsh query is correct.
What is not working when your client is connected inside your network?
Gerald
When the internal TCPIP configuration is incorrect, the laptop will not be able to contact the NLS server, will assume that it is outside the corporate network and will begin the DirectAccess connection. Also, your firewall will then use a private/public profile while Inside your corporate network and this is not good.
It seems that your network configuration while inside your local network is causing the problem because you don't have DNS resolution and the NLS server is configured using a FQDN in the DirectAccess Console.
Do you receive a correct IP configuration from your DHCP server?
I think you should look there first.
Even to me, it looks that, clients might be facing some issues in reaching NLS Servers.
Please run the below command when you are inside LAN and let us know, how it goes.
"netsh name show eff"
Expected response:
DNS Effective Name Resolution Policy Table Settings
Note: DirectAccess settings would be turned off when computer is inside corporat
e network.
If you are facing these issues recently, make sure SSL Certificates at NLS are not expired.
I am getting the IPv4 settings from my DHCP server and they look correct. The IPv6 address is the "link-local" fe80:: address. I even tried adding the IPv4 address of one of the internal servers to the hosts file and it still won't ping by name. It's like it's not even trying to use the DNS servers that are configured on the adapter.
netsh name show eff returns this:
DNS Effective Name Resolution Policy Table Settings Settings for . ---------------------------------------------------------------------- Certification authority : DNSSEC (Validation) : disabled IPsec settings : disabled DirectAccess (DNS Servers) : fd04:f33:4cf3:3333::1 DirectAccess (Proxy Settings) : Bypass proxy
I agree with BenoitS. I think you can't contact your NLS, which forces the DirectAccess Client to connect with DirectAccess. But most often DirectAccess connectivity isn't accessable from the internal network.
Make sure you can probe your NLS from the internal network.