Unable to connect with a specific unix server (SSH using updated putty) over DA connection

Unable to connect with a specific unix server (SSH using updated putty) over 2012 DA connection.

I am able to connect this server using old sstp VPN connection

Route print shows, no issues with the IP range, DNS entry is there.

I can ping this server from DA server but not the connected cleint.
  • Edited by Beadmin Monday, November 25, 2013 1:15 PM info add
November 25th, 2013 4:13pm

Hi,

Can you test network connectivity with your Unix Server with a Telnet on your DirectAccess client. If it works, problem is not located on server-side but on DirectAccess client-side. Maybe your SSH client force IPv4 use (using IPv4 to connect instead of hostnames, or legacy DLL use). I had a similar case with a client-server application that only rely on IPv4. I had to cheat with NETSH.EXE PORTPROXY as illustrated in my blog post : http://danstoncloud.com/blogs/simplebydesign/archive/2012/02/11/tcpv4-based-applications-with-directaccess.aspx

Hope this help.

Free Windows Admin Tool Kit Click here and download it now
November 25th, 2013 8:12pm

 "Maybe your SSH client force IPv4 use " - this is a problem with putty version 0.58 but its fixed with 0.62 onwards.

I can connect to other unix servers just fine.

I cannot connect to this unix server using any DA cleint machine.

So something at this server end, but cannot figure out what.

November 26th, 2013 12:50pm

Hi

Can you perform a network trace on LAN to check if you have network trafic that goes to your unix Server. If yes, it's a problem at the unix server.

Free Windows Admin Tool Kit Click here and download it now
November 26th, 2013 1:14pm


Sorry for late reply, I cannot even ping this server when connected via DA, tracert just goes blank.

Route print on DA server, shows this range is allowed, infact I can ping - connect other servers in the same range.

I am able to ping this server within network, then tracert completes to this server in just 3 hops.

DNS server have a proper DNS entry for this server, any idea what could be wrong at server end?

January 16th, 2014 11:03am

Hi,

if ICMP messages to your server fail, DNS64/NAT64 wont work. Can you be sure the server you try to reach respond to icmp messages (ping) from your DirectAccess Gateway? There is no specific reason from a DirectAccess point of view it work for a server and not for another.

Free Windows Admin Tool Kit Click here and download it now
January 16th, 2014 11:39am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics