Current Position:Home > DirectAccess Client not connecting without error code on Windows Server 2012 R2 and Windows 8.1

DirectAccess Client not connecting without error code on Windows Server 2012 R2 and Windows 8.1

Update:10-11Source: network consolidation
Advertisement
Hello,
we are currently migrating from Windows Server 2012 to 2012 R2 and are not able to get the new Direct Access Service up and running. Our goal is to establish DirectAccess connection for a handful of clients using the IPHTTPS-adapter on the default port 443.
Errors:
There is actually no error showing up. It seems the infrastructure tunnel cannot be created but none of the IPv6-transition adapters is connecting (teredo and 6-to-4 are down) and the IPHTTPs adapter gives no informations about a problem:
>Get-DAConnectionStatus
Status    : Error
Substatus : CouldNotContactDirectAccessServer
>Get-NetIPHttpsState
LastErrorCode   : 0x0
InterfaceStatus : Failed to connect to the IPHTTPS server; waiting to reconnect
Setup:
Our setup is a virtualized Windows Server 2012 R2 Standard running on Hyper-V. It is located behind a NAT having the Port 443 mapped to the server. The only role installed after the basic install is RRAS including DirectAccess and VPN. The assistants completed
successfully (running the configuration for DirectAccess and VPN). Operation Status says everything is green und working (for multiple days in the meanwhile). A previous direct access installation (on a different machine running Windows Server 2012) has
been removed before installing the new server. The new installation is using a different router, so this might also be the cause of a problem.
The client is a Windows 8.1 notebook located outside the company network accessing the internet through another NAT-device. The client has been able to connect to the previous DirectAccess setup but has never been able to establish a connection after the
setup of the new Direct Access server. The device has no outbound constraints concerning the NAT-device and is only running the integrated Windows Firewall.
Diagnosis:
So far I've done some basic DNS and connectivity checks. The DNS-name can be resolved correctly and the router even responds to pings. The port forward is working and HTTPs connections are generally possible (temporarily routed the port to
access the NLS-Website located on the server, which worked fine).
Network monitor shows that both computers are communicating, traffic on the expected Port 443 is incoming on the server and responses from the server reach the client.
Opening the IPHTTPs-url and in an endless page load. Sometime the browser page closes but I've never seen any result. Using telnet on the port shows that the server is accepting connections. I've even build a small test application that does a GET-Request
on the URL returning HTTP-200 and no content.
I'm currently running out of ideas what to do and since no error occurs this is kind of a bit frustrating. Any help appreciated.
Regards
Matthias

The Best Answer

Advertisement
Hi,
In addition, have you disabled the DA client components on the DA client? If no, please also check
the settings on the Name Resolution Policy Table.
More information:
DirectAccess
Client Location Awareness – NRPT Name Resolution
In addition, error 0x4C9 means the remote computer refused the network connection. It may be due to the invalid
registry or corrupt drivers. For more detailed information, please refer to the link below:
Error 1225 - Error Code 0x4C9
Note:
Microsoft is providing this information as a convenience to you. Please make sure that you completely understand the risk before retrieving any suggestions from the above link.
Best regards,
Susie