Clients unable to connect to DA-serverDirectAccess client can't connectRemoteApp doesn't start second timeWindows VPN server can talk to VPN clients, but won't send packets from its local network to the VPN clientsWindows Server 2012 NAT Routing won't route clients from subnet (multiple external ips)How can I set up DirectAccess so that I only need a single physical server?DirectAccess client (Windows 8.1 Ent) unable to connect to DirectAccess server (Server 2012)Windows 7 Ent DirectAccess client cannot browse over SMBWindows Server 2012 SSTP VPN/Cant Connect to SSTP VPN ServerRemoteApps over DirectAccess. Login Failed?Troubleshooting Direct Access on Windows Server 2016
How can I fix the label locations on my tikzcd diagram?
Refer a string as a field API name
Polynomial division: Is this trick obvious?
Square spiral in Mathematica
Can a person still be an Orthodox Jew and believe that the Torah contains narratives that are not scientifically correct?
Pedaling at different gear ratios on flat terrain: what's the point?
Would life always name the light from their sun "white"
301 Redirects what does ([a-z]+)-(.*) and ([0-9]+)-(.*) mean
Roman Numerals Equation 2
What is this rubber on gear cables
Usage of the relative pronoun "dont"
Failing students when it might cause them economic ruin
Have there been any examples of re-usable rockets in the past?
Is it standard to have the first week's pay indefinitely withheld?
"Counterexample" for the Inverse function theorem
Cuban Primes
How to know the path of a particular software?
Why is it correct to use ~た in this sentence, even though we're talking about next week?
Why use a retrograde orbit?
Why is vowel phonology represented in a trapezoid instead of a square?
What would a Dragon have to exhale to cause rain?
Do we see some Unsullied doing this in S08E05?
Is it possible to pass a pointer to an operator as an argument like a pointer to a function?
AD: OU for system administrator accounts
Clients unable to connect to DA-server
DirectAccess client can't connectRemoteApp doesn't start second timeWindows VPN server can talk to VPN clients, but won't send packets from its local network to the VPN clientsWindows Server 2012 NAT Routing won't route clients from subnet (multiple external ips)How can I set up DirectAccess so that I only need a single physical server?DirectAccess client (Windows 8.1 Ent) unable to connect to DirectAccess server (Server 2012)Windows 7 Ent DirectAccess client cannot browse over SMBWindows Server 2012 SSTP VPN/Cant Connect to SSTP VPN ServerRemoteApps over DirectAccess. Login Failed?Troubleshooting Direct Access on Windows Server 2016
.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty height:90px;width:728px;box-sizing:border-box;
I just setup a new server for directaccess. This domain previously had directaccess but it has been removed if it makes any difference.
Anyway, everything is green checked in server manager.
Public certificate is installed and I have checked externally that ports 443 and 62000 (same server is hosting NLS) are open. On the client I am able to browse to the site https://da.externaldomain.com without issues.
Outputs on client:
PS C:Userstest.testsson> netsh interface httpstunnel show interfaces
Interface IPHTTPSInterface (Group Policy) Parameters
------------------------------------------------------------
Role : client
URL : https://da.externaldomain.com:443/IPHTTPS
Last Error Code : 0x0
Interface Status : IPHTTPS interface active
PS C:Userstest.testsson> Get-DAConnectionStatus
Status : Error
Substatus : CouldNotContactDirectAccessServer
Debug log in DirectAccess Client Troubleshooting just says this:
[2016-10-24 10:10:34]: User canceled the tests.
[2016-10-24 10:10:34]: In worker thread, going to start the tests.
[2016-10-24 10:10:34]: Running Network Interfaces tests.
[2016-10-24 10:10:34]: Ethernet0 (Intel(R) 82574L Gigabit Network Connection): SNIPPED
[2016-10-24 10:10:34]: Default gateway found for Ethernet0.
[2016-10-24 10:10:34]: iphttpsinterface (iphttpsinterface): SNIPPED
[2016-10-24 10:10:34]: No default gateway found for iphttpsinterface.
[2016-10-24 10:10:34]: Ethernet0 has configured the default gateway 192.168.100.1.
[2016-10-24 10:10:34]: Default gateway 192.168.100.1 for Ethernet0 replies on ICMP Echo requests, RTT is 2 msec.
[2016-10-24 10:10:34]: Received a response from the public DNS server (8.8.8.8), RTT is 3 msec.
[2016-10-24 10:10:34]: The public DNS Server (2001:4860:4860::8888) does not reply on ICMP Echo requests, the request or response is maybe filtered?
[2016-10-24 10:10:34]: Running Inside/Outside location tests.
[2016-10-24 10:10:34]: NLS is https://da.local.domain:62000/.
[2016-10-24 10:10:34]: NLS is not reachable via HTTPS, the client computer is not connected to the corporate network (external) or the NLS is offline.
[2016-10-24 10:10:34]: NRPT contains 2 rules.
[2016-10-24 10:10:34]: Found (unique) DNS server: SNIPPED
[2016-10-24 10:10:34]: Send an ICMP message to check if the server is reachable.
[2016-10-24 10:10:34]: DNS server SNIPPED is online, RTT is 11 msec.
[2016-10-24 10:10:34]: Running IP connectivity tests.
[2016-10-24 10:10:35]: The 6to4 interface service state is default.
[2016-10-24 10:10:35]: Teredo inferface status is offline.
[2016-10-24 10:10:35]: The configured DirectAccess Teredo server is win10.ipv6.microsoft.com..
[2016-10-24 10:10:35]: The IPHTTPS interface is operational.
[2016-10-24 10:10:35]: The IPHTTPS interface status is IPHTTPS interface active.
[2016-10-24 10:10:35]: IPHTTPS is used as IPv6 transition technology.
[2016-10-24 10:10:35]: The configured IPHTTPS URL is https://da.externaldomain.com:443.
[2016-10-24 10:10:35]: IPHTTPS has a single site configuration.
[2016-10-24 10:10:35]: IPHTTPS URL endpoint is: https://da.externaldomain.com:443.
[2016-10-24 10:10:35]: Failed to connect to endpoint https://da.externaldomain.com:443.
[2016-10-24 10:10:35]: No response received from skarpa.local.
[2016-10-24 10:10:35]: Running Windows Firewall tests.
[2016-10-24 10:10:35]: The current profile of the Windows Firewall is Public.
[2016-10-24 10:10:35]: The Windows Firewall is enabled in the current profile Public.
[2016-10-24 10:10:35]: The outbound Windows Firewall rule Kärnnätverket - Teredo (UDP-ut) is enabled.
[2016-10-24 10:10:35]: The outbound Windows Firewall rule Kärnnätverket - IPHTTPS (TCP-ut) is enabled.
[2016-10-24 10:10:35]: Running certificate tests.
[2016-10-24 10:10:35]: No usable machine certificate found.
[2016-10-24 10:10:35]: Found 0 machine certificates on this client computer.
[2016-10-24 10:10:35]: Running IPsec infrastructure tunnel tests.
[2016-10-24 10:10:35]: Failed to connect to domain sysvol share \local.domainsysvollocla.domainPolicies.
[2016-10-24 10:10:35]: Running IPsec intranet tunnel tests.
[2016-10-24 10:10:38]: Failed to connect to :1000::1 with status TimedOut.
[2016-10-24 10:10:47]: Failed to connect to :1000::1 with status TimedOut.
[2016-10-24 10:10:50]: Failed to connect to :1000::2 with status TimedOut.
[2016-10-24 10:10:59]: Failed to connect to :1000::2 with status TimedOut.
[2016-10-24 10:10:59]: Running selected post-checks script.
[2016-10-24 10:10:59]: No post-checks script specified or the file does not exist.
[2016-10-24 10:10:59]: Finished running post-checks script.
[2016-10-24 10:10:59]: Finished running all tests.
Outputs on server
C:Usersadmin>netsh interface httpstunnel show interfaces
Interface IPHTTPSInterface Parameters
------------------------------------------------------------
Role : server
URL : https://da.externaldomain.com:443/IPHTTPS
Client authentication mode : none
Last Error Code : 0x0
Interface Status : IPHTTPS interface active
I am at a loss here. I have never a issue like this, usually it's an issue with NLS or DAC configuration after it has actually connected.
I have tried to reinstall the client but still the same issue.
Also tried to remove configuration from the server and reconfigured it. Everything still checked green on Remote access console.
windows-server-2012 direct-access
asked Oct 24 '16 at 8:20
Mattias AMattias A
112
add a comment |
I just setup a new server for directaccess. This domain previously had directaccess but it has been removed if it makes any difference.
Anyway, everything is green checked in server manager.
Public certificate is installed and I have checked externally that ports 443 and 62000 (same server is hosting NLS) are open. On the client I am able to browse to the site https://da.externaldomain.com without issues.
Outputs on client:
PS C:Userstest.testsson> netsh interface httpstunnel show interfaces
Interface IPHTTPSInterface (Group Policy) Parameters
------------------------------------------------------------
Role : client
URL : https://da.externaldomain.com:443/IPHTTPS
Last Error Code : 0x0
Interface Status : IPHTTPS interface active
PS C:Userstest.testsson> Get-DAConnectionStatus
Status : Error
Substatus : CouldNotContactDirectAccessServer
Debug log in DirectAccess Client Troubleshooting just says this:
[2016-10-24 10:10:34]: User canceled the tests.
[2016-10-24 10:10:34]: In worker thread, going to start the tests.
[2016-10-24 10:10:34]: Running Network Interfaces tests.
[2016-10-24 10:10:34]: Ethernet0 (Intel(R) 82574L Gigabit Network Connection): SNIPPED
[2016-10-24 10:10:34]: Default gateway found for Ethernet0.
[2016-10-24 10:10:34]: iphttpsinterface (iphttpsinterface): SNIPPED
[2016-10-24 10:10:34]: No default gateway found for iphttpsinterface.
[2016-10-24 10:10:34]: Ethernet0 has configured the default gateway 192.168.100.1.
[2016-10-24 10:10:34]: Default gateway 192.168.100.1 for Ethernet0 replies on ICMP Echo requests, RTT is 2 msec.
[2016-10-24 10:10:34]: Received a response from the public DNS server (8.8.8.8), RTT is 3 msec.
[2016-10-24 10:10:34]: The public DNS Server (2001:4860:4860::8888) does not reply on ICMP Echo requests, the request or response is maybe filtered?
[2016-10-24 10:10:34]: Running Inside/Outside location tests.
[2016-10-24 10:10:34]: NLS is https://da.local.domain:62000/.
[2016-10-24 10:10:34]: NLS is not reachable via HTTPS, the client computer is not connected to the corporate network (external) or the NLS is offline.
[2016-10-24 10:10:34]: NRPT contains 2 rules.
[2016-10-24 10:10:34]: Found (unique) DNS server: SNIPPED
[2016-10-24 10:10:34]: Send an ICMP message to check if the server is reachable.
[2016-10-24 10:10:34]: DNS server SNIPPED is online, RTT is 11 msec.
[2016-10-24 10:10:34]: Running IP connectivity tests.
[2016-10-24 10:10:35]: The 6to4 interface service state is default.
[2016-10-24 10:10:35]: Teredo inferface status is offline.
[2016-10-24 10:10:35]: The configured DirectAccess Teredo server is win10.ipv6.microsoft.com..
[2016-10-24 10:10:35]: The IPHTTPS interface is operational.
[2016-10-24 10:10:35]: The IPHTTPS interface status is IPHTTPS interface active.
[2016-10-24 10:10:35]: IPHTTPS is used as IPv6 transition technology.
[2016-10-24 10:10:35]: The configured IPHTTPS URL is https://da.externaldomain.com:443.
[2016-10-24 10:10:35]: IPHTTPS has a single site configuration.
[2016-10-24 10:10:35]: IPHTTPS URL endpoint is: https://da.externaldomain.com:443.
[2016-10-24 10:10:35]: Failed to connect to endpoint https://da.externaldomain.com:443.
[2016-10-24 10:10:35]: No response received from skarpa.local.
[2016-10-24 10:10:35]: Running Windows Firewall tests.
[2016-10-24 10:10:35]: The current profile of the Windows Firewall is Public.
[2016-10-24 10:10:35]: The Windows Firewall is enabled in the current profile Public.
[2016-10-24 10:10:35]: The outbound Windows Firewall rule Kärnnätverket - Teredo (UDP-ut) is enabled.
[2016-10-24 10:10:35]: The outbound Windows Firewall rule Kärnnätverket - IPHTTPS (TCP-ut) is enabled.
[2016-10-24 10:10:35]: Running certificate tests.
[2016-10-24 10:10:35]: No usable machine certificate found.
[2016-10-24 10:10:35]: Found 0 machine certificates on this client computer.
[2016-10-24 10:10:35]: Running IPsec infrastructure tunnel tests.
[2016-10-24 10:10:35]: Failed to connect to domain sysvol share \local.domainsysvollocla.domainPolicies.
[2016-10-24 10:10:35]: Running IPsec intranet tunnel tests.
[2016-10-24 10:10:38]: Failed to connect to :1000::1 with status TimedOut.
[2016-10-24 10:10:47]: Failed to connect to :1000::1 with status TimedOut.
[2016-10-24 10:10:50]: Failed to connect to :1000::2 with status TimedOut.
[2016-10-24 10:10:59]: Failed to connect to :1000::2 with status TimedOut.
[2016-10-24 10:10:59]: Running selected post-checks script.
[2016-10-24 10:10:59]: No post-checks script specified or the file does not exist.
[2016-10-24 10:10:59]: Finished running post-checks script.
[2016-10-24 10:10:59]: Finished running all tests.
Outputs on server
C:Usersadmin>netsh interface httpstunnel show interfaces
Interface IPHTTPSInterface Parameters
------------------------------------------------------------
Role : server
URL : https://da.externaldomain.com:443/IPHTTPS
Client authentication mode : none
Last Error Code : 0x0
Interface Status : IPHTTPS interface active
I am at a loss here. I have never a issue like this, usually it's an issue with NLS or DAC configuration after it has actually connected.
I have tried to reinstall the client but still the same issue.
Also tried to remove configuration from the server and reconfigured it. Everything still checked green on Remote access console.
windows-server-2012 direct-access
asked Oct 24 '16 at 8:20
Mattias AMattias A
112
add a comment |
I just setup a new server for directaccess. This domain previously had directaccess but it has been removed if it makes any difference.
Anyway, everything is green checked in server manager.
Public certificate is installed and I have checked externally that ports 443 and 62000 (same server is hosting NLS) are open. On the client I am able to browse to the site https://da.externaldomain.com without issues.
Outputs on client:
PS C:Userstest.testsson> netsh interface httpstunnel show interfaces
Interface IPHTTPSInterface (Group Policy) Parameters
------------------------------------------------------------
Role : client
URL : https://da.externaldomain.com:443/IPHTTPS
Last Error Code : 0x0
Interface Status : IPHTTPS interface active
PS C:Userstest.testsson> Get-DAConnectionStatus
Status : Error
Substatus : CouldNotContactDirectAccessServer
Debug log in DirectAccess Client Troubleshooting just says this:
[2016-10-24 10:10:34]: User canceled the tests.
[2016-10-24 10:10:34]: In worker thread, going to start the tests.
[2016-10-24 10:10:34]: Running Network Interfaces tests.
[2016-10-24 10:10:34]: Ethernet0 (Intel(R) 82574L Gigabit Network Connection): SNIPPED
[2016-10-24 10:10:34]: Default gateway found for Ethernet0.
[2016-10-24 10:10:34]: iphttpsinterface (iphttpsinterface): SNIPPED
[2016-10-24 10:10:34]: No default gateway found for iphttpsinterface.
[2016-10-24 10:10:34]: Ethernet0 has configured the default gateway 192.168.100.1.
[2016-10-24 10:10:34]: Default gateway 192.168.100.1 for Ethernet0 replies on ICMP Echo requests, RTT is 2 msec.
[2016-10-24 10:10:34]: Received a response from the public DNS server (8.8.8.8), RTT is 3 msec.
[2016-10-24 10:10:34]: The public DNS Server (2001:4860:4860::8888) does not reply on ICMP Echo requests, the request or response is maybe filtered?
[2016-10-24 10:10:34]: Running Inside/Outside location tests.
[2016-10-24 10:10:34]: NLS is https://da.local.domain:62000/.
[2016-10-24 10:10:34]: NLS is not reachable via HTTPS, the client computer is not connected to the corporate network (external) or the NLS is offline.
[2016-10-24 10:10:34]: NRPT contains 2 rules.
[2016-10-24 10:10:34]: Found (unique) DNS server: SNIPPED
[2016-10-24 10:10:34]: Send an ICMP message to check if the server is reachable.
[2016-10-24 10:10:34]: DNS server SNIPPED is online, RTT is 11 msec.
[2016-10-24 10:10:34]: Running IP connectivity tests.
[2016-10-24 10:10:35]: The 6to4 interface service state is default.
[2016-10-24 10:10:35]: Teredo inferface status is offline.
[2016-10-24 10:10:35]: The configured DirectAccess Teredo server is win10.ipv6.microsoft.com..
[2016-10-24 10:10:35]: The IPHTTPS interface is operational.
[2016-10-24 10:10:35]: The IPHTTPS interface status is IPHTTPS interface active.
[2016-10-24 10:10:35]: IPHTTPS is used as IPv6 transition technology.
[2016-10-24 10:10:35]: The configured IPHTTPS URL is https://da.externaldomain.com:443.
[2016-10-24 10:10:35]: IPHTTPS has a single site configuration.
[2016-10-24 10:10:35]: IPHTTPS URL endpoint is: https://da.externaldomain.com:443.
[2016-10-24 10:10:35]: Failed to connect to endpoint https://da.externaldomain.com:443.
[2016-10-24 10:10:35]: No response received from skarpa.local.
[2016-10-24 10:10:35]: Running Windows Firewall tests.
[2016-10-24 10:10:35]: The current profile of the Windows Firewall is Public.
[2016-10-24 10:10:35]: The Windows Firewall is enabled in the current profile Public.
[2016-10-24 10:10:35]: The outbound Windows Firewall rule Kärnnätverket - Teredo (UDP-ut) is enabled.
[2016-10-24 10:10:35]: The outbound Windows Firewall rule Kärnnätverket - IPHTTPS (TCP-ut) is enabled.
[2016-10-24 10:10:35]: Running certificate tests.
[2016-10-24 10:10:35]: No usable machine certificate found.
[2016-10-24 10:10:35]: Found 0 machine certificates on this client computer.
[2016-10-24 10:10:35]: Running IPsec infrastructure tunnel tests.
[2016-10-24 10:10:35]: Failed to connect to domain sysvol share \local.domainsysvollocla.domainPolicies.
[2016-10-24 10:10:35]: Running IPsec intranet tunnel tests.
[2016-10-24 10:10:38]: Failed to connect to :1000::1 with status TimedOut.
[2016-10-24 10:10:47]: Failed to connect to :1000::1 with status TimedOut.
[2016-10-24 10:10:50]: Failed to connect to :1000::2 with status TimedOut.
[2016-10-24 10:10:59]: Failed to connect to :1000::2 with status TimedOut.
[2016-10-24 10:10:59]: Running selected post-checks script.
[2016-10-24 10:10:59]: No post-checks script specified or the file does not exist.
[2016-10-24 10:10:59]: Finished running post-checks script.
[2016-10-24 10:10:59]: Finished running all tests.
Outputs on server
C:Usersadmin>netsh interface httpstunnel show interfaces
Interface IPHTTPSInterface Parameters
------------------------------------------------------------
Role : server
URL : https://da.externaldomain.com:443/IPHTTPS
Client authentication mode : none
Last Error Code : 0x0
Interface Status : IPHTTPS interface active
I am at a loss here. I have never a issue like this, usually it's an issue with NLS or DAC configuration after it has actually connected.
I have tried to reinstall the client but still the same issue.
Also tried to remove configuration from the server and reconfigured it. Everything still checked green on Remote access console.
windows-server-2012 direct-access
asked Oct 24 '16 at 8:20
Mattias AMattias A
112
I just setup a new server for directaccess. This domain previously had directaccess but it has been removed if it makes any difference.
Anyway, everything is green checked in server manager.
Public certificate is installed and I have checked externally that ports 443 and 62000 (same server is hosting NLS) are open. On the client I am able to browse to the site https://da.externaldomain.com without issues.
Outputs on client:
PS C:Userstest.testsson> netsh interface httpstunnel show interfaces
Interface IPHTTPSInterface (Group Policy) Parameters
------------------------------------------------------------
Role : client
URL : https://da.externaldomain.com:443/IPHTTPS
Last Error Code : 0x0
Interface Status : IPHTTPS interface active
PS C:Userstest.testsson> Get-DAConnectionStatus
Status : Error
Substatus : CouldNotContactDirectAccessServer
Debug log in DirectAccess Client Troubleshooting just says this:
[2016-10-24 10:10:34]: User canceled the tests.
[2016-10-24 10:10:34]: In worker thread, going to start the tests.
[2016-10-24 10:10:34]: Running Network Interfaces tests.
[2016-10-24 10:10:34]: Ethernet0 (Intel(R) 82574L Gigabit Network Connection): SNIPPED
[2016-10-24 10:10:34]: Default gateway found for Ethernet0.
[2016-10-24 10:10:34]: iphttpsinterface (iphttpsinterface): SNIPPED
[2016-10-24 10:10:34]: No default gateway found for iphttpsinterface.
[2016-10-24 10:10:34]: Ethernet0 has configured the default gateway 192.168.100.1.
[2016-10-24 10:10:34]: Default gateway 192.168.100.1 for Ethernet0 replies on ICMP Echo requests, RTT is 2 msec.
[2016-10-24 10:10:34]: Received a response from the public DNS server (8.8.8.8), RTT is 3 msec.
[2016-10-24 10:10:34]: The public DNS Server (2001:4860:4860::8888) does not reply on ICMP Echo requests, the request or response is maybe filtered?
[2016-10-24 10:10:34]: Running Inside/Outside location tests.
[2016-10-24 10:10:34]: NLS is https://da.local.domain:62000/.
[2016-10-24 10:10:34]: NLS is not reachable via HTTPS, the client computer is not connected to the corporate network (external) or the NLS is offline.
[2016-10-24 10:10:34]: NRPT contains 2 rules.
[2016-10-24 10:10:34]: Found (unique) DNS server: SNIPPED
[2016-10-24 10:10:34]: Send an ICMP message to check if the server is reachable.
[2016-10-24 10:10:34]: DNS server SNIPPED is online, RTT is 11 msec.
[2016-10-24 10:10:34]: Running IP connectivity tests.
[2016-10-24 10:10:35]: The 6to4 interface service state is default.
[2016-10-24 10:10:35]: Teredo inferface status is offline.
[2016-10-24 10:10:35]: The configured DirectAccess Teredo server is win10.ipv6.microsoft.com..
[2016-10-24 10:10:35]: The IPHTTPS interface is operational.
[2016-10-24 10:10:35]: The IPHTTPS interface status is IPHTTPS interface active.
[2016-10-24 10:10:35]: IPHTTPS is used as IPv6 transition technology.
[2016-10-24 10:10:35]: The configured IPHTTPS URL is https://da.externaldomain.com:443.
[2016-10-24 10:10:35]: IPHTTPS has a single site configuration.
[2016-10-24 10:10:35]: IPHTTPS URL endpoint is: https://da.externaldomain.com:443.
[2016-10-24 10:10:35]: Failed to connect to endpoint https://da.externaldomain.com:443.
[2016-10-24 10:10:35]: No response received from skarpa.local.
[2016-10-24 10:10:35]: Running Windows Firewall tests.
[2016-10-24 10:10:35]: The current profile of the Windows Firewall is Public.
[2016-10-24 10:10:35]: The Windows Firewall is enabled in the current profile Public.
[2016-10-24 10:10:35]: The outbound Windows Firewall rule Kärnnätverket - Teredo (UDP-ut) is enabled.
[2016-10-24 10:10:35]: The outbound Windows Firewall rule Kärnnätverket - IPHTTPS (TCP-ut) is enabled.
[2016-10-24 10:10:35]: Running certificate tests.
[2016-10-24 10:10:35]: No usable machine certificate found.
[2016-10-24 10:10:35]: Found 0 machine certificates on this client computer.
[2016-10-24 10:10:35]: Running IPsec infrastructure tunnel tests.
[2016-10-24 10:10:35]: Failed to connect to domain sysvol share \local.domainsysvollocla.domainPolicies.
[2016-10-24 10:10:35]: Running IPsec intranet tunnel tests.
[2016-10-24 10:10:38]: Failed to connect to :1000::1 with status TimedOut.
[2016-10-24 10:10:47]: Failed to connect to :1000::1 with status TimedOut.
[2016-10-24 10:10:50]: Failed to connect to :1000::2 with status TimedOut.
[2016-10-24 10:10:59]: Failed to connect to :1000::2 with status TimedOut.
[2016-10-24 10:10:59]: Running selected post-checks script.
[2016-10-24 10:10:59]: No post-checks script specified or the file does not exist.
[2016-10-24 10:10:59]: Finished running post-checks script.
[2016-10-24 10:10:59]: Finished running all tests.
Outputs on server
C:Usersadmin>netsh interface httpstunnel show interfaces
Interface IPHTTPSInterface Parameters
------------------------------------------------------------
Role : server
URL : https://da.externaldomain.com:443/IPHTTPS
Client authentication mode : none
Last Error Code : 0x0
Interface Status : IPHTTPS interface active
I am at a loss here. I have never a issue like this, usually it's an issue with NLS or DAC configuration after it has actually connected.
I have tried to reinstall the client but still the same issue.
Also tried to remove configuration from the server and reconfigured it. Everything still checked green on Remote access console.
windows-server-2012 direct-access
windows-server-2012 direct-access
asked Oct 24 '16 at 8:20
Mattias AMattias A
112
asked Oct 24 '16 at 8:20
Mattias AMattias A
112
asked Oct 24 '16 at 8:20
Mattias AMattias A
112
asked Oct 24 '16 at 8:20
Mattias AMattias A
112
asked Oct 24 '16 at 8:20
Mattias AMattias A
112
112
add a comment |
add a comment |
1 Answer
1
active
oldest
votes
This is a bit old but I'll throw this out anyway in case anyone else comes across this issue. I see this all the time when people first setup their DA with an auto generated cert then later choose to use their own public cert. In your example you state "Public certificate is installed". And yet "Client authentication mode : none". Your DA might think it's using a cert but on the back end it's not. Therefore, no auth is taking place and clients can't connect. The only fix I've ever seen for this is to blow out EVERYTHING to do with the DA. From GP entries to AD entries. You also have to blow out the server you originally set it up on and start from scratch. If you were trying to share a server and you still need the other services on that server then you'll have to move it somewhere else.
answered Sep 27 '18 at 22:46
Justin EmlayJustin Emlay
1011
add a comment |
Your Answer
StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "2"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);
else
createEditor();
);
function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);
);
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f810858%2fclients-unable-to-connect-to-da-server%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
This is a bit old but I'll throw this out anyway in case anyone else comes across this issue. I see this all the time when people first setup their DA with an auto generated cert then later choose to use their own public cert. In your example you state "Public certificate is installed". And yet "Client authentication mode : none". Your DA might think it's using a cert but on the back end it's not. Therefore, no auth is taking place and clients can't connect. The only fix I've ever seen for this is to blow out EVERYTHING to do with the DA. From GP entries to AD entries. You also have to blow out the server you originally set it up on and start from scratch. If you were trying to share a server and you still need the other services on that server then you'll have to move it somewhere else.
answered Sep 27 '18 at 22:46
Justin EmlayJustin Emlay
1011
add a comment |
This is a bit old but I'll throw this out anyway in case anyone else comes across this issue. I see this all the time when people first setup their DA with an auto generated cert then later choose to use their own public cert. In your example you state "Public certificate is installed". And yet "Client authentication mode : none". Your DA might think it's using a cert but on the back end it's not. Therefore, no auth is taking place and clients can't connect. The only fix I've ever seen for this is to blow out EVERYTHING to do with the DA. From GP entries to AD entries. You also have to blow out the server you originally set it up on and start from scratch. If you were trying to share a server and you still need the other services on that server then you'll have to move it somewhere else.
answered Sep 27 '18 at 22:46
Justin EmlayJustin Emlay
1011
add a comment |
This is a bit old but I'll throw this out anyway in case anyone else comes across this issue. I see this all the time when people first setup their DA with an auto generated cert then later choose to use their own public cert. In your example you state "Public certificate is installed". And yet "Client authentication mode : none". Your DA might think it's using a cert but on the back end it's not. Therefore, no auth is taking place and clients can't connect. The only fix I've ever seen for this is to blow out EVERYTHING to do with the DA. From GP entries to AD entries. You also have to blow out the server you originally set it up on and start from scratch. If you were trying to share a server and you still need the other services on that server then you'll have to move it somewhere else.
answered Sep 27 '18 at 22:46
Justin EmlayJustin Emlay
1011
This is a bit old but I'll throw this out anyway in case anyone else comes across this issue. I see this all the time when people first setup their DA with an auto generated cert then later choose to use their own public cert. In your example you state "Public certificate is installed". And yet "Client authentication mode : none". Your DA might think it's using a cert but on the back end it's not. Therefore, no auth is taking place and clients can't connect. The only fix I've ever seen for this is to blow out EVERYTHING to do with the DA. From GP entries to AD entries. You also have to blow out the server you originally set it up on and start from scratch. If you were trying to share a server and you still need the other services on that server then you'll have to move it somewhere else.
answered Sep 27 '18 at 22:46
Justin EmlayJustin Emlay
1011
answered Sep 27 '18 at 22:46
Justin EmlayJustin Emlay
1011
answered Sep 27 '18 at 22:46
Justin EmlayJustin Emlay
1011
answered Sep 27 '18 at 22:46
Justin EmlayJustin Emlay
1011
1011
add a comment |
add a comment |
Thanks for contributing an answer to Server Fault!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f810858%2fclients-unable-to-connect-to-da-server%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
