IPv6 and DirectAccess Troubleshooting Cheat Sheets

What would you be willing to pay for a really cool IPv6 and DirectAccess troubleshooting cheat sheet? $5? $10? $100? ONE HUNDRED BILLION DOLLARS? Would you pay one hundred billion dollars for these cheat sheets? Since these cheat sheets are priceless we’re going to give them away. Thanks to DirectAccess guru and all around good…

2

UAG DirectAccess and the IPv6 Internet

We’ve received a number of questions recently about UAG DirectAccess support for the IPv6 Internet. When thinking about the IPv6 Internet, you need to think about when the DirectAccess client is on an IPv6 Internet (or on an IPv6 only intranet) and when the UAG DirectAccess server has its external interface connected to an IPv6…

7

Clearing the Air on ISATAP

For companies thinking about deploying DirectAccess, the question of whether or not you need to deploy ISATAP will invariably come up. The answer to this question is “no” and the reasons for why you don’t need ISATAP in a DirectAccess deployment are covered in my article over at http://blogs.technet.com/b/tomshinder/archive/2010/10/01/is-isatap-required-for-uag-directaccess.aspx However, ISATAP does have a place…

9

Use a HOSTS File Entry to Control ISATAP Host Configuration

ISATAP is an optional configuration option you can take advantage of when working with UAG DirectAccess. What ISATAP allows you to do is automatically assign IPv6 addresses to computers on the network that already have IPv4 addresses (which is going to be all of them). The advantage conferred when using ISATAP is that you can…

6

UAG DirectAccess–Guess the Device in the Request/Response Path

Take a look at the figures below and see if you can guess what device is in the request/response path that you don’t typically see a UAG DirectAccess deployment. First, the ipconfig output on a DirectAccess client located behind a NAT device: Figure 1 Now let’s ping DC1: Figure 2 Now let’s do a tracert…

9

Is ISATAP Required for UAG DirectAccess?

The answer is “no” – but its important to understand the function of ISATAP and why or why not you might consider deploying ISATAP in your environment. Why ISATAP? ISATAP is the Intra-site Automatic Tunnel Addressing Protocol. The purpose of ISATAP is to allow you to use IPv6 aware applications on a network that hasn’t…

2

Configuring DirectAccess to Support Citrix Connections

We’ve seen a lot of questions on how to get the Citrix client to work with DirectAccess. The following provide some information and procedures that may work to get the Citrix client to work over DirectAccess. The Citrix client can use IPv6 to connect to one type of server only: the Citrix Secure Gateway (CSG)….

13

Troubleshooting the “No Usable Certificate(s)” IP-HTTPS Client Error

(Discuss UAG DirectAccess issues on the TechNet Forums over at http://social.technet.microsoft.com/Forums/en-US/forefrontedgeiag) An interesting case came in last week and I thought it would be useful to share it with you all. It’s especially interesting because it covers some not so well documented features of the IP-HTTPS client configuration and how it works. For those of…

3

UAG DirectAccess – Don’t Fear the Reaper or IPv6

(Discuss UAG DirectAccess issues on the TechNet Forums over at http://social.technet.microsoft.com/Forums/en-US/forefrontedgeiag) “All our times have come Here, but now they’re gone Seasons don’t fear the reaper Nor do the wind, the sun or the rain (We can be like they are) Come on baby (Don’t fear the reaper) Baby, take my hand (Don’t fear the…

2