When you are troubleshooting DirectAccess issues on a Windows client, we often like to gather diagnostic data from the DirectAccess client during a failed connection attempt.
Start, CMD (Run As Admin),
Netsh.exe trace start scenario=directaccess capture=yes report=yes tracefile=C:\logfile\datrace_%ComputerName%.etl
Netsh.exe wfp capture start file=c:\logfile\wfpdiag_%ComputerName%.cab
At this point, disable and re-enable the internet network connection and then try to connect to an internal share. Afterwards, run the following commands:
Netsh.exe wfp capture stop
Netsh.exe trace stop
In c:\logfile zip up the datrace.etl, datrace.cab and wfpdiag.cab.