Hi
I was debugging an environment where Direct Access -server lost it's IPv6 addresses accidentally by group policy. Direct Access is built on Windows Server 2012 R2.
First error was from DA monitor: Network Interface is not healthy. Both external and internal interfaces were missing ipv6 addresses. Ipv6 was removed from network interfaces.
server. When they attempted to open intranet tunnel, it didn't work. When I enabled ipsec monitoring, I got an error: Event ID 4653 IPSec main mode error: no policy configured. This was from client.
Server was also giving IPsec main mode error and reason was: Negotiation was timed out.
I tried to recreate group policies but it didn’t help. Only thing which helped was to delete configuration and uninstall remote access role. After removing, I installed role and configured direct access. All ipv6 addresses where the same. After clients got updated policies, direct access started working.
Has anyone been able to fix direct access from current situation without doing reinstallation?
thanks
-teemu
br -teemu