Direct Access 2012 through NAT - Stuck on Connecting

Hi,

I have setup DA 2012 R2 with 2 nics (one on LAN one on DMZ) behind a Juniper NAT edge firewall. I tested it successfully with a couple of Windows 8.1 clients. However upon trying to roll this out to a pilot group I am seeing the clients stuck on Connecting. I am still able to connect using the original test clients. I have run Network Monitor on the DA server and get the following.

 586 11:06:52 31/07/2014 48.4880776  10.0.0.254 10.0.0.21 ARP ARP:Response, 10.0.0.254 at 00-10-DB-FF-10-03 
50344 (0xC4A8) 587 11:06:52 31/07/2014 48.4880965 System 10.0.0.21 123.123.123.123 TCP TCP:Flags=...A..S., SrcPort=HTTPS(443), DstPort=50344, PayloadLen=0, Seq=2368893217, Ack=1506169700, Win=8192 ( Scale factor not supported ) = 2097152 {TCP:2, IPv4:1}
 588 11:06:52 31/07/2014 48.4960366  10.0.0.254 10.0.0.21 ARP ARP:Response, 10.0.0.254 at 00-10-DB-FF-10-03 
50344 (0xC4A8) 625 11:06:55 31/07/2014 51.4875730 System 10.0.0.21 123.123.123.123 TCP TCP:Flags=...A..S., SrcPort=HTTPS(443), DstPort=50344, PayloadLen=0, Seq=2368893217, Ack=1506169700, Win=8192 ( Scale factor not supported ) = 2097152 {TCP:2, IPv4:1}
50344 (0xC4A8) 699 11:07:01 31/07/2014 57.4888575 System 10.0.0.21 123.123.123.123 TCP TCP:Flags=...A..S., SrcPort=HTTPS(443), DstPort=50344, PayloadLen=0, Seq=2368893217, Ack=1506169700, Win=65535 ( Scale factor not supported ) = 16776960 {TCP:2, IPv4:1}
 756 11:07:06 31/07/2014 62.2536401  10.0.0.21 10.0.0.254 ARP ARP:Request, 10.0.0.21 asks for 10.0.0.254 
 757 11:07:06 31/07/2014 62.2547702  10.0.0.254 10.0.0.21 ARP ARP:Response, 10.0.0.254 at 00-10-DB-FF-10-03 
50344 (0xC4A8) 845 11:07:13 31/07/2014 69.4900573 System 10.0.0.21 123.123.123.123 TCP TCP:Flags=.....R.., SrcPort=HTTPS(443), DstPort=50344, PayloadLen=0, Seq=2368893218, Ack=1506169700, Win=0 (scale factor 0x8) = 0 {TCP:2, IPv4:1}
 984 11:07:25 31/07/2014 81.0412127  10.0.0.254 10.0.0.21 ARP ARP:Response, 10.0.0.254 at 00-10-DB-FF-10-03 
 986 11:07:25 31/07/2014 81.0495575  10.0.0.254 10.0.0.21 ARP ARP:Response, 10.0.0.254 at 00-10-DB-FF-10-03 

EdgeFW DMZ Address - 10.0.0.254
DAServer DMZ Address - 10.0.0.21
DAClient Router Internet IP - 123.123.123.123

I keep seeing ( Scale factor not supported ) in the output and then a Reset flag which I believe is the problem.

Does anyone have any idea what may be causing this?

Thanks,

Jez