Hi,
I have a Windows 2012 DA server with a single nic behind an edge device. I'm following this guide for my implementation:
http://syscomlab.blog.com/2012/09/directaccess-for-windows-server-2012-guide/
In the DNS server settings for Direct Access I've configured contoso.com" to use my DA server to resolve queries. My DA server uses my DCs to resolve DNS queries (listed on the ipv4 address properties). From my DA server I can resolve
ipv6 addresses (ie nslookup -q=aaaa mypc.contoso.com <ip v6 address of DC> and the query works. The same query from my DA client fails.
I can ping internal resources with my DA client using the resource's ipv6 address, my DA server can ping the ipv6 address of my DA client, but DNS name resolution fails.
I'm using isatap as stated by the article and I've registered an isatap record in DNS.
My internal network has not been configured for IPV6, however I've noticed several of my internal addresses are similar "fd62:xxxx:xxxxf:3333::1", other than the link local addresses they all start with "fd62" - I would have thought a 2002 or 2001 prefix would be more suitable.
Within the DA monitoring console, it states that all DA services are healthy.
I've ran a BPA against the DA server and 2 errors come back, one is that I need to add server addresses to the internal IPv6 prefix and the other that came back is that the "Routing and Remote Access Role or service must be enabled".
I suspect the routing and remote access part is irrelevant as I can ping internal IPV6 resources. For the DA server to be able to perform DNS queries on behalf of clients, do I need to enable my DCs to listen on IPV6 for DNS?
Any tips to get this working would be helpful.
Thanks