This is a bit strange - I've set up a simple Server 2012R2 Direct Access server with single NIC behind a NAT, self signed cert though.
When I try and connect I just get "Connecting" forever - but when I check the IP-HTTPS interface is active and has an address but it's strange, it doesn't look like a public IPv6 address it starts with fd9f:3106 - alongside this there is also a Teredo Tunnel active with a normal looking IPv6 address which I can't quite understand as it should be IP-HTTPS only with a single interface DA server behind NAT.
On running the Direct Access troubleshooter it says I'm connected to the Microsoft public teredo server... WHY??
It also says it successfully connected to the endpoint and the DNS tests worked
Then we come to the certs it says No Usable Machine Cert found - I've looked and the self signed certs have been put into Trusted Root Authority store by the policy - but no go - all the Infrastructure Tunnel test fails with Failed to connect to sysvol and User Tunnel fails to connect to HTTP probe.
I'm guessing at least part of the problem is the self signed cert but some more experienced advice would be very much appreciated.
Thanks
Scott