question

karthikpalani-9530 avatar image
0 Votes"
karthikpalani-9530 asked CandyLuo-MSFT commented

Windows Server 2016 - Direct Access Client Error

Hi All,

I am not an expert in Direct access configuration, did based on the steps mentioned in the below link

https://newhelptech.wordpress.com/2017/07/05/step-by-step-installing-configuring-directaccess-in-windows-server-2016/

I have configured the server perfectly fine and there is no error in the operational status. I can see the DA client policy is applied and under settings/network & internet/it says connecting for a long time. Please suggest on how to proceed

95993-da.jpg



Unable to connect to DA server from client machines

windows-serverwindows-10-network
da.jpg (21.7 KiB)
· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Check the Event Viewer and see if there is any error log there?
Is it in the same network?
Are you able to ping it?

0 Votes 0 ·
CandyLuo-MSFT avatar image
0 Votes"
CandyLuo-MSFT answered

Hi ,

When the client is outside the corporate network, it will connect to the DA server. You can run netshdns show state to confirm the Client Knows that it’s outside the corporate network.

  • Check whether the DA client can connect to the DA Server using telnet on tcp port 443:

1.Install telnet with elevated rights: dism /online /Enable-Feature /FeatureName:TelnetClient

2.Open new CMD and run the command: telnet <DA_Public_Name> 443.

If connection fails, there might be something blocking the connection on tcp port 443 to the DA server.

  • Check if there are any error message for the IPHTTPS interface.

Check the status using: netsh interface http show interface

3.Confirm the Name Resolution Policy Table Settings on the DirectAccess Client. The follow article talking about how to troubleshoot Name Resolution Issues on DirectAccess Clients, you could have a look:

Troubleshooting Name Resolution Issues on DirectAccess Clients

Best Regards,
Candy


If the Answer is helpful, please click "Accept Answer" and upvote it.

Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.


5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

karthikpalani-9530 avatar image
0 Votes"
karthikpalani-9530 answered CandyLuo-MSFT commented

its outside network as confirmed by netsh dns show state. I didnt telnet which is valid point and will check event vwr (Cud u pls tell me which event i need to verify)as well

Thanks

· 4
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Just want to confirm the current situations.

Please feel free to let us know if you need further assistance.

0 Votes 0 ·

Thanks Candy, Customer just resumed. Seems 443 telnet is not working. Requested them to open the ports

0 Votes 0 ·

If you have any updates during this process, please feel free to let me know. You could accept the useful reply as answer if you want to end this thread up. :)

0 Votes 0 ·

Please try to mark the replies which help you. It will encourage the person who help you.
Appreciate your understanding. :)

0 Votes 0 ·