UAG DirectAccess Manage Out Not Working – Check the DNS Settings

By /

Here’s an interesting story about a UAG DirectAccess deployment that seemed to be working well. The remote DirectAccess client could connect to the DA server, could connect to resources located on the corpnet over IPv6 and over NAT64/DNS64, and was able to resolve names.

The problem was that the internal servers acting as management servers weren’t able to “manage out” some of the DA clients on the Internet. What was the problem? DNS!

Remember, the DA clients need to be able to register their names with your DNS servers to enable management stations to connect to the DA clients. In addition, the DA clients need to be able to registered their IPv6 address, since manage out with the management station initiating the connection to the DA client is not supports with NAT64/DNS64.

For more information, check out:

http://blogs.technet.com/edgeaccessblog/archive/2010/04/30/directaccess-mobile-connections-dns-records-and-more.aspx

HTH,

Deb

DEBRA LITTLEJOHN SHINDER
MVP (Enterprise Security)
“MS SECURITY”
[email protected]

About The Author

Debra Littlejohn Shinder is a technology and security analyst and author specializing in identity, security and cybercrime, utilizing her past experience as a police officer and police academy/criminal justice instructor. She has written numerous books and articles for web and print publications and has been awarded the Microsoft MVP designation for fourteen years in a row.

Read Next

Leave a Comment

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Scroll to Top