ISP Address Field is Blank in DirectAccess Status and Reports

When viewing DirectAccess client status in the Remote Access Management console, you will notice that the ISP address field is blank for clients using the IP-HTTPS IPv6 transition protocol. However, the ISP Address information is displayed for clients using the 6to4 or Teredo IPv6 transition protocols.

ISP Address Field is Blank in DirectAccess Status and Reports

This is expected behavior and occurs as a result of the way in which the DirectAccess reports obtain the client’s public ISP address information. The ISP address is derived from the IPv6 address used to establish the DirectAccess client’s IPsec Security Associations (SAs) on the DirectAccess server. For clients using the 6to4 or Teredo IPv6 transition protocols, the client’s public IPv4 address is embedded in its IPv6 address. This information is displayed in the ISP Address field. However, the IP-HTTPS IPv6 transition protocol uses completely random IPv6 addresses. Without an embedded IPv4 address, the Remote Access Management console lacks the information to display in the ISP Address field.

Updated 3/22/2015: With a little extra work it is possible to find the IPv4 ISP address for DirectAccess clients using the IP-HTTPS IPv6 transition protocol. For more information, please refer to Microsoft PFE Martin Solis’ excellent blog post on the subject here.

Leave a comment


  1. jDA

     /  March 18, 2015

    Hi Richard, do you know if it is possible to have a mixed DA environment where some DA servers are Windows 2012 and the others are Windows 2012 R2

    • It’s not recommended, but yes, I’ve confirmed that it does work. I’d suggest doing this only as part of a rolling upgrade. It would be advisable to get to all 2012 R2 machines as quickly as possible. 🙂

  2. Roshan

     /  July 7, 2017

    Hi Richard, i can ping and Access remotely DA Client whose protocol is showing IPHTTPS but unable to ping or access the machine whose protocol is Teredo. Why so.?

    • Try enabling the option to “Allow Edge Traversal” on any client-side firewall rules allowing inbound management traffic (for example RDP). Let me know if that helps!

  3. Edgar Spruijt

     /  November 8, 2018

    Hello Richard, I am trying to find the Martin Solis post you referred to, but it seems to have disappeared from the internet. Do you maybe have another link or any documentation on this?

    • Hmmm…Martin seems to have dropped off the Internet. :/ I’ll reach out to him directly and see what I can find. Hopefully he’ll share the original content with me and I can repost. Stay tuned…

      • Edgar Spruijt

         /  November 12, 2018

        That would be great. Thanks a lot.

  4. Marek

     /  March 6, 2019

    Regarding Martin’s post, remember about That’s how I got access to the page.

  5. Peter

     /  March 29, 2019

    I often see the username blank for some clients, we always see the host name. Is there a reason why some of the connections in the remote client dashboard do not show the username?

    We’re using IP-HTTPS only.


    • If the user name is blank it means the user hasn’t logged on yet. You will always see the computer name because that will establish automatically before the user logs on.

  1. Monitoring DirectAccess Machine and User Activity with Windows Component Event Logging | Richard Hicks' DirectAccess Blog

Leave a Reply

%d bloggers like this: