When viewing DirectAccess client status in the Remote Access Management console, you will notice that the ISP address field is blank for clients using the IP-HTTPS IPv6 transition protocol. However, the ISP Address information is displayed for clients using the 6to4 or Teredo IPv6 transition protocols.
This is expected behavior and occurs as a result of the way in which the DirectAccess reports obtain the client’s public ISP address information. The ISP address is derived from the IPv6 address used to establish the DirectAccess client’s IPsec Security Associations (SAs) on the DirectAccess server. For clients using the 6to4 or Teredo IPv6 transition protocols, the client’s public IPv4 address is embedded in its IPv6 address. This information is displayed in the ISP Address field. However, the IP-HTTPS IPv6 transition protocol uses completely random IPv6 addresses. Without an embedded IPv4 address, the Remote Access Management console lacks the information to display in the ISP Address field.
Updated 3/22/2015: With a little extra work it is possible to find the IPv4 ISP address for DirectAccess clients using the IP-HTTPS IPv6 transition protocol. For more information, please refer to Microsoft PFE Martin Solis’ excellent blog post on the subject here.
jDA
/ March 18, 2015Hi Richard, do you know if it is possible to have a mixed DA environment where some DA servers are Windows 2012 and the others are Windows 2012 R2
Richard Hicks
/ March 22, 2015It’s not recommended, but yes, I’ve confirmed that it does work. I’d suggest doing this only as part of a rolling upgrade. It would be advisable to get to all 2012 R2 machines as quickly as possible. 🙂
Roshan
/ July 7, 2017Hi Richard, i can ping and Access remotely DA Client whose protocol is showing IPHTTPS but unable to ping or access the machine whose protocol is Teredo. Why so.?
Richard M. Hicks
/ July 10, 2017Try enabling the option to “Allow Edge Traversal” on any client-side firewall rules allowing inbound management traffic (for example RDP). Let me know if that helps!
Edgar Spruijt
/ November 8, 2018Hello Richard, I am trying to find the Martin Solis post you referred to, but it seems to have disappeared from the internet. Do you maybe have another link or any documentation on this?
Richard M. Hicks
/ November 9, 2018Hmmm…Martin seems to have dropped off the Internet. :/ I’ll reach out to him directly and see what I can find. Hopefully he’ll share the original content with me and I can repost. Stay tuned…
Edgar Spruijt
/ November 12, 2018That would be great. Thanks a lot.
Zoltán Nagy
/ September 13, 2021Dear Richard!
Were you able to find the original content?
Thanks
Richard M. Hicks
/ September 14, 2021Yes. Here you go!
https://docs.microsoft.com/en-us/archive/blogs/martin_j_solis/additional-way-to-monitor-directaccess-machineuser-activity-on-windows-2012-and-2012r2-directaccess-with-component-event-logging
Marek
/ March 6, 2019Regarding Martin’s post, remember about archive.org. That’s how I got access to the page.
Peter
/ March 29, 2019Richard,
I often see the username blank for some clients, we always see the host name. Is there a reason why some of the connections in the remote client dashboard do not show the username?
We’re using IP-HTTPS only.
Thanks
Richard M. Hicks
/ March 30, 2019If the user name is blank it means the user hasn’t logged on yet. You will always see the computer name because that will establish automatically before the user logs on.
Ben Lye
/ March 19, 2020The referenced blog post can be found here:
https://docs.microsoft.com/en-us/archive/blogs/martin_j_solis/additional-way-to-monitor-directaccess-machineuser-activity-on-windows-2012-and-2012r2-directaccess-with-component-event-logging
Techie1
/ August 12, 2021Client computers are connecting Corporate network via DirectAccess VPN and accessing all services. but client computer doesn’t get office ISP. when trying to check what is my ip, it shows clients home internet ISP IP.
Richard M. Hicks
/ August 16, 2021You would need to enable selective tunneling or force tunneling for DirectAccess to have your traffic source form your office ISP.