After installing and configuring DirectAccess in Windows Server 2019 you may encounter an error message indicating that IP-HTTPS is not working properly. Looking at the Operations Status overview in the Dashboard of the Remote Access Management console shows that the IP-HTTPS interface is in error. IP-HTTPS Route Error Viewing the detailed Operations Status shows the […]
Awards
Consulting
All posts found when searching for IP-HTTPS
DirectAccess IP-HTTPS Not Working Properly in Windows Server 2019
Posted by Richard M. Hicks on November 26, 2018
https://directaccess.richardhicks.com/2018/11/26/directaccess-ip-https-not-working-properly-in-windows-server-2019/
DirectAccess IP-HTTPS Performance Issues
Performance issues with DirectAccess are not uncommon. In fact, there are numerous threads on Microsoft and third-party forums where administrators frequently complain about slow download speeds, especially when using the IP-HTTPS IPv6 transition technology. Based on my experience the problem does not appear to be widespread but occurs with enough regularity that it is worthy […]
Posted by Richard M. Hicks on February 19, 2018
https://directaccess.richardhicks.com/2018/02/19/directaccess-ip-https-performance-issues/
DirectAccess IP-HTTPS and Symantec SSL Certificates
An SSL certificate is required to support the IP-HTTPS IPv6 transition technology when configuring DirectAccess. Implementation best practices dictate using a public SSL certificate signed by a trusted third-party vendor such as Entrust, Verisign, DigiCert, and others. SSL certificates issued by a private PKI are acceptable if the client trusts the issuing CA. Self-signed certificates […]
Posted by Richard M. Hicks on March 5, 2018
https://directaccess.richardhicks.com/2018/03/05/directaccess-ip-https-and-symantec-ssl-certificates/
DirectAccess Get-NetIPHttpsState Fails on Windows 10 1803
PowerShell is an essential tool for Windows administrators for configuration, task automation, monitoring, reporting, and problem resolution. When troubleshooting DirectAccess connectivity using the IP-HTTPS IPv6 transition technology, the Get-NetIPHttpsConfiguration and Get-NetIPHttpsState PowerShell commands are important for assessing the configuration and current state of the IP-HTTPS connection. When DirectAccess connectivity fails, these are some of the […]
Posted by Richard M. Hicks on November 19, 2018
https://directaccess.richardhicks.com/2018/11/19/directaccess-get-netiphttpsstate-fails-on-windows-10-1803/
DirectAccess IP-HTTPS Null Cipher Suites Not Available
Microsoft first introduced support for null cipher suites for the IP-HTTPS IPv6 transition technology in Windows Server 2012, and it is supported for DirectAccess in Windows 8.x and Windows 10 clients. Using null cipher suites for IP-HTTPS eliminates the needless double encryption that occurs when using encrypted cipher suites. DirectAccess is a unique workload where […]
Posted by Richard M. Hicks on December 18, 2017
https://directaccess.richardhicks.com/2017/12/18/directaccess-ip-https-null-cipher-suites-not-available/
SSL Certificate Considerations for DirectAccess IP-HTTPS
DirectAccess uses IPv6 exclusively for communication between the client and server. IPv6 transition technologies are used to support DirectAccess communication over the IPv4 public Internet. One of those IPv6 transition technologies, IP-HTTPS, uses HTTP for encapsulation and SSL/TLS for authentication of the DirectAccess server. SSL Certificates When configuring DirectAccess, an SSL certificate must be provided […]
Posted by Richard M. Hicks on October 30, 2017
https://directaccess.richardhicks.com/2017/10/30/ssl-certificate-considerations-for-directaccess-ip-https/
Renew DirectAccess Self-Signed Certificates
Important! Updated April 29, 2020 to resolve an issue where the DirectAccess RADIUS encryption certificate was not published to the DirectAccess Server Settings GPO in Active Directory. When DirectAccess is deployed using the Getting Started Wizard (GSW), sometimes referred to as the “simplified deployment” method, self-signed certificates are created during the installation and used for […]
Posted by Richard M. Hicks on May 2, 2019
https://directaccess.richardhicks.com/2019/05/02/renew-directaccess-self-signed-certificates/
Troubleshooting DirectAccess IP-HTTPS Error Code 0x800b0109
A Windows 7 or Windows 8.x/10 client may fail to establish a DirectAccess connection using the IP-HTTPS IPv6transition technology. When troubleshooting this issue, running ipconfig.exe show that the media state for the tunnel adapter iphttpsinterface is Media disconnected. Running the Get-NetIPHttpsState PowerShell command on Windows 8.x/10 clients or the netsh interface httpstunnel show interface command […]
Posted by Richard M. Hicks on April 6, 2017
https://directaccess.richardhicks.com/2017/04/06/troubleshooting-directaccess-ip-https-error-code-0x800b0109/
Troubleshooting DirectAccess IP-HTTPS Error 0x80090326
A Windows 7 or Windows 8.x/10 client may fail to establish a DirectAccess connection using the IP-HTTPS IPv6 transition technology. When troubleshooting this issue, running ipconfig.exe shows that the media state for the tunnel adapter iphttpsinterface is Media disconnected. Running the Get-NetIPHttpsState PowerShell command on Windows 8.x/10 clients or the netsh interface httpstunnel show interface […]
Posted by Richard M. Hicks on April 3, 2017
https://directaccess.richardhicks.com/2017/04/03/troubleshooting-directaccess-ip-https-error-0x80090326/
F5-BIG-IP Load Balancing
When deploying Microsoft enterprise mobility solutions such as Windows 10 Always On VPN and DirectAccess, more than one server may be required to meet capacity requirements or provide local and/or geographic redundancy. NLB Windows Server features an integrated load balancer called Network Load Balancing (NLB). It is an inexpensive way to create a cluster of […]
Posted by Richard M. Hicks on July 23, 2020
https://directaccess.richardhicks.com/f5-big-ip-load-balancer/
DirectAccess Book
NetMotion Mobility
