Updated 12/9/2016: This issue has been resolved in build 14986. If you are still running build 14971, update to the latest build to resolve this issue.
For anyone running the Insider Preview version of Windows 10 Enterprise, be advised that the latest Fast Ring build (14971) has a bug that breaks DirectAccess connectivity. Microsoft is aware of the issue and is currently working to identify the root cause. As it stands now, there is no known workaround.
I’ll post an update as soon as I have more information. Stay tuned!
Posted by Richard M. Hicks on December 5, 2016
For anyone testing DirectAccess in Windows Server 2016 Technical Preview 5 (TP5), be advised there is a bug in the latest release that is preventing DirectAccess from working. At this time Microsoft is aware of the issue and is working to resolve it.
I’ll post more details when they become available.
Posted by Richard M. Hicks on May 17, 2016
For DirectAccess manage out deployments using ISATAP, you may encounter a scenario in which you are unable to initiate outbound connections to connected DirectAccess clients from a Windows 10 computer. Outbound connections using ISATAP from Windows 7, Windows 8, Windows Server 2008/R2, or Windows Server 2012/R2 systems work without issue.
As it turns out, there is a bug in the Windows 10 DNS client code that prevents manage out using ISATAP from a Windows 10 client from working correctly. Thanks to the diligent effort of DirectAccess administrators Mike Piron and Jason Kuhns, a workaround has been identified. To deploy the workaround, it will be necessary to implement registry changes to alter the default behavior of the DNS resolver in Windows 10. You can implement these changes on a Windows 10 DirectAccess manage out machine by using the following PowerShell commands:
New-ItemProperty -Path “HKLM:\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\” -Name DisableParallelAandAAAA -PropertyType dword -Value 1 -Force
New-ItemProperty -Path “HKLM:\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\” -Name DisableServerUnreachability -PropertyType dword -Value 1 –Force
Once these registry changes have been made, you should now be able to use ISATAP for DirectAccess manage out connections from a Windows 10 machine.
Posted by Richard M. Hicks on November 10, 2015