After installing and configuring DirectAccess in Windows Server 2019 you may encounter an error message indicating that IP-HTTPS is not working properly. Looking at the Operations Status overview in the Dashboard of the Remote Access Management console shows that the IP-HTTPS interface is in error.
IP-HTTPS Route Error
Viewing the detailed Operations Status shows the following error message.
Error: The IP-HTTPS route does not have published property enabled.
Missing Route
Looking at the routing table on the DirectAccess server reveals that a route to the client IPv6 prefix is indeed missing.
Resolution
To resolve this error message, add the client IPv6 route to the DirectAccess server’s routing table and publish it. This is accomplished by running the following PowerShell commands on the DirectAccess server.
$IPv6prefix = (Get-RemoteAccess).ClientIPv6Prefix
New-NetRoute -AddressFamily IPv6 -DestinationPrefix $IPv6prefix -InterfaceAlias “Microsoft IP-HTTPS Platform Interface” -Publish Yes
Next, restart the Remote Access Management service (RaMgmtSvc) using the following PowerShell command.
Restart-Service RaMgmtSvc -PassThru
Once complete, refresh the management console and the IP-HTTPS error message should be resolved and the operations status should state that it is now working properly.
Additional Information
SSL Certificate Conisderations for DirectAccess IP-HTTPS
DirectAccess Expire IP-HTTPS Certificate and Error 0x800b0101