Posts

Showing posts from June, 2015

ISP DNS Hijacking breaks DirectAccess connectivity

Image
Edit: Thanks to Richard Hicks for commenting on this post. It seems that my understanding of exactly why things broke the way they did may have been flawed. I leave the post here for reference however, since it does describe the symptoms and the solution that worked in this particular situation. Understand however that the explanation of why the solution worked may not be correct. We recently began piloting Microsoft's DirectAccess (DA) for use connecting remote/mobile computers to our internal network over the internet.  Yesterday I received a call from a user who had been using DirectAccess for several weeks without issue, but suddenly was not able to access internal resources.  I'm documenting the issue here in hopes that it will help others experiencing similar issues with DirectAccess connections.

The first thing I tried was to remote control the computer using SCCM.  When this connected successfully, I knew that the DA connection had at least established the tunnel an…