Teredo not working after Setting up Windows Server 2012 DirectAccess

Author by Shannon Fritz

Microsoft has done a great job of making DirectAccess really really easy to deploy on Windows Server 2012.  Using the “Getting Started Wizard” you can spend just a few clicks and have a working DirectAccess deployment for Windows 8 clients.  This wizard is designed to be very generic and give you the best chance of having a working deployment with very little effort, so if you want to enable some of the more advanced features like Multi-site, certificate authentication or support Windows 7 clients, you need to later modify the configuration with the Remote Access Management Console.

Once of the features of DirectAccess is the ability to use three transition technologies to get the clients connected to the Corpnet: 6TO4, Teredo and IP-HTTPS.  The first two of these three are only available if your Remote Access server has two network adapters, one with a pair of public IP address connected to the Internet and the other with a Private IP connected to the Corpnet.  However, it seems the “Getting Started Wizard” sometimes fails to recognize when your server meets that criteria so it only configures IPHTTPS.  This leaves you with a working deployment, but not with all the bells and whistles you might be expecting.

As a result, if you look in the Remote Client Status of the Remote Access Console, you may discover that everyone is using IP-HTTPS, even though they should be able to use 6TO4 and Teredo too!

image

To find out if this is a result of the configuration  rather than a simple coincidence that none of you users might actually able to use Teredo at the moment, let’s turn to our good friend Powershell (since there is no place in the UI to configure this AFAIK).

clip_image002

get-daserver | format-table teredostate

We can clearly see that Teredo is in fact disabled on this server, so let’s go ahead and turn it on then.

clip_image002[5]

set-daserver -teredostate enabled

And after a few minutes you should start seeing clients using Teredo.

clip_image002[7]

Thanks goes out to fellow MVP Ed Horley for pointing this out and to Vladimir Stepic for quickly summarizing the situation back in October!

Author

Shannon Fritz

Infrastructure Architect & Server Team Lead