I have a NLB cluster for DirectAccess on Server 2012. I am able to get Windows 7 machines to connect. I cannot get Windows 8 machines to connect.
We have a 2008 SP2 certificate authority (entrpriseCA). Windows 7 machines that use DA have a computer certificate from the CA. DirectAccess configuration enables members of "DirectAccessAllowed" security group for DA. The members of that group are two security groups (DA-Win7Computers & DA-Win8Computers). The computer accounts are in thier respective groups based on OS type. DirectAccess servers are in edge configuration.
Initially the Win8 machines were "unable to contact the DirectAccess server" per the connectivity assistant logs. I changed the key HKLM:\System\CurrentControlSet\Services\IKEEXT\Parameters ikeflags to 32768 decimal on both servers and rebooted them. Now the Win8 machine machines connectivity assistant indicates "Windows is unable to resolve DNS names for probes". I obtained a computer certificate for the Win8 machine from the enterprise CA which did not help.
Windows Firewall is on and it is configured via the same group policies as the Win7 machines for DA.
Any suggestions would be appreciated
