When the DA client has a native IPv6 address, I can't get DirectAccess working properly. The environment is:
- DA clients are Windows 8 or higher.
- DA server is Windows 20012R2 with the Intranet IPv4 and IPv6 enabled.
When the DA client has only an IPv4 address, everything is working great through IP-HTTPS. We do not use 6TO4 or Teredo in that case.
I've read a lot of articles, including http://www.ivonetworks.com/news/2011/11/client-side-ipv6-and-directaccess-dont-always-get-along/, but no one seems able to provide good guidance, although the scenario with client-side IPv6 is supported according to Microsoft.
Today, you can't say this is a corner case. Moreover, it is totally unacceptable to put a workaround in place that dictates to unbind IPv6 on the client-side to get it working properly.
Note: some previous threads without good answers:
- https://social.technet.microsoft.com/Forums/en-US/e4bbb30e-161a-4847-918d-ba34934b4877/directaccess-double-dns-registration-issue-with-native-ipv6-client?forum=winserverNIS
Best Regards,
Stefaan