Curious situation - not urgent, but I'd like to know more

Brzozowski, John Jason jjmb at jjmb.com
Sun Dec 20 03:49:05 CET 2015


I run the IPv6 program for Comcast.  Let me know how I can help.

Adding my work email so I don't miss these emails.

John

On Saturday, December 19, 2015, Kurt Buff <kurt.buff at gmail.com> wrote:

> All,
>
> I ran into an interesting situation some months ago which still
> baffles me, and though I was able to work around it, I expect it will
> happen again.
>
> We implemented MSFT DirectAcess at our company quite some time ago
> (using 2008R2 and Forefront 2010), and it works extremely well.
>
> At least it worked well for everyone until one of the employees got
> his Comcast connection upgraded, and then DirectAccess didn't work for
> that employee any more.
>
> We proved that if he tethered to his cell phone, that would work, and
> if he used an SSL VPN client while on his Comcast connect that would
> work, but DirectAccess would not work at home.
>
> Finally, I discovered that his Comcast-installed router was handing
> our IPv6 addresses on his home LAN. Turning that off enabled
> DirectAccess to work again.
>
> We do not have an assigned IPv6 block from our ISP, though of course
> MSFT OSes use it, and auto-assign themselves addresses, but for now
> we're ignoring it.
>
> Has anyone run into this problem and solved it - not by turning off
> iIPv6 address assignment for the home LAN, but really solved it? If
> so, how did you do that?
>
> Would getting and implementing an IPv6 assignment from our ISP cure
> the problem, or make it worse?
>
> I've found little guidance from MSFT about DirectAccess in an IPv6
> environment, though I admit I haven't been terribly diligent in my
> searches.
>
> Kurt
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.cluenet.de/pipermail/ipv6-ops/attachments/20151219/291feb66/attachment.htm>


More information about the ipv6-ops mailing list