I run the IPv6 program for Comcast. Let me know how I can help.<div><br></div><div>Adding my work email so I don't miss these emails.</div><div><br></div><div>John</div><div><br>On Saturday, December 19, 2015, Kurt Buff <<a href="mailto:kurt.buff@gmail.com">kurt.buff@gmail.com</a>> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">All,<br>
<br>
I ran into an interesting situation some months ago which still<br>
baffles me, and though I was able to work around it, I expect it will<br>
happen again.<br>
<br>
We implemented MSFT DirectAcess at our company quite some time ago<br>
(using 2008R2 and Forefront 2010), and it works extremely well.<br>
<br>
At least it worked well for everyone until one of the employees got<br>
his Comcast connection upgraded, and then DirectAccess didn't work for<br>
that employee any more.<br>
<br>
We proved that if he tethered to his cell phone, that would work, and<br>
if he used an SSL VPN client while on his Comcast connect that would<br>
work, but DirectAccess would not work at home.<br>
<br>
Finally, I discovered that his Comcast-installed router was handing<br>
our IPv6 addresses on his home LAN. Turning that off enabled<br>
DirectAccess to work again.<br>
<br>
We do not have an assigned IPv6 block from our ISP, though of course<br>
MSFT OSes use it, and auto-assign themselves addresses, but for now<br>
we're ignoring it.<br>
<br>
Has anyone run into this problem and solved it - not by turning off<br>
iIPv6 address assignment for the home LAN, but really solved it? If<br>
so, how did you do that?<br>
<br>
Would getting and implementing an IPv6 assignment from our ISP cure<br>
the problem, or make it worse?<br>
<br>
I've found little guidance from MSFT about DirectAccess in an IPv6<br>
environment, though I admit I haven't been terribly diligent in my<br>
searches.<br>
<br>
Kurt<br>
</blockquote></div>