This week I had an issue with my DirectAccess lab environment which is based on the Test Lab Guide scenario “Demonstrate Forefront UAG DirectAccess Network Load Balancing and Array Configuration“. In the DirectAccess Monitor Reports one of the array members was not healthy at the Network Security, Teredo Server and Teredo Relay level.
In the event log I found the following error: Event ID 10114 Source: UAG DA Management.
This event leads me to a post of Tom Shinder DirectAccess Monitor Reports Network Security not healthy. I found out that the problem does not match what was described in the post however it provided me some inspiration and pointed me more or less in the right direction. The command “netsh int ipv6 show int” pointed me to the fact the state of Teredo Tunneling Pseudo-Interface was disconnected.
Using the command “netsh int teredo show state” confirmed my presumption that the Teredo Pseudo-Interface was misconfigured at the server side.
Based on my findings I changed the Teredo Pseudo-Interface configuration to Server by using the command “netsh interface teredo set state server” and check the configuration again. As you can see afterwards Teredo Pseudo-Interface came back online and was able again to serve DirectAccess clients.
Most likely I made a mistake by using a wrong netsh command earlier without being aware of…shame on me! But at the other hand it makes me more confident troubleshooting DirectAccess and using netsh! I quote John Craddock “netsh is your best friend” J
Some useful links for troubleshooting DirectAccess: