I run the IPv6 program for Comcast. Let me know how I can help. Adding my work email so I don't miss these emails.
John On Saturday, December 19, 2015, Kurt Buff <[email protected]> wrote: > All, > > I ran into an interesting situation some months ago which still > baffles me, and though I was able to work around it, I expect it will > happen again. > > We implemented MSFT DirectAcess at our company quite some time ago > (using 2008R2 and Forefront 2010), and it works extremely well. > > At least it worked well for everyone until one of the employees got > his Comcast connection upgraded, and then DirectAccess didn't work for > that employee any more. > > We proved that if he tethered to his cell phone, that would work, and > if he used an SSL VPN client while on his Comcast connect that would > work, but DirectAccess would not work at home. > > Finally, I discovered that his Comcast-installed router was handing > our IPv6 addresses on his home LAN. Turning that off enabled > DirectAccess to work again. > > We do not have an assigned IPv6 block from our ISP, though of course > MSFT OSes use it, and auto-assign themselves addresses, but for now > we're ignoring it. > > Has anyone run into this problem and solved it - not by turning off > iIPv6 address assignment for the home LAN, but really solved it? If > so, how did you do that? > > Would getting and implementing an IPv6 assignment from our ISP cure > the problem, or make it worse? > > I've found little guidance from MSFT about DirectAccess in an IPv6 > environment, though I admit I haven't been terribly diligent in my > searches. > > Kurt >
