Thanks!
I'll go back to my notes tomorrow in the ticketing system, and see if I can give more detail. Failing that, I'm going to see if I can recruit someone to help recreate the problem - I don't have Comcast myself. Kurt On Sat, Dec 19, 2015 at 6:49 PM, Brzozowski, John Jason <[email protected]> wrote: > I run the IPv6 program for Comcast. Let me know how I can help. > > Adding my work email so I don't miss these emails. > > John > > On Saturday, December 19, 2015, Kurt Buff <[email protected]> wrote: > >> All, >> >> I ran into an interesting situation some months ago which still >> baffles me, and though I was able to work around it, I expect it will >> happen again. >> >> We implemented MSFT DirectAcess at our company quite some time ago >> (using 2008R2 and Forefront 2010), and it works extremely well. >> >> At least it worked well for everyone until one of the employees got >> his Comcast connection upgraded, and then DirectAccess didn't work for >> that employee any more. >> >> We proved that if he tethered to his cell phone, that would work, and >> if he used an SSL VPN client while on his Comcast connect that would >> work, but DirectAccess would not work at home. >> >> Finally, I discovered that his Comcast-installed router was handing >> our IPv6 addresses on his home LAN. Turning that off enabled >> DirectAccess to work again. >> >> We do not have an assigned IPv6 block from our ISP, though of course >> MSFT OSes use it, and auto-assign themselves addresses, but for now >> we're ignoring it. >> >> Has anyone run into this problem and solved it - not by turning off >> iIPv6 address assignment for the home LAN, but really solved it? If >> so, how did you do that? >> >> Would getting and implementing an IPv6 assignment from our ISP cure >> the problem, or make it worse? >> >> I've found little guidance from MSFT about DirectAccess in an IPv6 >> environment, though I admit I haven't been terribly diligent in my >> searches. >> >> Kurt >> >
