I would suggest: netsh interface ipv6 6to4 set state state=disabled
You don't want to go near 6to4 these days (http://tools.ietf.org/html/rfc7526). Use real IPv6 or no IPv6. Regards Brian (co-author of 6to4, but that was 15 years ago) On 05/03/2016 13:06, Kurt Buff wrote: > Reviving an old thread, with a new twist. > > I've currently got a similar problem with another user, but with two > differences: > - The connection in this case is ATT, not Comcast > - The machine this time is running Win8.1 and not Win7 > > What I've zeroed in on is two stanzas from ipconfig /all: > > On my test machine (Also Win8.1), sitting outside of my corporate > firewall on a public IP address, I see the following: > > Tunnel adapter 6TO4 Adapter: > > Connection-specific DNS Suffix . : > Description . . . . . . . . . . . : Microsoft 6to4 Adapter > Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0 > DHCP Enabled. . . . . . . . . . . : No > Autoconfiguration Enabled . . . . : Yes > IPv6 Address. . . . . . . . . . . : 2002:4332:7632::4332:7632(Preferred) > Default Gateway . . . . . . . . . : 2002:4332:7626::4332:7626 > DHCPv6 IAID . . . . . . . . . . . : 268435456 > DHCPv6 Client DUID. . . . . . . . : > 00-01-00-01-1E-45-38-94-00-26-2D-FA-9F-EF > DNS Servers . . . . . . . . . . . : 8.8.8.8 > NetBIOS over Tcpip. . . . . . . . : Disabled > > Tunnel adapter Teredo Tunneling Pseudo-Interface: > > Connection-specific DNS Suffix . : > Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface > Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0 > DHCP Enabled. . . . . . . . . . . : No > Autoconfiguration Enabled . . . . : Yes > IPv6 Address. . . . . . . . . . . : > 2001:0:4332:7626:2803:8c2:bccd:89cd(Preferred) > Link-local IPv6 Address . . . . . : fe80::2803:8c2:bccd:89cd%9(Preferred) > Default Gateway . . . . . . . . . : > DHCPv6 IAID . . . . . . . . . . . : 285212672 > DHCPv6 Client DUID. . . . . . . . : > 00-01-00-01-1E-45-38-94-00-26-2D-FA-9F-EF > NetBIOS over Tcpip. . . . . . . . : Disabled > > On her machine, which is on a wireless connection at her home on ATT, > I see this: > > Tunnel adapter 6TO4 Adapter: > > Connection-specific DNS Suffix . : attlocal.net > Description . . . . . . . . . . . : Microsoft 6to4 Adapter > Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0 > DHCP Enabled. . . . . . . . . . . : No > Autoconfiguration Enabled . . . . : Yes > IPv6 Address. . . . . . . . . . . : 2002:100:69::100:69(Preferred) > Default Gateway . . . . . . . . . : > DHCPv6 IAID . . . . . . . . . . . : 553648128 > DHCPv6 Client DUID. . . . . . . . : > 00-01-00-01-1D-CC-30-DE-34-E6-D7-13-7E-02 > DNS Servers . . . . . . . . . . . : 1.0.0.1 > NetBIOS over Tcpip. . . . . . . . : Disabled > > Tunnel adapter Teredo Tunneling Pseudo-Interface: > > Media State . . . . . . . . . . . : Media disconnected > Connection-specific DNS Suffix . : > Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface > Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0 > DHCP Enabled. . . . . . . . . . . : No > Autoconfiguration Enabled . . . . : Yes > > > > She's able to get an IPv4 connection at her location using our SSL > VPN, and she states that when at her local coffee shop her > DirectAccess connection works, though I haven't been able to confirm > that yet. > > I'm going to see next week if I can take a peek at her router/firewall > configuration and glean any clues from it, and also see if she's > willing to make a trip to the coffee shop to do some work with me from > there. > > I'm not certain if prefix policies have anything to do with this > problem, as I'm not seeing the relevant IPv6 addresses for > DirectAccess anywhere in her ipoconfig output. > > Any thoughts or comments would be appreciated. > > Kurt > > On Sat, Dec 19, 2015 at 1:37 PM, Kurt Buff <[email protected]> wrote: >> All, >> >> I ran into an interesting situation some months ago which still >> baffles me, and though I was able to work around it, I expect it will >> happen again. >> >> We implemented MSFT DirectAcess at our company quite some time ago >> (using 2008R2 and Forefront 2010), and it works extremely well. >> >> At least it worked well for everyone until one of the employees got >> his Comcast connection upgraded, and then DirectAccess didn't work for >> that employee any more. >> >> We proved that if he tethered to his cell phone, that would work, and >> if he used an SSL VPN client while on his Comcast connect that would >> work, but DirectAccess would not work at home. >> >> Finally, I discovered that his Comcast-installed router was handing >> our IPv6 addresses on his home LAN. Turning that off enabled >> DirectAccess to work again. >> >> We do not have an assigned IPv6 block from our ISP, though of course >> MSFT OSes use it, and auto-assign themselves addresses, but for now >> we're ignoring it. >> >> Has anyone run into this problem and solved it - not by turning off >> iIPv6 address assignment for the home LAN, but really solved it? If >> so, how did you do that? >> >> Would getting and implementing an IPv6 assignment from our ISP cure >> the problem, or make it worse? >> >> I've found little guidance from MSFT about DirectAccess in an IPv6 >> environment, though I admit I haven't been terribly diligent in my >> searches. >> >> Kurt >
