Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Direct Access error 0x2746 IPHTTPS

Posted on 2015-01-26
5
Medium Priority
?
782 Views
1 Endorsement
Last Modified: 2015-08-24
I have just setup a new single WIn2012 R2 as a Direct Access server, only using IPHTTPS.

So far, the config looks ok, but clients cannot connect to the DA server.

Looking at the clients httpstunnel interface, I got an 0x2746 error (connection closed). Any clues about what that means? DA Client Troubleshooting Tools crashes when I run it on a Win7 client.

The client have the right GPO, URL to DA server and can resolve the correct IP of the DA server.
1
Comment
Question by:xcomiii
  • 3
5 Comments
 
LVL 17

Expert Comment

by:Ivan
ID: 40570284
Hi,

are all your clients Enterprise Windows 7 ?
0
 
LVL 9

Accepted Solution

by:
xcomiii earned 0 total points
ID: 40570567
Yes, all WIn7 Enterprise.

Output from the DA server on the HTTPSTUNNEL interface:
Interface IPHTTPSInterface Parameters
------------------------------------------------------------
Role                       : server
URL                        : https://da.domain.com:443/IPHTTPS
Client authentication mode : none
Last Error Code            : 0x0
Interface Status           : IPHTTPS interface active

Output from the client's HTTPSTUNNEL interface:
------------------------------------------------------------
Role                       : client
URL                        : https://da.brreg.no:443/IPHTTPS
Last error code            : 0x2746
Interface Status s           : Could not connect to IP-HTTPS server, reconnecting

The external IP of da.comain.com is NAT'et to a BIG-IP VIP, which only have 1 DA server in the pool at the moment.
I suspect that BIG-IP is dropping traffic, and I have no option to bypass the BIG-IP due to routing issues.

Anyone who can give me a hint where to start? The BIG-IP is setup by another technician who is not very fluent in special setup like Direct Access, only standard web servers.
0
 
LVL 9

Author Closing Comment

by:xcomiii
ID: 40934468
Found out, it was error in the BIG-IP config.
0
 

Expert Comment

by:B Holmes
ID: 40944334
Hi xcomiii,

We're facing the same issue (error 0x2746) and also have a DirectAccess cluster load-balanced by F5 BIG-IP.  Could you detail what you changed in BIG-IP's config?  Many thanks,
Brendan
0
 
LVL 9

Author Comment

by:xcomiii
ID: 40944444
As I understood, the magic was NOT to terminate SSL sessions at BIG-IP, but instead use a perfomance forwarding rule. In other words, just to forward all the traffic to the DA servers without any change/inspection/SSL termination.
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Background Information Recently I have fixed file server permission issues for one of my client. The client has 1800 users and one Windows Server 2008 R2 domain joined file server with 12 TB of data, 250+ shared folders and the folder structure i…
Sometimes drives fill up and we don't know why.  If you don't understand the best way to use the tools available, you may end up being stumped as to why your drive says it's not full when you have no space left!  Here's how you can find out...
In this Micro Tutorial viewers will learn how to use Windows Server Backup to create full image of their system. Tutorial shows how to install Windows Server Backup Feature on Windows 2012R2 and how to configure scheduled Bare Metal Recovery backup.…
In this Micro Tutorial viewers will learn how to use Boot Corrector from Paragon Rescue Kit Free to identify and fix the boot problems of Windows 7/8/2012R2 etc. As an example is used Windows 2012R2 which lost its active partition flag (often happen…

886 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question