This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(288, 90%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJS%3C/text%3E%3C/svg%3E)
After installing the following updates on Windows 11 22H2 DirectAccess state remaining Connecting after disconnect/connect a network:
These updates are tested stand-alone and after each other and/or different sequence, all resulting in a DirectAccess state remaining Connecting.
Anybody any idea what is causing this? A reboot of the laptop resolves the issue momentarerly but if the network disconnects/connects (drop on Wifi e.g.) the DirectAccess never connects again and another reboot is necessary. The issue is also on Windows 10, caused by at least these updates; KB5020953 and KB5019959.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(291.2, 82%, 38%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EIB%3C/text%3E%3C/svg%3E)
Experiencing similar issues on windows 10 after installation of KB5018482 across the estate, thinking that installing KB5019964 on the Direct Access server would fix this issue.
Would anyone be able to confirm?
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(80, 41%, 17%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ER%3C/text%3E%3C/svg%3E)
Just to confirm, we are also experiencing the same issue with Direct Access on about 2000 x Windows 10 21H2 devices which initially had the KB5018482 October 25th Preview Update installed (which we had to subsequently uninstall) and now can see the same issue with the KB5019959 November 8th update.
Devices will not connect following a shutdown but will connect after a restart.
If connectivity is lost at all, a restart is required to regain a connection.
Another symptom is the multisite settings are not available.
Although we don't have many Windows 11 clients, we also see the same issue with KB5019980 as @Jan Schulenburg mentions above.
Tested with the latest updates, incl. KB5019964, on the DirectAccess servers, no improvement. Services on the DirectAccess server are all fine and some clients are connected so it doesn't seem a server side issue.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(272, 23%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EC%3C/text%3E%3C/svg%3E)
We also have this exact problem. We first noticed it in Windows 11 22H2 last week, but today with the KB5019959 patch for Windows 10 21H2, 22H2 and KB5019961 for Windows 11 21H2 cannot connect at all with DirectAccess. It works in Windows 11 22H2 but only if you do not disconnect or shutdown the computer. Only a restart solves the problem temporarily.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(284.8, 69%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGF%3C/text%3E%3C/svg%3E)
We have the same exact issue. Our Windows 10 clients do connect on first boot, loosing the WiFi signal or waking up from sleep mode results in a connecting state of the Direct Access connection. Rebooting resolves it temporary until the client looses its network connection again. We are running a test pool with Windows 11 laptops and those won't connect at all when fully patched. Removing the updates from last month resolves the issue.
Please let me know what to do...
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(48, 0%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EB%3C/text%3E%3C/svg%3E)
We have the same issue, DirectAccess on our pilot computer group (Windows 10 21H2) says "Connecting" and once a different entry point is selected, the whole multi-site configuration is gone. A reboot doesn't change anything. DirectAccess servers have not installed any November patch yet (-> still on "B" release October patch level).
Removing KB5019959 did the trick for now, DirectAccess and multi-site configuration are working fine again.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(9.6, 88%, 10%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESM%3C/text%3E%3C/svg%3E)
try removing KB5019959
it worked for my users
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(236.8, 27%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EBH%3C/text%3E%3C/svg%3E)
I'm seeing the same behaviour with Windows 10 21H2 and Windows 11 22H2.
Once DA is dropped, no outbound connection attempt is made to either site listed in multi-site config.
Get-DAConnectionStatus shows that the DA server could not be reached - a network capture reveals no connection attempt.
Removing updates from clients and all is well again.
Microsoft has released a KIR to mitigate the issue:
https://learn.microsoft.com/en-us/windows/release-health/status-windows-10-22H2#2955msgdesc
Just tested with a fully patched Windows 10 and Windows 11 device:
Restarted devices several times, works like a charm.
Know-Issue-Rollback is working fine (be aware to set the correct values as I didn't..).
I've tested it with all Windows versions and it works.
Have you set all the GPO's to "Disabled"?
Seems to be working for us, too
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(233.6, 95%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGB%3C/text%3E%3C/svg%3E)
We are having the same symptoms across our enterprise, though not every system. It is still in the hundreds, but not all; As it mostly goes unreported by a remote community used to "rebooting" when they have network issues, we don't have an exact ratio or device count. But it is very widespread based on the sampling we have done thus far.
I can confirm that after applying KB5019959 and rebooting, Direct Access does connect initially. Then at some point after logging in, perhaps there is a network latency, the DA connections drops and goes into an infinite "connecting" status. We can connect at that point to Anyconnect VPN with no issue. Drop VPN connection and DA remains in "Connecting" status.
After a reboot DA reconnects and we are fine until it "hiccups" again. Then it requires a reboot to get DA to reconnect. It seems that any network blip disconnects and leaves the DA connection unable to reconnect.
So far, the only thing we can do to resolve the issue is to uninstall KB5019959 and disable redeployment of that November update until MS comes out with a patch. Sad, though, since that KB resolved so many vulnerabilities and I believe it worked out 6 Zero Day's!!!
Anyone come up with a better solution?
Developing and testing this process this morning. Will update outcome once we have results.
This KIR resolved the issue for us. https://learn.microsoft.com/en-us/windows/release-health/status-windows-10-22h2#2955msgdesc
Built an Intune CP and deployed. November update is still in place, but the feature that was causing the DA issue was rolled back.