Share via

Intermittent Direct Access connection failures

Franz Schenk 336 Reputation points
2022-03-02T16:06:55.49+00:00

Have a 2012 R2 Direct Access Infrastructure that is working fine for years. Since several months, Windows 10 20H2 and Windows 10 21H2 clients have often connection problems. DA stucks on "connecting". What we have discovered so far:

  • DA Server Status is all green, and there are always about 50 connected, active DA clients. All over the https Interface.
  • On an affected client, "netsh interface http show interface" shows error 0x643. Google says that the cause can be disabled IPv6 components. This is not our case, the registry key HKLM\SYSTEM\CurrentControlSet\services\TCPIP6\Parameters\DisabledComponents does not exist on any examined client.
  • A reboot of the client does sometimes solve the problem, but often not.
  • There aren't any ip-https interfaces in the device manager, also with the enabled "show hidden device" option.
  • Microsoft describes exactly our problem: https://learn.microsoft.com/en-us/troubleshoot/windows-client/networking/error-directaccess-clients-connect-over-ip-https. But as nearly always, the information is outdated since a long time. There is a link to a 2012 R2 Hotfix Rollup Package from 2014.
  • What helps is to restart the IP-Helper Service, which also restarts the network location service. After that, the DA connection is established successfully after a few seconds. And "netsh interface http show interface" says that the interface is up, with 0x0.

Restarting the IP-Helper service on the client systems is not a solution for us. The problem appears several times a day on different clients, and the employees do not have local admin rights.

Any advice? Thank you in advance for any help.
Franz

Windows Network
Windows Network
Windows: A family of Microsoft operating systems that run across personal computers, tablets, laptops, phones, internet of things devices, self-contained mixed reality headsets, large collaboration screens, and other devices.Network: A group of devices that communicate either wirelessly or via a physical connection.
712 questions
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Gary Nebbett 5,856 Reputation points
    2022-03-02T19:06:17.01+00:00

    Hello Franz,

    I don't have a "clear" answer to your question; all that I can offer is a willingness to help the work towards an answer.

    My current big obstacle in this direction is the seeming contradiction between "A reboot of the client does sometimes solve the problem, but often not." and "What helps is to restart the IP-Helper Service".

    Surely a reboot also (re-)starts the IP-Helper Service. Is there really a difference between these two ways of "restarting" the service?

    The reason that I ask is that "tracing" (with Event Tracing for Windows (ETW)) is how I often solve problems. From my limited understanding, it would be helpful to believe that any restart of the IP Helper Service was potentially/equally useful (tracing a service restart is easier).

    A quick binary inspection of iphlpsvc.dll suggests that error 0x643 is only generated by the routine iphlpsvc!IpTlsAddInterface - it would be reassuring to believe that tracing the behaviour of this routine (regardless of whether via reboot or service restart) was equally insightful.

    BTW, you probably meant to title this thread "Intermittent" (zeitweilige) Direct Access connection failures rather than "intermediate" (zwischenliegende) failures; it did not stop me from reading the message (mention of "Direct Access" was enough), but it might confuse some readers.

    Gary

    1 person found this answer helpful.