How to force an IP-HTTPS connection on a DirectAccess client…

Pop quiz hotshot, you’ve got a DirectAccess client on a NAT’ed home network and you want to force it to use IP-HTTPS. What do you do? What do you do?

Err… Well hack the registry and enable Force Tunneling. Granted this should work, but what if I told you there was a better way. Instead, you could use a quick and easy solution that didn’t carry the implications of forcing all your network traffic through a DirectAccess connection. Yup, I’m not selling snake oil. Instead, you should try using netsh to disable Teredo. For example, if you execute the following command:

netsh interface teredo set state disable

You will in fact disable Teredo. Provided that your IP-HTTPS solution is working, the DirectAccess client will then switch over to IP-HTTPS. You can verify this using the following command:

netsh interface httpstunnel show interfaces

Provided that everything is working, you should see something like the following:

------------------------------------------------------------
Role                       : client
URL                        : https://da.companyabc.com:443/IPHTTPS
Last Error Code            : 0x0
Interface Status           : IPHTTPS interface active

Now, to re-enable Teredo you would use the following command:

netsh interface teredo set state default

Once executed, your Teredo interface will again be active and things will be as they were before.

If you like this, check out some other posts from Tyson:

• When a computer science degree matters, and when it doesn't
• Since when did cloud computing become/need a manifesto?
• Why would one phish using a Certificate Authority (CA) as bait?
• Would I trust you, if everyone else trusted you?
• Here is a good question: Is scripting programming or just systems administration?
• PowerShell boy and the case of the missing cmdlets!
• Fun with PowerShell 2.0 Eventing!
• Creating a custom 404 page to handle link redirection for ASP.NET web applications

Or if you want, you can also check out some of Tyson's latest publications:

• Windows PowerShell Unleashed (2^ndEdition)
• Windows Server 2008 Unleashed (Yes, I did help on this book)

Lastly, visit the Microsoft Subnet for more news, blogs, and opinions from around the Internet. Or, sign up for the bi-weekly Microsoft newsletter. (Click on News/Microsoft News Alert)