Direct Access applications RRS feed

  • Question

  • We have DA for access when customers are working from home, away from the office. Some of our applications do not work over DA but fine inside the WAN. These are specifically ones that call servers and perhaps are not ipV6 aware.

    Initial test with an terminal emulator software shows I could use a Telnet command to reach a server and login, however, within the application I couldn't not over DA.

    What is a good place to start troubleshooting?

    Thursday, November 13, 2014 2:07 PM

All replies

  • Take Netmon trace.

    Ideally in Netmon you will not be able to see any traffic which is flowing inside DA tunnel, as it will be IPSec.

    If an application uses IPv4 or if that traffic is not going through DA, you should be able to see in NetMon.

    Also can you confirm with your S/W vendor, if its capable of understanding IPv6.

    Try to exclude hard coded IPv4 address and include DNS names if possible - i mean in application configurations.

    Here is an interesting article on how to use NETSH’s Port Proxy feature to make IPv4 only applications to work through DA tunnel.


    • Edited by Vasu Deva Thursday, November 13, 2014 3:24 PM
    Thursday, November 13, 2014 3:24 PM
  • Happy to see that my onld blog post usefull. Yes it works but only for TCP, not UDP. At last, you need some automation to enable / disable the port proxy when application is launched and detect if it's required to enable the PORTPROXY trick. Can you share list of applications you have problem with?

    BenoitS - Simple by Design http://danstoncloud.com/blogs/simplebydesign/default.aspx

    Friday, November 14, 2014 6:51 PM
  • Thanks for the help.

    Problems with:-

    Remedy v7.0 \ v7.6SP6

    ARERR [90] Cannot establish a network connection to the AR System server : remprod : RPC: Miscellaneous tli error - System error (Socket error - 10060)

                    user: 062310,  server: remprod

    Any Terminal Emulator softwareb (but can complete a Telnet command and login to server ok as raw test)

    CPA Siteman \ Causeway


    Monday, November 17, 2014 10:49 AM
  • Hi,

    I'm not a remedy expert, but it seems that editor have some solutions about that : https://docs.bmc.com/docs/display/public/ars201401/Support+for+IPv6;jsessionid=866C3E916A72AE386EE7E1A8A0DA2888

    From a web client point of view, it could work :


    BenoitS - Simple by Design http://danstoncloud.com/blogs/simplebydesign/default.aspx

    Monday, November 17, 2014 5:25 PM