I have configured DirectAccess on my Server 2012 Essentials box and most of it works great – I can remotely access the server via RDP and the default IIS website on port 80.
However, I can't access anything that uses other ports. For this example, the Team Foundation Server website. The only way to access it is by accessing http://localhost:8080/tfs on the server directly – even when using http://servername:8080/tfs or http://192.168.1.100:8080/tfs won't work.
I've tried adding the ports to the NAT exceptions using Set-NetNatTransitionConfiguration –IPv4AddressPortPool and while that has allowed some ports used internally (Deluge, for example) it hasn't allowed me access to the URL.
I think I've narrowed it down to the "DirectAccess Server Settings" Group Policy that is created when configuring DirectAccess. When I disable the link for this GPO, the TFS site works again, any HTTPS sites (the default IIS one, for example) stop working.
I already have rules in the firewall on the server for TFS and before enabling this Group Policy (so before configuring DirectAccess) I could access both sites. If I fully disable DirectAccess it also works again, so there's something in setting up DirectAccess that's breaking it.
Does anybody have any suggestions for things I can change to allow access to both? I've uploaded the full GPO report and my Remote Access Configuration Summary for more details.
Best Answer
The services I'm running are more for a home environment but they listen on 0.0.0.0:xxxx.
I found that DirectAccess takes the Primary IP address on your NIC for itself. IIS still works about that's about it.
In my experience, I added another IP address to my NIC and now I'm good.
So my NIC on my server now has, 192.168.0.4 and 192.168.0.5.
I can access my services which are listening on 0.0.0.0 at 192.168.0.5 and DirectAccess is setup on 192.168.0.4.