I have implemented Microsoft Direct Access for a customer running Windows 7 Enterprise and Windows 8 Enterprise workstations. Direct Access was tested in a working order however the customer has a number of laptops which are unable to connect to the Direct Access service.
The following commands were run to gather diagnostic information about the issue:
netsh interface httpstunnel show interfaces
Role: client
URL: https://vpn.example.com:443/IPHTTPS
Last Error Code: 0x2af9
Interface Status: failed to connect to the IPHTTPS server. Waiting to reconnect
Get-DAConnectionStatus
Status: Error
Substatus: CouldNotContactDirectAccessServer
![]()
This error was caused by a proxy server set on the workstations in question in Internet Explorer. When a proxy is set, Direct Access will attempt to create the IPHTTPS connection through the proxy server. If you want to leave proxy servers intact in Internet Explorer properties, what you can do is add vpn.example.com (the connection URL) as a proxy exception in Internet Options.
The following commands were run to gather diagnostic information about the issue:
netsh interface httpstunnel show interfaces
Role: client
URL: https://vpn.example.com:443/IPHTTPS
Last Error Code: 0x2af9
Interface Status: failed to connect to the IPHTTPS server. Waiting to reconnect
Get-DAConnectionStatus
Status: Error
Substatus: CouldNotContactDirectAccessServer
This error was caused by a proxy server set on the workstations in question in Internet Explorer. When a proxy is set, Direct Access will attempt to create the IPHTTPS connection through the proxy server. If you want to leave proxy servers intact in Internet Explorer properties, what you can do is add vpn.example.com (the connection URL) as a proxy exception in Internet Options.