From: Atlanta, GA
After much playing around, I have a functional UAG Server which is running solely for Direct Access purposes. I have a handful of clients testing this, and so far the response has been overwhelmingly positive.With one exception.....
We have users who would like to be able to use certain applications that have to connect back to an IBM LUM server to obtain licenses. My goal is to have this work through direct access.
According to IBM, the LUM server uses UDP port 1515 for connectivity. And I have configured an "AuthPort" of UDP 1516 to answer. Connected to the local LAN, this works flawlessly. The application starts, sees the license server, obtains a license and allows the application to run. Just as expected.
But when using direct access connections, it immediately fails. I am thinking it might be the client firewall settings that is prohibiting the connections, but I cant get any information from the pfirewall.log file that shows it was allowed or dropped.
BTW, when the client are connected to the "Domain network", the firewall is disabled. This is what leads me to believe it might be the client firewall.
Using the UAG WebMonitor, I can see the DirectAccess clients connected.
I am able to ping the license server from the DA Client.
I am able to open \\licenseserver\share from the DA Client with no issues as well.
I am able to ping the DA Client from a managed machine inside my network.
I am able to see \\DAClient\Share from inside the network as well.
I have not been able to verify that it isnt TMG hindering something. Is there a way to just see what traffic is coming through DA connections in the log? I tried loading the DaLogFilter.xml definition into the log viewer, but that just seems to show me when clients start and end connections.
Is there a specific place I can look to see what is topping these packets from reaching their final destination?