DA Client - Disable IPHTTPS interface (Full Version)

All Forums >> [Forefront Unified Access Gateway 2010] >> DirectAccess



Message


PatrickM -> DA Client - Disable IPHTTPS interface (21.Dec.2010 8:13:44 AM)

How do you disable IPHTTPS interface on the DA client?
I managed to disable teredo and 6to4 using netsh.

I have used netsh "set interface" command but I fail
...................
Sets the properties of an IPHTTPS client or server interface.

Syntax

set interface [[ url= ] ( url )] [[ state= ] ( enabled | disabled | default )] [[authmode= ] ( none | certificates )]
...................
set interface httpstunnel set interface https://server.foo.local/IPHTTPS state=disabled

set interface httpstunnel set interface https://server.foo.local/IPHTTPS diabled

set interface httpstunnel set interface https://server.foo.local/IPHTTPS none

I am pretty sure I am doing this wrong....

Thanks




Jason Jones -> RE: DA Client - Disable IPHTTPS interface (21.Dec.2010 9:54:52 AM)

Not sure you can disable it manually using netsh, but you can disable it via Group Policy if this helps...




tshinder -> RE: DA Client - Disable IPHTTPS interface (4.Jan.2011 12:28:06 PM)

You should be able to set it from netsh - but I've tried it in my lab and keep getting a syntax error.

Jason is right that you can disable it from GPO - but there should be a way to disable it from netsh.

Let me see if I can find the answer.

Thanks!
Tom




PatrickM -> RE: DA Client - Disable IPHTTPS interface (27.Jan.2011 3:04:55 AM)

Went with the GPO solution for now, but, little slow when you need to toggle on/off interfaces in the POC/lab a few times.

@tshinder, got any news on netsh?

Thanks!




tshinder -> RE: DA Client - Disable IPHTTPS interface (27.Jan.2011 11:53:01 AM)

Hi Patrick,

Indeed - this is an "undocumented feature" regarding netsh :)

HKLM\SOFTWARE\Policies\Microsoft\Windows\TCPIP\v6Transition\IPHTTPS\IPHTTPSInterface\IPHTTPS_ClientState. If this is set to a value of 3, IP-HTTPS is disabled

This is useful for testing.

HTH,
Tom




Jason Jones -> RE: DA Client - Disable IPHTTPS interface (27.Jan.2011 6:31:50 PM)

quote:

ORIGINAL: tshinder

Hi Patrick,

Indeed - this is an "undocumented feature" regarding netsh :)

HKLM\SOFTWARE\Policies\Microsoft\Windows\TCPIP\v6Transition\IPHTTPS\IPHTTPSInterface\IPHTTPS_ClientState. If this is set to a value of 3, IP-HTTPS is disabled

This is useful for testing.

HTH,
Tom


Which is essentially what the GPO applies, yes???




PatrickM -> RE: DA Client - Disable IPHTTPS interface (31.Jan.2011 3:26:26 AM)

Yes, as it looks.
:)
Thanks!




tshinder -> RE: DA Client - Disable IPHTTPS interface (1.Feb.2011 7:00:08 AM)

quote:

ORIGINAL: Jason Jones

quote:

ORIGINAL: tshinder

Hi Patrick,

Indeed - this is an "undocumented feature" regarding netsh :)

HKLM\SOFTWARE\Policies\Microsoft\Windows\TCPIP\v6Transition\IPHTTPS\IPHTTPSInterface\IPHTTPS_ClientState. If this is set to a value of 3, IP-HTTPS is disabled

This is useful for testing.

HTH,
Tom


Which is essentially what the GPO applies, yes???


Yes - the Reg entry is useful if you just want to do a quick test on the client - when GP is refreshed, it will revert to the enabled state.


Thanks!
Tom




PatrickM -> RE: DA Client - Disable IPHTTPS interface (7.Mar.2011 8:00:48 AM)

In Reply to http://tinyurl.com/69akje6 (EdgeManBlog)

I'd just testad disabeling IPHTTPS inferface through DeviceManager and it woks well.. (Posted by Christoph Falta)

Remember to check "Show Hidden Devices" (the View menu) and it (iphhtpsinterface) appears under "Network adapters", just rightclick and disable.
When Youre done, rightclick and enable.

-PatrickM




Page: [1]