Direct Access - VirginMedia

Associate
Joined
18 Oct 2002
Posts
2,365
Location
Manchester
I've setup direct access with forced tunneling at work. Everything is working well, but the very latest Hub 3's from virgin media block it completely. Put it in modem mode and it works fine. So I've suggested that our users either move ISP (obviously not always possible - contracts etc.) or should be buying a new wi-fi router and using modem mode on the freely supplied Virgin Hub 3.

There's some contention as to whether the business should provide the new routers or the staff.

Firstly, does anyone have the same issue? If so what have you done? Secondly, do you think its fair that users should be buying equipment so they can do work from home, or would you take the hit to obtain the ability to work from home?
 
Soldato
Joined
8 Nov 2003
Posts
5,521
Location
Bedfordshire
I would expect to pay for my own equipment to work from home, in the same way I am expected to pay for my mode of transport to get to work. Also if you start supplying equipment every time there is an issue with the internet or the network, extending to other peripherals your IT department will be the first point of contact to fix home issues because you paid for equipment in their house.
 
Soldato
Joined
18 Oct 2002
Posts
8,116
Location
The Land of Roundabouts
If your users are expected to work from home often then the business should be providing the equipment/connection to allow them to do there job properly. Just dont allow them to use it for personal use.

back to your DA issue, if they just browse to your da server address does it display anything? the ssl cert should be presented at the least.
 
Associate
Joined
5 Jul 2017
Posts
1
What IPv6 transition technology are you using (IP-HTTPS, Teredo, 6to4) for DirectAccess? IP-HTTPS should be the most reliable for home internet connections, but there may be an issue with the force-tunnelling if Virgin are doing something strange with web proxy.
 
Associate
OP
Joined
18 Oct 2002
Posts
2,365
Location
Manchester
I would expect to pay for my own equipment to work from home, in the same way I am expected to pay for my mode of transport to get to work. Also if you start supplying equipment every time there is an issue with the internet or the network, extending to other peripherals your IT department will be the first point of contact to fix home issues because you paid for equipment in their house.

Exactly my thoughts.

If your users are expected to work from home often then the business should be providing the equipment/connection to allow them to do there job properly. Just dont allow them to use it for personal use.

back to your DA issue, if they just browse to your da server address does it display anything? the ssl cert should be presented at the least.

I dont think we'll be installing new internet connections for our users, we certainly dont have the funds for that :(

I'll have another look tonight when i get back to see what I can get to.

What IPv6 transition technology are you using (IP-HTTPS, Teredo, 6to4) for DirectAccess? IP-HTTPS should be the most reliable for home internet connections, but there may be an issue with the force-tunnelling if Virgin are doing something strange with web proxy.

It's IP-HTTPS, I've tried it with force tunneling on and off, same result. Works fine with every other router we have tried :(
 
Soldato
Joined
27 Feb 2003
Posts
7,171
Location
Shropshire
If the business starts supplying a router, is it then your problem to get the X-Box or PS4 working through it? Or when some nasty tablet keeps dropping off the WiFi?
 
Caporegime
Joined
18 Oct 2002
Posts
26,052
Are they working from home because they are exercising an option/benefit to do so, or are the positions remote positions and the company is saving money by not having to create office space for them?

If the alternative is "well come into the office then", I'd be purchasing a router sharpish.
 
Associate
Joined
14 Jul 2021
Posts
1
Location
Edinburgh
Hi, I know this is a very old post and therefor a long shot.

But did you ever manage to get to the bottom of this issue with VM and DirectAccess. We are having the same problem.

Works in modem mode (usually) and it is only an issue with VM, no other ISP.
 
Soldato
Joined
4 Nov 2006
Posts
2,752
Location
Yorkshire
Not sure if this will help but might be useful for DA/AOVPN admins on here, but just before the first lockdown landed in March 2020, I had deployed Always On VPN (the new version of Direct Access) and then suddenly wham 2,000 staff jumped on it from home, we found specific issues with various ISPs so tried to put these in to the documentation as part of the User Guide

• Virgin Media – Disable Child Safe settings from your VM account – be cautious, this will disable the ISP level parental controls – use local parental controls if required
• Sky Broadband – Add ***VPN_ADDRESS*** to the address whitelist in Sky Broadband Shield
• BT - BT customers are recommended to disable a feature called Smart Setup which is widelyknown to cause issues with VPNs – Guidance to switch this off can be found here
• PlusNet – PlusNet users are recommended to ask PlusNet to use a Static IP address and in addition switch the PlusNet firewall from low to off in Plusnet Member’s Centre – the local
firewall on the router will remain in-tact - Static IPs for NHS staff are free!
• TalkTalk – Disable QOS in router settings (seek help from experienced IT personnel for this change)
 
Soldato
Joined
14 Jun 2004
Posts
5,357
we've had issues with virgin / sky / talktalk were they enabled IPv6 on the routers internal network.
disableing the IPv6 on the internal home network resolved a lot of our issues.
the tunneling sill works as its enabled on the adaptor, try disabling IPv6 on the LAN / Wifi cards see if that ehloes.
 
Soldato
Joined
18 Oct 2002
Posts
8,116
Location
The Land of Roundabouts
Bit of thread necro here kinda, but yeah we've also seen an increase of issues of late with DA and ISP's that are rolling out ipv6, i got fed up and rolled out always on which has its on nuisances (always on yet its not always always on!) but at least its a but more mainstream vs DA, wish MS put more effort into DA as it is/was a good product when it worked!
the most bizarre was how it crashed an end users router after ~10 sec of being connected. (sky's for the record), no amount of fiddling with the routers settings resolved that one.
 
Back
Top Bottom