A few people have mentioned on the web forums and in email discussions that they’d like an easy way to disable the IP-HTTPS interface on the DirectAccess client for testing purposes. They don’t want to disable it completely for all clients (which you can do through Group Policy), they just want to disable it for a specific client for a short period of time to figure out what the problem might be with something else.
If you open the network shell (netsh) and check the syntax that you should use to disable the IP-HTTPS interface, you’ll see something like the following:
Syntax set interface [[ url= ] ( url )] [[ state= ] ( enabled | disabled | default )] [[authmode= ] ( none | certificates )]
However, if you try it, you’ll see something like this:
What’s up with that?
Apparently, there is a problem with using netsh to disable the IP-HTTPS interface. Therefore, we’re going to have to consider an alternate approach to temporarily disable the IP-HTTPS interface.
To do this, open the Registry Editor and navigate to:
To disable the interface, set the value to 3.
Keep in mind that this setting is controlled through the UAG DirectAccess client Group Policy. When Group Policy is refreshed on the client, this setting will be overwritten and the IP-HTTPS interface will activate again.
Tom Shinder firstname.lastname@example.org Principal Knowledge Engineer, Microsoft DAIP iX/Identity Management Anywhere Access Group (AAG) The “Edge Man” blog : http://blogs.technet.com/tomshinder/default.aspx Follow me on Twitter: http://twitter.com/tshinder Facebook: http://www.facebook.com/tshinder
Visit the TechNet forums to discuss all your UAG DirectAccess issues http://social.technet.microsoft.com/Forums/en-US/forefrontedgeiag/threads
Stay up-to-date with “just in time” UAG DirectAccess information on the TechNet wiki http://social.technet.microsoft.com/wiki/tags/DirectAccess/default.aspx
Wouldn't it be easier to just disable the IP-HTTPS network interface using device-manager or is that not enough?
Hmmm - never thought of that. I'll give it a try and see how it works.
Maybe it'll show up on a quiz soon :)