VMware, UAG, DirectAccess pt2

Had some rather nifty issues with a DirectAccess array the other week – so I thought I would return here and blog it! Smile


In short, everything was working fine apart from one very small part – “Manage Out” via IPHTTPS tunnel wasn’t functioning.


In short, clients were connecting the IPHTTPS tunnel before the Teredo was up. Whilst IPHTTPS is connected it will be preferred over Teredo (or 6to4) and disconnects after a random amount of time.

Clients could route traffic down here – so connecting to Intranet services was fine. Tunnel was up on both parts (Intranet/Infrastructure) and everything worked fine apart from “Manage Out”. Routes all fine, Windows Firewall (client-side) all fine.


Raised a call with MS eventually – and in short its VMware causing the issue.


To quote MS (slightly edited to make sense outside of the Email trail);


We have had similar cases before where VMWare template provisioning was used for the UAG hosts, and can confirm that the problem was down to the template creating duplicate adapters that would affect tunnel bindings when configuring UAG DA. And the solution was to rebuild using standard media which completely addressed the issue.


Ouch. Oh well, rebuild we must (I’ll update once they are done!)


Had some other interesting information too regarding VMware, Unicast and DA NLB. I’ll update my original post here


Hosts “not responding” after joining Virtual Centre to Active Directory

Had a bit of a scary moment today – joined the Virtual Centre server to an AD so I could install backup technologies onto it.


All went fine aside from when I opened the vShpere client – all my hosts were marked as “not responding”.


Re-connected the hosts (as it can be seen above) – and the hosts popped back in and then back out again. Hmm not good!

Checked DNS, all right as far as I can see. Checked time sync, all right again.


Rather bricked myself, so off I went uninstalling the Virtual Centre server and reinstalling (using the existing DB) and voila! all is good.


In short, if you do have to join your Virtual Centre to AD, do it before you put Virtual Centre on it or reinstall afterwards!

Cluster Firewall issue – An item with the same key has already been added.

When running a HA cluster verification you may get the following;

An error occurred while executing the test.
There was an error verifying the firewall configuration.
An item with the same key has already been added.

This is typically because the NIC GUID is duplicated between cluster nodes.

This could be because servers were deployed from an image, or cloned. Personally I had this with a VMware deployed server from a Template.

Remove and re-add a new NIC (add the new one first to be sure) and re-validate 🙂

Bug in the VMWare customisation wizard and 2008 R2?

Again, not sure if it is a “bug” persay, but when I use the vSphere (update 1) Customisation Wizard, it doesn’t seem to “complete”;




That appears every reboot – and it doesn’t manage to set things like the Computer name, or join it to Active Directory.


Works ok with 2008 stock, just not R2…. ?

Windows 7 (and 2008 R2) – Getting the vSphere client to run!

EDIT:My apologies to Simon from Techhead – I mean to cause no offence by copying and pasting his blog (nor did I mean to pass it off as my own work)

I have removed said post, and just left the link through to his site 🙂

I have removed said post, and just left the link through to his site 🙂

I belive Update 1 resolves this “properly” – however for archaic reasons here is how to run vSphere client under Windows 7 / 2008 R2


Simon @ Techhead has posted a rather spliffing guide on how to enable the vSphere client under Windows 7 (and presumably 2008 R2)’;

Sysprep Folder Locations for vSphere centre under Server 2008

Typically you would install the sysprep files to “c:\documents and settings\all users\application data…” on a 2003 vCentre server.


However, under 2008 this location is not accessible and has changed to;


“C:\Users\All Users\VMware\VMware VirtualCenter\sysprep”