#DirectAccess is a feature in the Windows 7 , Windows Server 2008 R2 and Windows Server 2012 operating systems that gives users the experience of being seamlessly connected to their corporate network any time they have Internet access.
Direct Access feature in Windows Server 2008 R2 had following goals for organizations;
- Direct Access enhances the productivity of mobile workers by connecting their computers automatically and seamlessly to their intranet any time Internet access is available
- With Direct Access, IT staff can manage mobile computers by updating Group Policy settings and distributing software updates any time the mobile computer has Internet connectivity
- Direct Access separates intranet from Internet traffic.
- When an application on a Direct Access client attempts to resolve a name, it first compares the name with the rules in the NRPT (Name Resolution Policy Table )
If there are no matches, the Direct Access client uses Internet DNS servers to resolve the name
The new thing here is that in windows 2012 you can use a single nic.
In this sample I use a single nic just the easy steps to install the features
If you look for the feature direct access you can’t find it , it is in the remote access option.
The installation is very easy even in windows 2012 you can find the option and install the feature
Now that the installation is ready we can begin with the configuration, just right click on the server and choose the RA management.
The screen pops up with two choices :
I use the getting started wizard and the deploy directAccess only, My VPN is already covered by my TMG server.
Now the installation wizard ask you how you want to configure this edge,two or single nic.
I us a single nic. and I put in the url that is needed for external access.
The first part is now ready in a brief overview we can customize things that we need.
the GPO settings if you want different names or computer groups , you can change it .
again this is my test lab so I can use names that I want to use , in real pick a name that is right for this solution.
a nice overview of the configuration is showing and all the options are on the left.
this is all default.
Now we start with the client setup I choose the top
The second one limit DirectAccess usage to Remote management capabilities and does not offer users access to internal resources.
Now that this is ready I want reporting but therefore I need accounting , I set this up and ready to go.
I can see in the monitoring I have some errors.
Now that the setup is complete You can connect with your new Windows 8 Client or 7 to connect to this server.
In my next part id do some more configuration.