TechNet
Products
IT Resources
Downloads
Training
Support
Products
Windows
Windows Server
System Center
Internet Explorer
Office
Office 365
Exchange Server
SQL Server
SharePoint Products
Lync
See all products »
Resources
Curah! curation service
Evaluation Center
Learning Resources
Microsoft Tech Companion App
Microsoft Technical Communities
Microsoft Virtual Academy
Script Center
Server and Tools Blogs
TechNet Blogs
TechNet Flash Newsletter
TechNet Gallery
TechNet Library
TechNet Magazine
TechNet Subscriptions
TechNet Video
TechNet Wiki
Windows Sysinternals
Virtual Labs
Solutions
Networking
Cloud and Datacenter
Security
Virtualization
Updates
Service Packs
Security Bulletins
Microsoft Update
Trials
Windows Server 2012 R2
System Center 2012 R2
Microsoft SQL Server 2012 SP1
Windows 8.1 Enterprise
See all trials »
Related Sites
Microsoft Download Center
TechNet Evaluation Center
Drivers
Windows Sysinternals
TechNet Gallery
Training
Training Catalog
Class Locator
Microsoft Virtual Academy
Free Windows Server 2012 courses
Free Windows 8 courses
SQL Server training
e-Learning overview
Certifications
Certification overview
MCSA: Windows 8
Windows Server Certification (MCSE)
Private Cloud Certification (MCSE)
SQL Server Certification (MCSE)
Other resources
TechNet Events
Second shot for certification
Born To Learn blog
Find technical communities in your area
Support options
For small and midsize businesses
For enterprises
For developers
For IT professionals
From partners
For technical support
Support offerings
For home users
More support
Microsoft Premier Online
Microsoft Fix It Center
TechNet Forums
MSDN Forums
Security Bulletins & Advisories
International support solutions
Log a support ticket
Not an IT pro?
Microsoft Customer Support
Microsoft Community Forums
Sign in
The Cloud Security Man
Cloud Security is Job One for the Cloud Security Man
Tags
6to4
6to4 Interface
Active Directory
Array
Ben Ari
Carsten Kinder
certificate revocation list
Certificates
certification authority
Cloud
Commercial Certificate
configuration
Contest
CRL
DA
DCA
Deployment
Diogenes
DirectAccess
DirectAccess Monitor
DNS
DNS64
domain detection
edge man
end-to-end security
error
Extension
firewall
Force Tunneling
Fun
Good Press
Group Policy
Group Policy Objects
Identity
Identity Management
Infrastructure
IP Protocol 41
IP-HTTPS
IPsec
IPv6
IPv6 transition technologies
IPv6 Transition Technology
ISATAP
ISATAP router
Jason Jones
Manage Out
mobile broadband
Multi-Geo
Multi-site
Name Resolution Policy Table
NAP
NAT
NAT64
NetBIOS name
Network Access Protection
Network Location Server
NLA
NLB
NRPT
Private Cloud
Proof of Concept
Remote Desktop Gateway
remote management
SAP GUI
Secure Socket Tunneling Protocol
Security
service pack 1
Shannon Fritz. Tom Shinder
Small Business
SMB
Split Tunneling
SSTP
Talk TechNet
Tarun Sachdeva
Technet
TechNet Talk Radio
Teredo
Test Lab
test lab guides
The Edge Man
TLG
TLGs
TMG
Tom Shinder
tomsh
topology
Troubleshooting
UAG
UAG Management Console
UAG Service Pack 1
UAG SP1 RC
Unfied Access Gateway
Unified Access Gateway
Virtualization
Wiki stuff
WiMax
Windows Direct Access
Windows Firewall Profile
Windows Update
Yuri Diogenes
Browse by Tags
TechNet Blogs
»
The Cloud Security Man
»
All Tags
»
directaccess
Related Posts
Blog Post:
Why You Need an External ISATAP Router for a Multi-Site UAG DirectAccess Deployment
Thomas W Shinder - MSFT
Someone asked a good question the other day regarding our design for a multi-site UAG DirectAccess deployments. If you haven’t seen the high level descriptions on what is required for a multi-site UAG DirectAccess design, then first check out the following blog posts: http://blogs.technet...
on
9 Feb 2011
Blog Post:
Solving the Mystery of the Dead Teredo Interface
Thomas W Shinder - MSFT
You’ve deployed DirectAccess on your network as a pilot project for your IT group over the holidays and everything is working great. When the users are behind a wide open NAT device, they use Teredo to connect to the UAG DirectAccess server. When they’re behind a port-restricted firewall or web proxy...
on
21 Dec 2010
Blog Post:
UAG DirectAccess–Guess the Device in the Request/Response Path
Thomas W Shinder - MSFT
Take a look at the figures below and see if you can guess what device is in the request/response path that you don’t typically see a UAG DirectAccess deployment. First, the ipconfig output on a DirectAccess client located behind a NAT device: Figure 1 Now let’s ping DC1: Figure 2 Now let’s do a tracert...
on
11 Jan 2011
Blog Post:
When Good Network Location Servers Go Bad – Preparing Against NLS Failure
Thomas W Shinder - MSFT
In a recent article on The Edge Man blog, I talked about the Network Location Server (NLS) and how it’s used to help the DirectAccess (DA) client determine if it’s on or off the corporate network. If you missed that article, or need a refresher, check it out at http://blogs.technet.com/tomshinder/archive...
on
6 Apr 2010
Blog Post:
Excellent UAG DirectAccess Configuration Guide by Shannon Fritz
Thomas W Shinder - MSFT
Shannon Fritz , who’s well known on the UAG DirectAccess forums at http://social.technet.microsoft.com/Forums/en-US/forefrontedgeiag/threads for providing excellent community answers and insight, has put together a very nice UAG DirectAccess Configuration Guide. In Shannon’s configuration guide, you...
on
19 Oct 2010
Blog Post:
Connecting the DirectAccess Client to SAP
Thomas W Shinder - MSFT
When a DirectAccess client computer is on the Internet, it connects to the corporate network using DirectAccess. All communications between the DirectAccess client and DirectAccess server are done over IPv6 (encapsulated by an IPv4 tunnel to carry the IPv6 traffic over the IPv4 Internet). In fact, the...
on
8 Dec 2010
Blog Post:
DirectAccess and Expiring Computer Accounts
Thomas W Shinder - MSFT
An interesting question came up a few weeks ago regarding DirectAccess and expiring computer accounts. I thought it was an topical question that brought up some issues worth exploring, so I’m sharing with you some thoughts on the problem here. First a little background. UAG DirectAccess (and Windows...
on
14 Feb 2011
Blog Post:
Is ISATAP Required for UAG DirectAccess?
Thomas W Shinder - MSFT
The answer is “no” – but its important to understand the function of ISATAP and why or why not you might consider deploying ISATAP in your environment. Why ISATAP? ISATAP is the Intra-site Automatic Tunnel Addressing Protocol. The purpose of ISATAP is to allow you to use IPv6 aware applications on a...
on
1 Oct 2010
Blog Post:
DirectAccess Gets Positive Comments in The Register
Thomas W Shinder - MSFT
From what I hear, this year is going to be the year where we see the wave of enterprise Windows 7 rollouts take place. While I’m not sure how these assessments are made, it makes sense from where I sit. Windows 7 Service Pack 1 has been released and end users, admins and the media have all been complimentary...
on
30 Mar 2011
Blog Post:
Great New UAG DirectAccess Test Lab Content Available
Thomas W Shinder - MSFT
Let’s face it – you can make it an avocation (or worse, a vocation) of reading all the documentation we have on UAG DirectAccess and still not be able to figure out how to actually put together a working DirectAccess solution. A big part of that is that there are a lot of moving parts, and until you...
on
29 Jul 2010
Blog Post:
Troubleshooting DirectAccess Manage Out Connections
Thomas W Shinder - MSFT
The following are some troubleshooting steps if you run into problems getting inside-out management working. Inside-out management is the ability for a machine on the internal corporate network, such as a helpdesk machine, to be able to initiate communications to remote, internet-based DirectAccess...
on
1 Apr 2013
Blog Post:
UAG DirectAccess and the IPv6 Internet
Thomas W Shinder - MSFT
We’ve received a number of questions recently about UAG DirectAccess support for the IPv6 Internet. When thinking about the IPv6 Internet, you need to think about when the DirectAccess client is on an IPv6 Internet (or on an IPv6 only intranet) and when the UAG DirectAccess server has its external interface...
on
24 Mar 2011
Blog Post:
UAG DirectAccess "The adapter configured as external-facing is connected to a domain"
Thomas W Shinder - MSFT
Forefront UAG supports an enhanced version of DirectAccess that adds several features and capabilities that aren't available with the Windows only version of DirectAccess. After installing UAG on your Windows Server 2008 R2 server, you can then enable DirectAccess using the UAG DirectAccess wizard. Some...
on
27 May 2010
Blog Post:
UAG SP1 DirectAccess Contest Quiz One-Round One
Thomas W Shinder - MSFT
With all the excitement coming from the upcoming release of UAG Service Pack 1, I thought we might do something fun (OK, DirectAccess is always fun, but maybe we can do something closer to what other people would consider fun). What’s more fun than a contest? I know, a contest where you’re the winner...
on
2 Dec 2010
Blog Post:
A Great TMG and UAG Daily Double For You–Yuri Diogenes and Tom Shinder Talk with TechNet Talk Radio
Thomas W Shinder - MSFT
Got a long drive between home and work? Tired of listening to 80s hits on the radio? Then how about a change of pace and connect with The Edge Man Tom Shinder and Security guru Yuri Diogenes for a couple hours of TechNet Talk Radio? Yuri talks about TMG and how TMG can be used in a number of new scenarios...
on
21 Mar 2011
Blog Post:
Test Lab Guide–Demonstrate UAG SP1 RC DirectAccess with NAP Released
Thomas W Shinder - MSFT
The march of the Test Lab Guides continues! Today I’m offering up to you a Test Lab Guide I think you’re really going to like – the Test Lab Guide – Demonstrate UAG SP1 RC DirectAccess with NAP . In this Test Lab Guide, we change up the NAP settings by putting the Network Policy Server (NPS) and Health...
on
1 Nov 2010
Blog Post:
UAG DirectAccess Contest Continues on January 6 2011
Thomas W Shinder - MSFT
Just a quick note about the UAG DirectAccess contest. We didn’t have a quiz last week because of the entire world was on vacation We’ll continue the contest this week with the next quiz being tomorrow, January 6, 2011. The first round of the first contest is complete. The second round of the first contest...
on
5 Jan 2011
Blog Post:
Answers UAG DirectAccess Contest Quiz 1 Round 1
Thomas W Shinder - MSFT
Here are the answers to Quiz 1, Round 1: ==================================================== Question 1: Which Operating System(s) can be configured as DirectAccess clients? (choose the best answer) A. Windows 7 B. Windows Vista SP2 C. Windows Server 2008 R2 D. Windows 7 and Windows Vista SP2 E. Windows...
on
4 Dec 2010
Blog Post:
Test Lab Guide–Demonstrate UAG SP1 RC DirectAccess - Blog Version
Thomas W Shinder - MSFT
Hey folks – since the TLGs are typically put up only on the download center, it makes discoverability of some of the cool content inside of them hard when it comes to search engines. Therefore, I’m going to post the full text of the TLGs on the Edge Man blog. However, I recommend that you download the...
on
27 Oct 2010
Blog Post:
Clearing the Air on ISATAP
Thomas W Shinder - MSFT
For companies thinking about deploying DirectAccess, the question of whether or not you need to deploy ISATAP will invariably come up. The answer to this question is “no” and the reasons for why you don’t need ISATAP in a DirectAccess deployment are covered in my article over at http://blogs.technet...
on
21 Feb 2011
Blog Post:
Supporting Business Continuity, Disaster Recovery and Multi-Site Scenarios with UAG 2010 RTM and UAG 2010 Service Pack 1
Thomas W Shinder - MSFT
With the upcoming release of Unified Access Gateway 2010 (UAG) Service Pack 1, we decided it was important to discuss some important scenarios that many of our customers have asked us about. These scenarios are: Business Continuity Disaster Recovery Multi-Geo (Multi-site) deployment ...
on
1 Dec 2010
Blog Post:
UAG SP1 DirectAccess Contest 1–Round 2/Quiz 3 and Contest 2 Round 1/Quiz 3
Thomas W Shinder - MSFT
It’s time for your weekly UAG DirectAccess quiz! We’re getting close to the end of contest 1, so make sure you don’t miss a step for the next two weeks. Last week’s quiz was definitely tricky and introduced some obscure or difficult to find information. This week I’m going to try something a little different...
on
21 Jan 2011
Blog Post:
How to Disable IP-HTTPS for Testing and Troubleshooting
Thomas W Shinder - MSFT
A few people have mentioned on the web forums and in email discussions that they’d like an easy way to disable the IP-HTTPS interface on the DirectAccess client for testing purposes. They don’t want to disable it completely for all clients (which you can do through Group Policy), they just want to disable...
on
15 Feb 2011
Blog Post:
Certificate Related Questions and Test Lab Guide Guidance
Thomas W Shinder - MSFT
A couple of good questions were asked on a recent blog post and I figured it was worthwhile to answer them in more detail in a separate post. ==================================== “Can you clarify a couple points related to Certificate Authorities and CRLs? I plan on getting a commercial certificate...
on
26 Jan 2011
Blog Post:
A Short Introduction to UAG DirectAccess End to End Security
Thomas W Shinder - MSFT
I’m thinking of putting together a Test Lab Guide module for configuring end-to-end security for UAG DirectAccess clients and selected application servers on the intranet, so I configured the scenario in the Test Lab to see how it worked. I figured that since everything is working in the Test Lab now...
on
12 Sep 2010
>