TechNet
Products
IT Resources
Downloads
Training
Support
Products
Windows
Windows Server
System Center
Internet Explorer
Office
Office 365
Exchange Server
SQL Server
SharePoint Products
Lync
See all products »
Resources
Curah! curation service
Evaluation Center
Learning Resources
Microsoft Tech Companion App
Microsoft Technical Communities
Microsoft Virtual Academy
Script Center
Server and Tools Blogs
TechNet Blogs
TechNet Flash Newsletter
TechNet Gallery
TechNet Library
TechNet Magazine
TechNet Subscriptions
TechNet Video
TechNet Wiki
Windows Sysinternals
Virtual Labs
Solutions
Networking
Cloud and Datacenter
Security
Virtualization
Updates
Service Packs
Security Bulletins
Microsoft Update
Trials
Windows Server 2012 R2
System Center 2012 R2
Microsoft SQL Server 2012 SP1
Windows 8.1 Enterprise
See all trials »
Related Sites
Microsoft Download Center
TechNet Evaluation Center
Drivers
Windows Sysinternals
TechNet Gallery
Training
Training Catalog
Class Locator
Microsoft Virtual Academy
Free Windows Server 2012 courses
Free Windows 8 courses
SQL Server training
e-Learning overview
Certifications
Certification overview
MCSA: Windows 8
Windows Server Certification (MCSE)
Private Cloud Certification (MCSE)
SQL Server Certification (MCSE)
Other resources
TechNet Events
Second shot for certification
Born To Learn blog
Find technical communities in your area
Support options
For small and midsize businesses
For enterprises
For developers
For IT professionals
From partners
For technical support
Support offerings
For home users
More support
Microsoft Premier Online
Microsoft Fix It Center
TechNet Forums
MSDN Forums
Security Bulletins & Advisories
International support solutions
Log a support ticket
Not an IT pro?
Microsoft Customer Support
Microsoft Community Forums
Sign in
The Cloud Security Man
Cloud Security is Job One for the Cloud Security Man
Tags
6to4
6to4 Interface
Active Directory
Array
Ben Ari
Carsten Kinder
certificate revocation list
Certificates
certification authority
Cloud
Commercial Certificate
configuration
Contest
CRL
DA
DCA
Deployment
Diogenes
DirectAccess
DirectAccess Monitor
DNS
DNS64
domain detection
edge man
end-to-end security
error
Extension
firewall
Force Tunneling
Fun
Good Press
Group Policy
Group Policy Objects
Identity
Identity Management
Infrastructure
IP Protocol 41
IP-HTTPS
IPsec
IPv6
IPv6 transition technologies
IPv6 Transition Technology
ISATAP
ISATAP router
Jason Jones
Manage Out
mobile broadband
Multi-Geo
Multi-site
Name Resolution Policy Table
NAP
NAT
NAT64
NetBIOS name
Network Access Protection
Network Location Server
NLA
NLB
NRPT
Private Cloud
Proof of Concept
Remote Desktop Gateway
remote management
SAP GUI
Secure Socket Tunneling Protocol
Security
service pack 1
Shannon Fritz. Tom Shinder
Small Business
SMB
Split Tunneling
SSTP
Talk TechNet
Tarun Sachdeva
Technet
TechNet Talk Radio
Teredo
Test Lab
test lab guides
The Edge Man
TLG
TLGs
TMG
Tom Shinder
tomsh
topology
Troubleshooting
UAG
UAG Management Console
UAG Service Pack 1
UAG SP1 RC
Unfied Access Gateway
Unified Access Gateway
Virtualization
Wiki stuff
WiMax
Windows Direct Access
Windows Firewall Profile
Windows Update
Yuri Diogenes
Browse by Tags
TechNet Blogs
»
The Cloud Security Man
»
All Tags
»
tomsh
Related Posts
Blog Post:
Why You Need an External ISATAP Router for a Multi-Site UAG DirectAccess Deployment
Thomas W Shinder - MSFT
Someone asked a good question the other day regarding our design for a multi-site UAG DirectAccess deployments. If you haven’t seen the high level descriptions on what is required for a multi-site UAG DirectAccess design, then first check out the following blog posts: http://blogs.technet...
on
9 Feb 2011
Blog Post:
Excellent UAG DirectAccess Configuration Guide by Shannon Fritz
Thomas W Shinder - MSFT
Shannon Fritz , who’s well known on the UAG DirectAccess forums at http://social.technet.microsoft.com/Forums/en-US/forefrontedgeiag/threads for providing excellent community answers and insight, has put together a very nice UAG DirectAccess Configuration Guide. In Shannon’s configuration guide, you...
on
19 Oct 2010
Blog Post:
DirectAccess and Expiring Computer Accounts
Thomas W Shinder - MSFT
An interesting question came up a few weeks ago regarding DirectAccess and expiring computer accounts. I thought it was an topical question that brought up some issues worth exploring, so I’m sharing with you some thoughts on the problem here. First a little background. UAG DirectAccess (and Windows...
on
14 Feb 2011
Blog Post:
Is ISATAP Required for UAG DirectAccess?
Thomas W Shinder - MSFT
The answer is “no” – but its important to understand the function of ISATAP and why or why not you might consider deploying ISATAP in your environment. Why ISATAP? ISATAP is the Intra-site Automatic Tunnel Addressing Protocol. The purpose of ISATAP is to allow you to use IPv6 aware applications on a...
on
1 Oct 2010
Blog Post:
DirectAccess Gets Positive Comments in The Register
Thomas W Shinder - MSFT
From what I hear, this year is going to be the year where we see the wave of enterprise Windows 7 rollouts take place. While I’m not sure how these assessments are made, it makes sense from where I sit. Windows 7 Service Pack 1 has been released and end users, admins and the media have all been complimentary...
on
30 Mar 2011
Blog Post:
Heads Up on New Contest for Forefront Security Enthusiasts
Thomas W Shinder - MSFT
Many of your might know my friend Yuri Diogenes from the great work he’s done over the years for ISA Server and the TMG firewall. Yuri has spent the last several years working in the CSS Security Team, and most of his work was focused on Forefront products. Last Month, Yuri moved from the support organization...
on
25 Mar 2011
Blog Post:
UAG DirectAccess and the IPv6 Internet
Thomas W Shinder - MSFT
We’ve received a number of questions recently about UAG DirectAccess support for the IPv6 Internet. When thinking about the IPv6 Internet, you need to think about when the DirectAccess client is on an IPv6 Internet (or on an IPv6 only intranet) and when the UAG DirectAccess server has its external interface...
on
24 Mar 2011
Blog Post:
UAG SP1 DirectAccess Contest Quiz One-Round One
Thomas W Shinder - MSFT
With all the excitement coming from the upcoming release of UAG Service Pack 1, I thought we might do something fun (OK, DirectAccess is always fun, but maybe we can do something closer to what other people would consider fun). What’s more fun than a contest? I know, a contest where you’re the winner...
on
2 Dec 2010
Blog Post:
A Great TMG and UAG Daily Double For You–Yuri Diogenes and Tom Shinder Talk with TechNet Talk Radio
Thomas W Shinder - MSFT
Got a long drive between home and work? Tired of listening to 80s hits on the radio? Then how about a change of pace and connect with The Edge Man Tom Shinder and Security guru Yuri Diogenes for a couple hours of TechNet Talk Radio? Yuri talks about TMG and how TMG can be used in a number of new scenarios...
on
21 Mar 2011
Blog Post:
Test Lab Guide–Demonstrate UAG SP1 RC DirectAccess with NAP Released
Thomas W Shinder - MSFT
The march of the Test Lab Guides continues! Today I’m offering up to you a Test Lab Guide I think you’re really going to like – the Test Lab Guide – Demonstrate UAG SP1 RC DirectAccess with NAP . In this Test Lab Guide, we change up the NAP settings by putting the Network Policy Server (NPS) and Health...
on
1 Nov 2010
Blog Post:
UAG DirectAccess Contest Continues on January 6 2011
Thomas W Shinder - MSFT
Just a quick note about the UAG DirectAccess contest. We didn’t have a quiz last week because of the entire world was on vacation We’ll continue the contest this week with the next quiz being tomorrow, January 6, 2011. The first round of the first contest is complete. The second round of the first contest...
on
5 Jan 2011
Blog Post:
Answers UAG DirectAccess Contest Quiz 1 Round 1
Thomas W Shinder - MSFT
Here are the answers to Quiz 1, Round 1: ==================================================== Question 1: Which Operating System(s) can be configured as DirectAccess clients? (choose the best answer) A. Windows 7 B. Windows Vista SP2 C. Windows Server 2008 R2 D. Windows 7 and Windows Vista SP2 E. Windows...
on
4 Dec 2010
Blog Post:
Test Lab Guide–Demonstrate UAG SP1 RC DirectAccess - Blog Version
Thomas W Shinder - MSFT
Hey folks – since the TLGs are typically put up only on the download center, it makes discoverability of some of the cool content inside of them hard when it comes to search engines. Therefore, I’m going to post the full text of the TLGs on the Edge Man blog. However, I recommend that you download the...
on
27 Oct 2010
Blog Post:
Questions and Answers for Planning a Small Business DirectAccess Deployment
Thomas W Shinder - MSFT
While I spend most (all) of my time working with the UAG DirectAccess solution, UAG DirectAccess is functionality essentially represents a superset of Windows DirectAccess functionality. Therefore, I thought it might be interesting to share with you all some questions I received from a fellow who is...
on
4 Jan 2011
Blog Post:
UAG SP1 DirectAccess Contest 1–Round 2/Quiz 3 and Contest 2 Round 1/Quiz 3
Thomas W Shinder - MSFT
It’s time for your weekly UAG DirectAccess quiz! We’re getting close to the end of contest 1, so make sure you don’t miss a step for the next two weeks. Last week’s quiz was definitely tricky and introduced some obscure or difficult to find information. This week I’m going to try something a little different...
on
21 Jan 2011
Blog Post:
How to Disable IP-HTTPS for Testing and Troubleshooting
Thomas W Shinder - MSFT
A few people have mentioned on the web forums and in email discussions that they’d like an easy way to disable the IP-HTTPS interface on the DirectAccess client for testing purposes. They don’t want to disable it completely for all clients (which you can do through Group Policy), they just want to disable...
on
15 Feb 2011
Blog Post:
A New Tech Talk Show–Security Talk with Yuri Diogenes and Tom Shinder
Thomas W Shinder - MSFT
Yuri Diogenes and I have worked together on a number of projects over the years – last year we published three new books on TMG, UAG and Forefront Security for Exchange. You can find more information on these books on Yuri’s blog at http://blogs.technet.com/b/yuridiogenes/archive/2010/07/08/new-forefront...
on
2 May 2011
Blog Post:
Certificate Related Questions and Test Lab Guide Guidance
Thomas W Shinder - MSFT
A couple of good questions were asked on a recent blog post and I figured it was worthwhile to answer them in more detail in a separate post. ==================================== “Can you clarify a couple points related to Certificate Authorities and CRLs? I plan on getting a commercial certificate...
on
26 Jan 2011
Blog Post:
A Short Introduction to UAG DirectAccess End to End Security
Thomas W Shinder - MSFT
I’m thinking of putting together a Test Lab Guide module for configuring end-to-end security for UAG DirectAccess clients and selected application servers on the intranet, so I configured the scenario in the Test Lab to see how it worked. I figured that since everything is working in the Test Lab now...
on
12 Sep 2010
Blog Post:
Some 3G Connections May Not Enable DirectAccess Always-On Connectivity
Thomas W Shinder - MSFT
DirectAccess is about being “always-on”. When I start my laptop in the morning, I’m ready to get to work. Even though I don’t work on the Microsoft campus, I’m able to connect to anything I want (that I have permissions to connect to) on the Microsoft intranet without thinking about connecting to an...
on
18 Jan 2011
Blog Post:
Answers to UAG SP1 DirectAccess Contest 1–Round 2/Quiz 2 and Contest 2 Round 1/Quiz 2
Thomas W Shinder - MSFT
Now for the moment you’ve all been waiting for – the answers to UAG SP1 DirectAccess Contest 1–Round 2/Quiz 2 and Contest 2 Round 1/Quiz 2! Here you go: =========================================== Question 1: ISATAP is an IPv6 transition technology that enables computers to tunnel IPv6 packets inside...
on
18 Jan 2011
Blog Post:
DirectAccess Application Compatibility by Jason Jones
Thomas W Shinder - MSFT
Jason Jones , one of our ace Forefront MVPs, has put together a great blog post on DirectAccess application compatibility. If you’re in the process of planning a UAG DirectAccess rollout, you might want to check out this list. Forefront UAG DirectAccess: Application Compatibility Table HTH, Tom Tom Shinder...
on
4 Nov 2010
Blog Post:
Another Cause of the “No Usable Certificate(s) 0x103 Error
Thomas W Shinder - MSFT
One of the most mysterious errors you’ll see when working with DirectAccess are related to failures in IP-HTTPS connectivity. I did a blog post on this problem last year and you can find it at http://blogs.technet.com/b/tomshinder/archive/2010/03/30/troubleshooting-the-no-usable-certificate-s-ip-https...
on
21 Feb 2011
Blog Post:
Why Split Tunneling is Not a Security Issue with DirectAccess
Thomas W Shinder - MSFT
(Discuss UAG DirectAccess issues on the TechNet Forums over at http://social.technet.microsoft.com/Forums/en-US/forefrontedgeiag ) As a member of the Anywhere Access Team with a primary focus on UAG DirectAccess (DA), one of the questions that I hear a lot relates to the security of the solution, due...
on
2 Mar 2010
Blog Post:
UAG SP1 DirectAccess Contest 1–Round 2/Quiz 4 (Final) and Contest 2 Round 1/Quiz 4
Thomas W Shinder - MSFT
Wow! This is it – the last quiz in Contest 1. That’s right – this is quiz 4 of the second round. To celebrate this occasion and to make things more interesting, we’re going to have FIVE questions. This will give those who are behind a better chance of catching up and put some pressure on the leaders...
on
28 Jan 2011
>