What you need to implement DirectAccess in Windows 7 & Windows Server 2008 R2

  • Article

DirectAccess is a new remote access technology that’s available with the combination of Windows Server 2008 R2 and Windows 7 Enterprise or Ultimate editions. DirectAccess promises to revolutionize the entire remote access experience so that employees can be productive from anywhere at any time, without the constraints of traditional remote access technologies, such as network-level VPNs, SSL VPN gateways, and reverse proxies. It provides a seamless experience for users and advanced management capabilities for IT. DirectAccess enables access from anywhere, even when the DirectAccess client system is behind a restrictive firewall.

You must meet several requirements before starting a DirectAccess deployment. For starters, you need:

  • At least one domain controller running Windows Server 2003 or above.
  • An internal PKI to assign machine certificates to DirectAccess clients and the DirectAccess server.
  • A private or public PKI to assign Web site certificates to the IP-HTTPS listener and the Network Location Server (discussed later).

And you’ll need to meet these additional requirements:

  • The DirectAccess server must be Windows Server 2008 R2 Standard or Enterprise or higher.
  • IPv6 must be enabled, and IPv6 transition technologies must also not be disabled.
  • DirectAccess clients must run Windows 7 Enterprise or Ultimate edition.
  • DirectAccess clients must be members of an Active Directory domain.
  • A highly available Network Location Server (Web server) must be on the corpnet.
  • If there are firewalls in front of or behind the DirectAccess server, packet filters must be enabled to allow the required traffic.
  • The DirectAccess server must have two network interface adapters

Ref: https://blogs.techrepublic.com.com/10things/?p=1371&tag=content;rightCol