Sunday, February 21, 2010

Windows Server 2008 R2 11

DirectAccess is the ability to have VPN Access without having VPN hardware. DirectAccess is a solution native to 2008 R2 that doesn't require extra VPN hardware (routers, etc).
We can set up a user machine so that users can get access to their corporate files over standard internet connections. Through DirectAccess, administrators can also push GPO updates to machines that are on the move without requiring them to be on-premises.

Components required for DirectAccess is a Windows 2008 R2 machine for use as a DirectAccess Server. The mobile clients also need to be Windows 7 or above. You need at least one Domain Controller and a DNS. The Domain Controller/DNS must be 2008 SP2 and above. Finally, we need a PKI infrastructure with a NAP (Network Access Protection) server. DirectAccess makes use of IPSec and Teredo (IPv6 Infrastructure).

Setting up of DirectAccess is extremely complex. DirectAccess also connects through port 443, which is HTTPS. This means that you will be able to do DirectAccess through any firewall that allows 443 traffic (literally every firewall).

The walkthrough for DirectAccess can be found here.

No comments :

Post a Comment