DirectAccess – Installation – Configuration in Windows Server 2016/2019

Presentation

DirectAccess is a feature available with the Remote Access role, which allows you to set up an automatic connection solution to the corporate network for mobile computers or for small remote sites.

Unlike a VPN, the connection is initiated directly by a service on the remote computer, which allows for similar behavior if the workstation is in the corporate network:

  • Applying group policies.
  • Ability to open another user session in the Active Directory.

DirectAccess also has two other benefits that are:

  • The automatic connection without manipulation on the part of the user.
  • The ability to force internet traffic through the corporate network which allows to apply the rules of web filtering (proxy).

DirectAccess relies on the IPv6 protocol for communication between the corporate network and the customer.

Before establishing the connection, the client tests access to a probe to find out if it is in the company network or outside.

For DNS resolution, a Group Policy configures the NRPT table so that the computer when it is connected to the corporate network sends the requests from the local domain to the DirectAccess server.

It is possible to increase the security of connections by identifying computers with a certificate.

In this tutorial, we will see how to deploy DirectAccess with a server with a single network card behind a firewall.

DirectAccess deployment

This tutorial can also be used to deploy DirectAccess with Windows 2012R2

Documentation Microsoft : https://docs.microsoft.com/fr-fr/windows-server/remote/remote-access/directaccess/directaccess


How useful was this post?

Click on a star to rate it!

Average rating / 5. Vote count:

We are sorry that this post was not useful for you!

Let us improve this post!



Related Posts


Hyper-V: Change the MAC Address of a Virtual Machine
It is possible in Hyper-V as in VMware to change the MAC address of a network adapter of a virtual machine. We usually have to do this kind of operation on machines where the software uses the MAC address cards to generate the licenses 1. Open the Hy

VPN Server with Windows Server: Installation and Configuration
In this tutorial, I will explain how to set up a VPN server on Windows Server with the role of remote access and configure access with NPS. When setting up a VPN server with Windows, 3 types of VPN service are installed: PPTP L2TP SSTP In this tutori

Sophos XG: add a vlan
In this article, I'll explain how to declare a vlan on your Sophos XG firewall. Before you create it on the firewall, you must make sure that the port of the switch where the firewall is connected is tagged. Go to the firewall administration web inte

Leave a Comment