DirectAccess IPv6 Transition Protocols Explained
Introduction From a client perspective, DirectAccess is an IPv6-only solution. The DirectAccess client communicates with the DirectAccess server exclusively using IPv6. However, IPv6 is not widely...
View ArticleForwarding is Disabled on the DirectAccess Teredo Server
Recently while working with a customer to configure Windows Server 2012 R2 DirectAccess I encountered an issue with Teredo failing after enabling multisite. The remote access management console...
View ArticleActive Directory IP Subnets for DirectAccess Clients
Introduction When deploying Windows Server 2012 R2 DirectAccess I’m often asked which Active Directory (AD) site a client is associated with when it establishes DirectAccess connectivity. The answer...
View ArticleDisable 6to4 IPv6 Transition Protocol for DirectAccess Clients
Introduction DirectAccess client to server connections are established exclusively over IPv6. To allow for this communication to take place over the public IPv4 Internet, DirectAccess uses IPv6...
View ArticleDirectAccess Load Balancing and Multisite Configuration Options Unavailable
DirectAccess in Windows Server 2012 R2 supports load balancing and multisite configuration options to provide both local and geographic redundancy, respectively. To configure either of these options,...
View ArticleISP Address Field is Blank in DirectAccess Status and Reports
When viewing DirectAccess client status in the Remote Access Management console, you will notice that the ISP address field is blank for clients using the IP-HTTPS IPv6 transition protocol. However,...
View ArticleDirectAccess Client Firewall Rule Configuration for ISATAP Manage Out
For DirectAccess manage out scenarios, it is necessary to configure the Windows firewall on the DirectAccess client to allow any required inbound communication from the corporate network. For example,...
View ArticleMonitoring DirectAccess Machine and User Activity with Windows Component...
The monitoring of DirectAccess machine and user activity presents some unique challenges for security administrators. All DirectAccess client communication destined for the internal corporate network...
View ArticleCritical Update MS15-034 and DirectAccess
The April 2015 monthly security update release from Microsoft includes a fix for a serious vulnerability in HTTP.sys. On an unpatched server, an attacker who sends a specially crafted HTTP request will...
View ArticleEnable Teredo Support after DirectAccess Has Been Configured
DirectAccess leverages IPv6 transition protocols to enable clients to connect to the DirectAccess server when both are located on the IPv4 Internet. When the DirectAccess server is located in a...
View ArticleDirectAccess and the TLS Logjam Attack
Another critical flaw affecting Transport Layer Security (TLS) was discovered recently that could put some organizations at risk. The “Logjam” attack exploits a weakness in how the Diffie-Hellman key...
View ArticleDirectAccess DNS Records Explained
After installing and configuring DirectAccess with Windows Server 2012 R2, several new host records appear automatically in the internal DNS (assuming dynamic DNS is supported, of course). One of them...
View ArticleDirectAccess Consulting Services Now Available
For the last five years I’ve been helping organizations large and small deploy DirectAccess. During that time I have amassed a wealth of knowledge and experience with this unique technology....
View ArticleDirectAccess and Windows 10 Better Together
With last week’s release of Windows 10, many organizations who chose to skip Windows 8 are now beginning to deploy Windows 10. To maximize investment in Windows 10, DirectAccess can be leveraged to...
View ArticleWEBINAR: Maximize Your Investment in Windows 10 with DirectAccess and the...
With the recent release of Microsoft’s Windows 10 client operating system, many organizations are now planning their migration to Windows 10 from previous versions. For those organizations looking to...
View ArticleDirectAccess Manage Out from Windows 10 Does Not Work
For DirectAccess manage out deployments using ISATAP, you may encounter a scenario in which you are unable to initiate outbound connections to connected DirectAccess clients from a Windows 10 computer....
View Article3 Important Things You Need to Know about Windows 10 and DirectAccess
DirectAccess has been with us for quite some time know, having been originally introduced with Windows Server 2008 R2, later enhanced with Forefront Unified Access Gateway (UAG) 2010, and finally...
View ArticleSSH Administration over a DirectAccess Connection
From a client perspective, DirectAccess is an IPv6 only solution. All communication between the DirectAccess client and server takes place exclusively over IPv6. This can make things challenging for...
View ArticleDirectAccess IP-HTTPS Discovery Script for Nmap
When troubleshooting DirectAccess connectivity issues, the popular Nmap network mapping and discovery tool is an invaluable resource for verifying the communication path to the DirectAccess server from...
View ArticleDirectAccess and Multi-SAN SSL Certificates for IP-HTTPS
Introduction When preparing a DirectAccess server, an SSL certificate is required for the IP-HTTPS IPv6 transition technology. This certificate is often issued by a public Certification Authority (CA),...
View Article
More Pages to Explore .....