Requirements for DirectAccess

All replies

• 

  

  0

  Sign in to vote

  Ok, I found much of the info I need here:
  http://download.microsoft.com/download/5/E/6/5E66B27B-988B-4F50-AF3A-C2FF1E62180F/ENT-T619_WH08.pptx
  
  -Sindre

  • Proposed as answer by Sainath IRP_MJ_CREATEMVP, Moderator Thursday, January 15, 2009 6:56 AM

  Friday, January 9, 2009 10:40 AM
• 

  

  0

  Sign in to vote

  Hi sindre,
  
  best of luck.

  ---

  sainath Windows Driver Development

  Friday, January 9, 2009 11:26 AM

  Moderator
• 

  

  0

  Sign in to vote

  Did not anyone find some more detailed info? I have started building a test set with a windows 7 laptop, a windows server 2008 r2 server with 2 networkcards and two public ip addresses. But still try to figure out how to get it working.
  
  Unfortunately at the DAMgmt tool the help at the bottom is not yet working, the is an "Overview of DirectAccess" and a "Checklist: Before you configure DirectAccess" but they lead to the help of Windows Firewall and an error page.
  
  Marc.

  Sunday, January 11, 2009 7:25 PM
• 

  

  0

  Sign in to vote

  Hi
  
  Some more info here in this overview:
  http://www.microsoft.com/downloads/details.aspx?FamilyID=64966e88-1377-4d1a-be86-ab77014495f4&DisplayLang=en
  
  Regards
  Sindre

  Thursday, January 15, 2009 7:00 AM
• 

  

  0

  Sign in to vote

  Well it' s not much but it' s more than nothing, good find.
  I hope to get some time in the weekend to start playing with it again.
  
  Marc.

  Thursday, January 15, 2009 10:18 PM
• 

  

  0

  Sign in to vote

  Hi,

  
  

  tried to set up a test set as well, but still couldn't manage to get it work.

  Both NICs are provided with two consecutive ipv4-addresses, but it still says "The DirectAccess server must have two consecutive public IPv4 adresses configured on the same physical interface. Configure IPv4 adresses and then try again."

  
  

  I just found the documents you already postet. Help file doesn't work here too.

  
  

  regards 

  Patrik

  Friday, January 16, 2009 4:40 PM
• 

  

  0

  Sign in to vote

  That part I' ve got working. I' ve made a security group with some members. But now it starts about "The interface connected to the internet must no be classified as a Domain network" I have to look up how to get this fixed. Maby the problem is that I run all things on one server. DC, DNS and Direct Access? 
  
  Marc.

  Friday, January 16, 2009 6:59 PM
• 

  

  0

  Sign in to vote

  I' am going to build a new test domain with a couple of PC' s. One PC as AD, DC, DNS, DHCP and Certificateserver. One PC for Direct Access with two networcards, on the internet networkcard two public IP addresses, on the intranet networkcard a connection to the AD. And a laptop with Windows 7 as a domainjoined PC to use from the internet so I can test Direct Access. Did I forget to mention some thing?
  
  Marc.

  Saturday, January 17, 2009 5:38 PM
• 

  

  0

  Sign in to vote

  What did you do [anyone] go get past this message, "The DirectAccess server must have two consecutive public IPv4 adresses configured on the same physical interface."
  
  I've added 2 virtual nics to a Hyper-V R2 VM and assigned the consectuive ip addresses to both but I  still get the message.
  
  
  
  
  Topstep1

  Monday, January 19, 2009 10:49 PM
• 

  

  0

  Sign in to vote

  Thinking it was a Hyper-V issue, I tried the same thing using Vmware Workstatio 6.51 and still get the error about nics not being set right.
  
  Funny thing is I have an EdgeServer for Exchange 2007 SP1 running on VMware ESX with no issues at all and it requires two nics. I thought DirectAccess was sort of the same 'type' of base setup; the EdgeServer faces the internet and is not domain joined but uses ADAM and a 'syncing'  (Edgesync) to communicatate with the Exchange Server. This satisfies the need for AD info without requiring the machine to be domain joined.
  
  In contrast,  the DirectAccess server is 'required' to be domain joined.
  
  
  Anyone care to share some jump starting information. I guess the wizard will guide you thru the setup but still, I get satisfy the nic setup requirements. What am  I doing wrong?
  
  
  Topstep1
  
  ps. I Would be nice is the Host could make available some 'how to' info.
  

  Wednesday, January 21, 2009 4:36 PM
• 

  

  0

  Sign in to vote

  Do you have two consecutive public ip addresses? Like 193.171.12.151 and 193.171.12.152 NOT in the private range like 192.168.1.1 or 10.0.0.1. I had the two public addresses on my internet Nic and the wizard did go past that part. Then i had some other problems like my server was also DC, Certserver, DNS and everything else. I was very busy in the last week so i am gone a give it another try later this week.

  Marc.

  Monday, January 26, 2009 8:03 PM
• 

  

  0

  Sign in to vote

  FYI: A new TechNet Web page has been created to contain the links to current and upcoming DA content:

  http://technet.microsoft.com/en-us/network/dd420463.aspx

   

   

  Wednesday, January 28, 2009 9:43 PM
• 

  

  0

  Sign in to vote

  Joe, the article was already mentioned earlier in the thread, but thanks any way.

  Marc.

  Wednesday, January 28, 2009 9:46 PM
• 

  

  0

  Sign in to vote

  Has anyone gotten this to work?  I am stuck at the PKI certificate section.   I have an enterprise PKI and it appears to be working fine, but the setup for DA still says I need an ID cert installed locally.  Ugh.  Anything would help.
  
  Thanks,
  
  Jeff

  Friday, February 6, 2009 7:33 PM
• 

  

  0

  Sign in to vote

  May be, my setup is not complaining about anything any more but in Step 4 it asks for an Network Location Server? Whats that? I can not find any info on that.
  
  Marc.

  Saturday, February 7, 2009 5:23 PM
• 

  

  0

  Sign in to vote

  I'm stuck at Step 2 at the moment with the following message:

  "The interface connected to the Internet must not be classified as a Domain network."

  
  

  I'm sure this problem can be solved easily, but I honestly don't know how. 

  There is no internal IP assigned, just the Router as DNS and Gateway.

  
  

  regards,

  
  

  Patrik

  Tuesday, February 10, 2009 1:50 PM
• 

  

  0

  Sign in to vote

  FYI: The "DirectAccess Early Adopter's Guide" has been published at http://www.microsoft.com/downloads/details.aspx?FamilyID=2fdc531d-9138-454f-a820-78211755b52a&displaylang=en.
  
  

  This guide introduces DirectAccess concepts, defines new terms, explains requirements for installation, discusses how to design DirectAccess architecture, and then steps you through installation and deployment.
  

  • Marked as answer by Elisa Willman Wednesday, March 18, 2009 5:10 AM

  Tuesday, February 10, 2009 3:56 PM
• 

  

  0

  Sign in to vote

  Thats what we need, thank you.
  

  Wednesday, February 11, 2009 7:12 PM
• 

  

  0

  Sign in to vote

  My DirectAccess reports DNS error within the DirectAccess management console.
  The error message says:
  
  None of the enterprise DNS servers "20xx:cxxx:x:x:xxxx:192:xxx:xxx:xxx" that DA client will attempt to use for name resolution appear to be responsive. This will prevent the DA clients from being able to resolve names in the corporate namespace, thus preventing them from connection to the enterprise network. Make sure the DNS server is online and responding to name resolution requests.
  
  I've used the "DirectAccess Early Adopters Guide" but that don't help me to troubleshoot further for the moment.
  “Direct Early Adopters Guide” is found here: http://www.microsoft.com/downloads/details.aspx?FamilyID=2fdc531d-9138-454f-a820-78211755b52a&DisplayLang=en
  
  Someone else who's into this?
  
  
  Regards
  HePa

  Saturday, March 7, 2009 11:41 AM
• 

  

  0

  Sign in to vote

  I'm stuck with the same problem, even when I set up a DNS server on the Direct Access Gateway itself. Still not responsive. And diagnostics tools like nslookup and portqry doesn't help with IPv6 testing.
  
  Regards
  Sindre

  Sunday, March 8, 2009 8:08 AM
• 

  

  0

  Sign in to vote

  Yesterday I found that I had problem with my IPv6 settings for DNS. I run dcdiag /test:dns on my domain controller and it reported errors. But I don't know how to configure the DNS settings on the domain controller/DNS server and on the DirectAccess server.
  
  Do I need to configure something within the DNS management console, TCP/IP settings on the DNS server and DirectAccess server?
  Sindres, do you know how to configure the DNS settings properly within the TCP/IP settings on the domain controller and DirectAccess server?
  
  Regards
  HePa

  Sunday, March 8, 2009 12:17 PM
• 

  

  0

  Sign in to vote

  hlat said:

  I'm stuck at Step 2 at the moment with the following message:

  "The interface connected to the Internet must not be classified as a Domain network."

  
  

  I'm sure this problem can be solved easily, but I honestly don't know how. 

  There is no internal IP assigned, just the Router as DNS and Gateway.

  
  

  regards,

  
  

  Patrik

  
  Hi,

  
  

  still got the same problem, any idea how to solve this?

  
  

  thanks!

  Monday, March 9, 2009 5:07 PM
• 

  

  0

  Sign in to vote

  Change the network profile from "Domain network" to "Private" or "Public".

  Tuesday, March 10, 2009 6:40 AM
• 

  

  0

  Sign in to vote

  At the DirectAccess Early Adopters Guide, at page 32 is the explanation of how to change the interface configuration to "Public" or "Private".
  
  10. On the DirectAccess server, ensure the Internet-facing interface is configured to be either a “Public” or a “Private” interface (depending on your network design) and the intranet interfaces are configured to be “Domain” interfaces. No other combinations are supported. If you have more than two interfaces, ensure that no more than two classification types are selected.
  
  Best regards
  HePa

  Tuesday, March 10, 2009 2:20 PM
• 

  

  0

  Sign in to vote

  Hi,
  
  did anyone manage to get DirectAccess installed in a virtual test environment?
  I'm trying to get it working @home but i keep getting the error message to configure 2 consecutive ips.
  Are the two virtual network cards maybe not recognized as different physical ones (as there is only one physical behind)?
  
  Much appreciate any suggestions.
  Best Regards
  
  Stefan

  Wednesday, May 6, 2009 6:50 AM
• 

  

  0

  Sign in to vote

  For all that had problems to configure DirectAcess this is a really good guide for building a testlab.
  
  http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=8d47ed5f-d217-4d84-b698-f39360d82fac
  
  Hope this helps.
  
  Cheers
  
  Stefan

  Thursday, May 7, 2009 9:53 PM
• 

  

  0

  Sign in to vote

  The test lab document is definitely the place to start. There are a lot of steps that include concepts that aren't explained, so if you have questions, please share them with us on this board, or better, start a new thread. Some of the steps in the lab required to make DA work, but some of them are just needed to get a particular function within the lab work. It's important that you understand what the DA requirements and dependancies are, and what are artifacts of the test lab -- so that you can generalize what you've learned in the test lab to your own environment.
  
  HTH,
  Tom
  
  Microsoft ISDUA

  Thursday, December 31, 2009 2:53 PM