Microsoft DirectAccess Best Practices and Troubleshooting
|Also available on:|
- Learn how to make Manage Out work for your DirectAccess clients without compromising your network
- Learn how to understand enormous logfiles along with common troubleshooting criteria
- Explore some unique troubleshooting scenarios and learn the solutions
- Includes illustrations and screenshots with clear, step-by-step instructions and examples from the field
Book DetailsLanguage : English
Paperback : 116 pages [ 235mm x 191mm ]
Release Date : October 2013
ISBN : 1782171061
ISBN 13 : 9781782171065
Author(s) : Jordan Krause
Topics and Technologies : All Books, Virtualization and Cloud, Enterprise
Table of ContentsPreface
Chapter 1: DirectAccess Server Best Practices
Chapter 2: DirectAccess Environmental Best Practices
Chapter 3: Configuring Manage Out to DirectAccess Clients
Chapter 4: General DirectAccess Troubleshooting
Chapter 5: Unique DirectAccess Troubleshooting Scenarios
- Chapter 1: DirectAccess Server Best Practices
- Preparing your Remote Access servers for DirectAccess
- NIC configuration
- Configuring internal NIC
- Configuring external NIC
- NIC binding
- MAC address spoofing for virtual machines
- Adding static routes
- Hostname and domain membership
- Prestage the computer account
- Time for certificates
- Installing the IP-HTTPS SSL certificate
- Installing the IPsec machine certificate
- Adding the roles
- Don't use the Getting Started Wizard!
- Running the full Remote Access Setup Wizard
- Reasons not to use the Getting Started Wizard
- Self-signed certificates
- Self-hosted NLS
- Disables Teredo
- Applies client policy to the domain computers group
- No advanced choices
- Security hardening the server
- Chapter 2: DirectAccess Environmental Best Practices
- To NAT or not to NAT?
- Three is better than one
- Efficiency of Teredo over IP-HTTPS
- Planning for Certificates (PKI)
- SSL certificate for NLS
- SSL certificate for IP-HTTPS
- Machine certificates for IPsec
- Requirements for the machine certificate
- Choosing the CA in the wizards
- Marking your calendars for certificate expirations
- Defining your GPOs and security groups
- Let the wizards take care of it
- Creating your own GPOs
- Setting up the Network Location Server (NLS)
- Do I need IPv6 or ISATAP?
- Teredo and 6to4 tips and tricks
- Set Teredo to EnterpriseClient
- Using Group Policy for this change
- Disabling the 6to4 adapter on your clients
- Using Group Policy for this change
- Chapter 3: Configuring Manage Out to DirectAccess Clients
- Pulls versus pushes
- What does Manage Out have to do with IPv6?
- Creating a selective ISATAP environment
- Creating a security group and DNS record
- Creating the GPO
- Configuring the GPO
- Adding machines to the group
- Setting up client-side firewall rules
- RDP to a DirectAccess client
- No ISATAP with multisite DirectAccess
- Chapter 4: General DirectAccess Troubleshooting
- Remote Access Management Console
- Windows Firewall with Advanced Security
- Reading the client logfiles
- What happened to Teredo?
- Clients with native IPv6
- Chapter 5: Unique DirectAccess Troubleshooting Scenarios
- What happens when NLS is offline?
- The resolution
- I enabled NLB and DA broke!
- The resolution
- IPv4 applications don't connect over DA
- App46 by IVO Networks
- Cannot contact some servers
- Name resolution
- Checking DNS for strange AAAA records
- Does it work over IP-HTTPS and not Teredo?
Please let us know if you have found any errors not listed on this list by completing our errata submission form. Our editors will check them and add them to this list. Thank you.
What you will learn from this book
- Prepare your DirectAccess server to adhere to best practice standards
- Configure the environment correctly so that it is prepared to help, not hinder, your implementation
- Implement certificates to be used with DirectAccess with precession
- Learn how to tame ISATAP and make it work for you
- Train your brain to read those huge logfiles in less than ten seconds
- Journey through advanced troubleshooting scenarios
- Diagnose real-world problems for situations taken directly from the field
- Get your IPv4 applications working over DirectAccess
DirectAccess is an amazing Microsoft technology that is truly the evolution of VPN; any Microsoft-centric shop needs this technology. DirectAccess is an automatic remote access solution that takes care of everything from planning to deployment.
Microsoft DirectAccess Best Practices and Troubleshooting will provide you with the precise steps you need to take for the very best possible implementation of DirectAccess in your network. You will find answers to some of the most frequently asked questions from administrators and explore unique troubleshooting scenarios that you will want to understand in case they happen to you.
Microsoft DirectAccess Best Practices and Troubleshooting outlines best practices for configuring DirectAccess in any network. You will learn how to configure Manage Out capabilities to plan, administer, and deploy DirectAccess client computers from inside the corporate network. You will also learn about a couple of the lesser-known capabilities within a DirectAccess environment and the log information that is available on the client machines.
This book also focuses on some specific cases that portray unique or interesting troubleshooting scenarios that DirectAccess administrators may encounter. By describing the problem, the symptoms, and the fixes to these problems, the reader will be able to gain a deeper understanding of the way DirectAccess works and why these external influences are important to the overall solution.
This book covers best practices and acts as a complete guide to DirectAccess and automatic remote access.
Who this book is for
Microsoft DirectAccess Best Practices and Troubleshooting is an ideal guide for any existing or future DirectAccess administrator and system administrators who are working on Windows Server 2012. This book will also be beneficial for someone with a basic knowledge of networking and deployment of Microsoft operating systems and software who wants to learn the intricacies of DirectAccess and its interfaces.