E-book details

Microsoft DirectAccess Best Practices and Troubleshooting. Secure and efficient functioning of your DirectAccess environment

Microsoft DirectAccess Best Practices and Troubleshooting. Secure and efficient functioning of your DirectAccess environment

Jordan Krause

Ebook
DirectAccess is an amazing Microsoft technology that is truly the evolution of VPN; any Microsoft-centric shop needs this technology. DirectAccess is an automatic remote access solution that takes care of everything from planning to deployment.

Microsoft DirectAccess Best Practices and Troubleshooting will provide you with the precise steps you need to take for the very best possible implementation of DirectAccess in your network. You will find answers to some of the most frequently asked questions from administrators and explore unique troubleshooting scenarios that you will want to understand in case they happen to you.

Microsoft DirectAccess Best Practices and Troubleshooting outlines best practices for configuring DirectAccess in any network. You will learn how to configure Manage Out capabilities to plan, administer, and deploy DirectAccess client computers from inside the corporate network. You will also learn about a couple of the lesser-known capabilities within a DirectAccess environment and the log information that is available on the client machines.

This book also focuses on some specific cases that portray unique or interesting troubleshooting scenarios that DirectAccess administrators may encounter. By describing the problem, the symptoms, and the fixes to these problems, the reader will be able to gain a deeper understanding of the way DirectAccess works and why these external influences are important to the overall solution.
  • Microsoft DirectAccess Best Practices and Troubleshooting
    • Table of Contents
    • Microsoft DirectAccess Best Practices and Troubleshooting
    • Credits
    • Foreword
    • About the Author
    • About the Reviewers
    • www.PacktPub.com
      • Support files, eBooks, discount offers and more
        • Why Subscribe?
        • Free Access for Packt account holders
        • Instant Updates on New Packt Books
    • Preface
      • DirectAccess rocks
      • So many options
      • Take it from me
      • Which flavor of DirectAccess are you talking about?
      • Lets get rolling
      • What this book covers
      • What you need for this book
      • Who this book is for
      • Conventions
      • Reader feedback
      • Customer support
        • Errata
        • Piracy
        • Questions
    • 1. DirectAccess Server Best Practices
      • Preparing your Remote Access servers for DirectAccess
      • NIC configuration
        • Configuring internal NIC
        • Configuring external NIC
      • NIC binding
      • MAC address spoofing for virtual machines
      • Adding static routes
      • Hostname and domain membership
        • Prestage the computer account
      • Time for certificates
        • Installing the IP-HTTPS SSL certificate
        • Installing the IPsec machine certificate
      • Adding the roles
      • Don't use the Getting Started Wizard!
        • Running the full Remote Access Setup Wizard
        • Reasons not to use the Getting Started Wizard
          • Self-signed certificates
          • Self-hosted NLS
          • Disables Teredo
          • Applies client policy to the domain computers group
          • No advanced choices
      • Security hardening the server
      • Summary
    • 2. DirectAccess Environmental Best Practices
      • To NAT or not to NAT?
        • Three is better than one
        • Efficiency of Teredo over IP-HTTPS
          • 6to4
          • Teredo
          • IP-HTTPS
      • Planning for Certificates (PKI)
        • SSL certificate for NLS
        • SSL certificate for IP-HTTPS
        • Machine certificates for IPsec
          • Requirements for the machine certificate
          • Choosing the CA in the wizards
        • Marking your calendars for certificate expirations
      • Defining your GPOs and security groups
        • Let the wizards take care of it
        • Creating your own GPOs
      • Setting up the Network Location Server (NLS)
      • Do I need IPv6 or ISATAP?
      • Teredo and 6to4 tips and tricks
        • Set Teredo to EnterpriseClient
          • Using Group Policy for this change
        • Disabling the 6to4 adapter on your clients
          • Using Group Policy for this change
      • Summary
    • 3. Configuring Manage Out to DirectAccess Clients
      • Pulls versus pushes
      • What does Manage Out have to do with IPv6?
      • Creating a selective ISATAP environment
        • Creating a security group and DNS record
        • Creating the GPO
        • Configuring the GPO
        • Adding machines to the group
      • Setting up client-side firewall rules
      • RDP to a DirectAccess client
      • No ISATAP with multisite DirectAccess
      • Summary
    • 4. General DirectAccess Troubleshooting
      • Remote Access Management Console
      • Windows Firewall with Advanced Security
      • Reading the client logfiles
      • What happened to Teredo?
      • Clients with native IPv6
      • Summary
    • 5. Unique DirectAccess Troubleshooting Scenarios
      • What happens when NLS is offline?
        • The resolution
      • I enabled NLB and DA broke!
        • The resolution
      • IPv4 applications don't connect over DA
        • App46 by IVO Networks
      • Cannot contact some servers
        • Routing
        • Name resolution
        • Checking DNS for strange AAAA records
        • Does it work over IP-HTTPS and not Teredo?
      • Summary
    • Index
  • Title: Microsoft DirectAccess Best Practices and Troubleshooting. Secure and efficient functioning of your DirectAccess environment
  • Author: Jordan Krause
  • Original title: Microsoft DirectAccess Best Practices and Troubleshooting. Secure and efficient functioning of your DirectAccess environment
  • ISBN: 9781782171072, 9781782171072
  • Date of issue: 2013-10-14
  • Format: Ebook
  • Item ID: e_3ctj
  • Publisher: Packt Publishing