Side-by-Side Migration of Forefront UAG DirectAccess

Ā 

Applies To: Windows Server 2012 R2, Windows Server 2012

This topic describes how to perform a side-by-side migration of Forefront UAG DirectAccess to DirectAccess in Windows ServerĀ® 2012. A side-by-side migration keeps the Forefront UAG DirectAccess server running while you deploy Windows Server 2012 DirectAccess. After the deployment is complete, DirectAccess clients access internal resources via the Windows Server 2012 Remote Access server, and the Forefront UAG server is removed from service.

The side-by-side migration consists of the following steps:

  • Step 1: Forefront UAG DirectAccess configuration settings are exported. If Forefront UAG is deployed in an array, this should be performed on the array manager server.

  • Step 2: Note the names of Group Policy Objects (GPOs) used for Forefront UAG DirectAccess, including the server GPO, client GPOs, and application server GPOs if relevant.

  • Step 3: Set up the Windows Server 2012 computer as a Remote Access server, by installing the Remote Access role.<Step name>

  • Step 4: Configure infrastructure settings for the Remote Access server, including IP addresses, DNS settings, certificates, client security groups, and GPOs.

For a complete walkthrough, see Side-by-Side Migration Steps.

The following graphic illustrates the side-by-side migration process.