Single Forefront UAG DirectAccess server infrastructure design
Published: January 11, 2010
Updated: February 1, 2010
Applies To: Unified Access Gateway
Forefront Unified Access Gateway (UAG) DirectAccess extends the benefits of Windows DirectAccess across your infrastructure, enhancing scalability, and simplifying deployments and ongoing management. Forefront UAG DirectAccess gives remote users the experience of being seamlessly connected to your internal network any time you have Internet access. Following the installation of Forefront UAG, you can configure a Forefront UAG server to act as a Forefront UAG DirectAccess server.
The infrastructure design requirements for deploying Forefront UAG DirectAccess include the following:
A domain controller running Windows Server 2003 or Windows Server 2008.
A DNS server running Windows Server 2008 is recommended.
A certificate infrastructure.
Requirements for DirectAccess client deployment.
Active Directory group requirements.
Network and routing requirements, including IPv4 and IPv6 considerations.
Protocol and port configuration for firewalls located in front of DirectAccess servers.
For a detailed list of infrastructure requirements for deploying Forefront UAG DirectAccess, see Forefront UAG DirectAccess prerequisites.
For a detailed list of infrastructure requirements for deploying Forefront UAG DirectAccess SP1, see Forefront UAG DirectAccess prerequisites for SP1.