Export (0) Print
Expand All

Checklist: Preparing Your Infrastructure for DirectAccess

Published: October 7, 2009

Updated: October 7, 2009

Applies To: Windows Server 2008 R2

ImportantImportant
This topic describes deployment of DirectAccess in Windows Server 2008 R2. For deployment of DirectAccess in Microsoft Forefront Unified Access Gateway (UAG), see the Forefront UAG DirectAccess Deployment Guide (http://go.microsoft.com/fwlink/?LinkId=179989).

This checklist includes cross-reference links to help you prepare your network and security infrastructure for a DirectAccess deployment. It also contains links to procedures that will help you complete the tasks that are required to implement this design.

noteNote
Complete the tasks in this checklist in order. When a reference link takes you to a conceptual topic, a procedure, or to another checklist, return to this topic so that you can proceed with the remaining tasks in this checklist.

Checklist Checklist: Preparing your infrastructure for DirectAccess

 

  Task Reference
Checkbox

Review important concepts for DirectAccess.

Conceptual topic Appendix B: Reviewing Key DirectAccess Concepts

Checkbox

Review the client, server, and network infrastructure requirements for DirectAccess.

Conceptual topic Appendix A: DirectAccess Requirements

Checkbox

Create Active Directory security groups for DirectAccess clients (required) and selected servers (optional) and add members.

Checklist topic Create DirectAccess Groups in Active Directory

Checkbox

Configure packet filtering on Internet and intranet firewalls.

Conceptual topic Packet Filters for Your Internet Firewall

Conceptual topic Packet Filters for Your Intranet Firewall

Checkbox

Configure packet filtering for Internet Control Message Protocol for IPv6 (ICMPv6) traffic.

Checklist topic Configure Packet Filters to Allow ICMP Traffic

Checklist topic Configure Settings to Confine ICMPv6 Traffic to the Intranet

Checkbox

Configure packet filtering for remote management computers.

Conceptual topic Design for Remote Management

Checklist topic Configure Packet Filters to Allow Management Traffic to DirectAccess Clients

Checkbox

Compile a list of additional Name Resolution Policy Table (NRPT) namespace or exemption rules.

Conceptual topic Design Your DNS Infrastructure for DirectAccess

Checkbox

Add intranet A records as needed for your network location server and CRL distribution points.

Conceptual topic Design Your DNS Infrastructure for DirectAccess

Checkbox

Add Internet Domain Name System (DNS) Address (A) records as needed for the DirectAccess server as Internet Protocol over Secure Hypertext Transfer Protocol (IP-HTTPS) server and certificate revocation list (CRL) distribution points.

Conceptual topic Design Your DNS Infrastructure for DirectAccess

Checkbox

Configure your DNS servers running Windows Server 2008 R2 or Windows Server 2008 to support resolution of the Intra-Site Automatic Tunnel Addressing Protocol (ISATAP) name.

Checklist topic Remove ISATAP from the DNS Global Query Block List

Checkbox

Configure your public key infrastructure (PKI) for CRL distribution points.

Checklist topic Configure a CRL Distribution Point for Certificates

Checklist topic Configure Active Directory Certificate Services for CRL Locations

Checkbox

Configure autoenrollment of computer certificates.

Checklist topic Configure Computer Certificate Autoenrollment

Checkbox

Modify the permissions on the Web Server certificate template.

Checklist topic Configure Permissions on the Web Server Certificate Template

Checkbox

If needed by your design, configure an Secure Hypertext Transfer Protocol (HTTPS) uniform resource locator (URL) on your separate network location server.

Checklist topic Configure IIS for Network Location

Checkbox

If needed by your design, install a custom SSL certificate on your separate network location server.

Checklist topic Install and Configure IIS for a Network Location Server Certificate

Was this page helpful?
(1500 characters remaining)
Thank you for your feedback

Community Additions

ADD
Show:
© 2014 Microsoft