Overview of the test lab scenario

  • Article

Applies To: Unified Access Gateway

In this test lab scenario, Forefront UAG DirectAccess is deployed with:

  • One computer running Windows Server 2008 R2 Enterprise Edition (DC1), that is configured as an intranet domain controller, Domain Name System (DNS) server, Dynamic Host Configuration Protocol (DHCP) server, and an enterprise root certification authority (CA).

  • One intranet member server running Windows Server 2008 R2 (UAG1), that is configured as the first Forefront UAG DirectAccess server in a Forefront UAG DirectAccess server array.

  • One intranet member server running Windows Server 2008 R2 (UAG2), that is configured as the second Forefront UAG DirectAccess server in a Forefront UAG DirectAccess server array.

  • One intranet member server running Windows Server 2008 R2 (APP1), that is configured as a general application server and network location server. This server is used to complete a Forefront UAG DirectAccess server array, and highlights centralized configuration and Network Load Balancing (NLB) high availability.

  • One intranet member server running Windows Server 2003 SP2 (APP3), that is configured as a IPv4-only Web and file server. This server is used to highlight the NAT64/DNS64 capabilities.

  • One standalone server running Windows Server 2008 R2 (INET1), that is configured as an Internet DNS and DHCP server.

  • One standalone client computer running Windows 7 (NAT1), that is configured as a network address translator (NAT) device that uses Internet Connection Sharing.

  • One roaming member client computer running Windows 7 Enterprise or Ultimate (CLIENT1), that is configured as a DirectAccess client.

The test lab consists of three subnets that simulate the following:

  • A home network named Homenet (192.168.137.0/24) connected to the Internet by a NAT.

  • The Internet (131.107.0.0/24).

  • An intranet named Corpnet (10.0.0.0/24) that is separated from the Internet by the Forefront UAG DirectAccess server.

Computers on each subnet connect by using either a physical or virtual hub or switch, as shown in the following figure.

Test Lab Scenario

CLIENT1 initially connects to the Corpnet subnet and joins the intranet domain. After DA1 is configured as a Forefront UAG DirectAccess server, and CLIENT1 is updated with the associated Group Policy settings, CLIENT1 later connects to the Internet subnet and the Homenet subnet, and tests DirectAccess connectivity to intranet resources on the Corpnet subnet.