Step 3: Configure APP3

  • Article

Applies To: Unified Access Gateway

APP3 is a Windows Server 2003 SP2 Enterprise Edition computer that acts as an IPv4-only host, and is used to demonstrate DirectAccess connectivity to IPv4-only resources using the Forefront UAG DNS64 and NAT64 features. APP3 hosts both HTTP and SMB resources that the DirectAccess client computer can access from the simulated Internet. The UAG NAT64/DNS64 feature set enables organizations to deploy DirectAccess without requiring them to upgrade network resources to native IPv6 or even IPv6 capable.

For more information on NAT64/DNS64, see Deep Dive Into DirectAccess – NAT64 and DNS64 in Action.

APP1 configuration consists of the following steps:

  1. A. Install the operating system on APP3 and disable the firewall—The first step is to install Windows Server 2003 Enterprise Edition SP2 on APP3. This is not a requirement. You could use another IPv4-only operating system, such as Windows 2000 Server or even Windows XP. The goal is to provide an IPv4 resource for the DirectAccess clients to connect to from over the Internet.

  2. B. Install Web services on APP3—Install IIS Web services on APP3 so that HTTP connectivity over the DirectAccess connection to an IPv4-only host is demonstrated.

  3. C. Create a shared folder on C:\ on APP3—Create a shared folder on APP3 to connect to an SMB resource on an IPv4-only computer on the DirectAccess connection over the Internet.

A. Install the operating system on APP3 and disable the firewall

The first step is to install Windows Server 2003 Enterprise Edition SP2 on APP3. This is not a requirement. You could use another IPv4-only operating system, such as Windows 2000 Server or even Windows XP. The goal is to provide an IPv4 resource for the DirectAccess clients to connect to from over the Internet.

To install the operating system on APP3 and disable the firewall

  1. Start the installation of Windows Server 2003.

  2. On the Welcome to the Windows Setup Wizard page, click Next.

  3. On the Regional and Language Options page, click Next.

  4. On the Personalize Your Software page, enter your Name and Organization information, and then click Next.

  5. On the Licensing Modes page, select Per server, then select the Number of concurrent connections option, and enter 100. Click Next.

  6. On the Computer Name and Administrator Password page, in the Computer name box, enter APP3. Enter a complex administrator password and confirm it. Click Next.

  7. On the Date and Time Settings page, set the correct date and time, and click Next.

  8. On the Networking Settings page, select Custom Settings and click Next.

  9. On the Networking Components page, select Internet Protocol (TCP/IP) and click Properties.

  10. On the Internet Protocol (TCP/IP) Properties page, select the Use the following IP address option. In the IP address box, enter 10.0.0.4. In the Subnet Mask box, enter 255.255.255.0. Select the Use the following DNS server addresses option. In the Preferred DNS server text box, enter 10.0.0.1.

  11. In the Internet Protocol (TCP/IP) Properties dialog box, click the Advanced button.

  12. In the Advanced TCP/IP Settings dialog box, click the DNS tab.

  13. On the DNS tab, in the DNS Suffix for this connection box, enter corp.contoso.com. Click OK. In the Internet Protocol (TCP/IP) Properties dialog box, click OK. On the Networking Components page, click Next.

  14. On the Workgroup or Computer Domain page, select the Yes make this computer a member of the following domain option. In the box under that option, enter CORP.

  15. In the Join Computer to CORP Domain dialog box, in the User name box, enter CORP\User1, and in the Password box, enter User1’s password. Click OK.

  16. Log on as CORP\User1.

  17. Click Start, point to Control Panel, and point to Network Connections. Right-click Local Area Connection, and then click Properties.

  18. In the Local Area Connection Properties dialog box, click the Advanced tab.

  19. On the Advanced tab, click the Settings button.

  20. In the Windows Firewall dialog box, on the General tab, select the Off option.

    Note

    The Windows Firewall is turned off as a convenience for this lab so that we can ping APP3. In a production environment, you should enable ping selectively through the Windows Firewall.

Note

If you install Windows Server 2003 RTM, there is no Windows Firewall and you will not need to disable the firewall.

B. Install Web services on APP3

Install IIS Web services on APP3 so that HTTP connectivity can be demonstrated over the DirectAccess connection.

To install web services on APP3

  1. On APP3, click Start and point to Control Panel. Click Add or Remove Programs.

  2. In the Add or Remove Programs window, click the Add/Remove Windows Components button.

  3. On the Windows Components page, click Application Server, and then click Details.

  4. In the Application Server dialog box, select the Internet Information Services (IIS) check box. Click OK.

  5. On the Windows Components page, click Next.

  6. On the Completing the Windows Components Wizard page, click Finish.

  7. Close the Add or Remove Programs window.

  8. Click the Internet Explorer icon in the Quick Start bar.

  9. In the dialog box that informs you that Internet Explorer Enhanced Security Configuration is enabled, select the In the future, do not show this message check box, and then click OK.

  10. In the Internet Explorer address bar, enter https://localhost and press ENTER.

  11. The IIS Under Construction page should be displayed, indicating that the default IIS Web site is available and running.

C. Create a shared folder on C:\ on APP3

Create a shared folder on APP3 to demonstrate the ability to connect to an SMB resource on an IPv4-only computer on the DirectAccess connection over the Internet.

To create a shared folder on C:\ on APP3

  1. On APP3, click Start and click Windows Explorer.

  2. In the left pane of the Windows Explorer window, expand My Computer and click Local Disk (C:)

  3. Click the File menu, point to New and click Folder.

  4. Rename New Folder to Files.

  5. Right click the Files folder and click Sharing and Security.

  6. In the Files Properties dialog box, on the Sharing tab, select the Share this folder option. Accept the default share name, which is Files. Click OK.

  7. Double-click the Files folder.

  8. Click the File menu, point to New, and click New Text Document.

  9. Double-click the New Text Document.txt file.

  10. In the New Text Document.txt – Notepad window, enter This is a new text document.

  11. Close the Notepad window. In the Notepad dialog box, click Yes to save the changes.

Next Steps

Step 4: Configure UAG1