Skip to main content


DirectAccess enables remote users to securely access shared resources, websites, and applications on an internal network without connecting to a virtual private network (VPN). DirectAccess automatically establishes bi-directional connectivity with an internal network every time a DirectAccess-enabled computer is connected to the Internet. Because DirectAccess is always on, users never have to think about connecting to the remote organizational network, and IT administrators can manage remote computers located outside the organizational network, even when the computers are not connected to the VPN.

In Windows Server 2012 R2 and Windows Server 2012, DirectAccess is a role service of the Remote Access server role. Remote Access combines DirectAccess, Routing and Remote Access Service (RRAS), and Web Application Proxy, and allows for the centralized administration, configuration, and monitoring of DirectAccess, Routing, and VPN-based remote access services. In Windows Server 2012 R2 and Windows Server 2012, DirectAccess can support clients that are running Windows Server 2012 R2, Windows Server 2012, Windows 8 Enterprise, Windows Server 2008 R2, Windows 7 Enterprise, and Windows 7 Ultimate.

In Windows Server 2008 R2, DirectAccess is a server role and requires clients running Windows 7 Enterprise, Windows 7 Ultimate, or Windows Server 2008 R2 as well as at least one DirectAccess server running Windows Server 2008 R2.


Windows Server 2012 R2 and Windows Server 2012 Resources

DirectAccess Overview

Migrate DirectAccess

Manage DirectAccess

Deploy Basic DirectAccess

Deploy Advanced DirectAccess

Deploy DirectAccess in an Enterprise

DirectAccess Test Lab Guides