Specifying the network location server
Updated: February 1, 2011
Applies To: Unified Access Gateway
This topic describes how to configure a network location server to work with Forefront UAG DirectAccess. A network location server installed on the internal network is used to determine whether a DirectAccess client is connected to the internal network. When a DirectAccess client connects to a network, it attempts to access the specified HTTPS based URL on a network location server. If the connection to the HTTPS based URL is successful, the DirectAccess client determines that it is on the internal network, and DirectAccess functionality is not used. If the network location server is unavailable, and the DirectAccess client is connected to the internal network, DirectAccess functionality is enabled for the client. This impairs the client's ability to reach internal network resources.
Note
- The network location server is a critical element of the DirectAccess infrastructure. It is therefore recommended that the network location server function is installed on a server with high availability.
- The network location server must not be accessible to DirectAccess clients when they are connecting from the Internet.
Warning
You must not configure your Forefront UAG DirectAccess server as the network location server.
To specify the network location server
From the Forefront UAG DirectAccess Configuration Wizard, in the Infrastructure Servers box, click Configure.
Enter the HTTPS URL, click Validate, and then click Next.
Note
The HTTPS URL should be entered as an FQDN.
For instructions on configuring the next step of the Forefront UAG DirectAccess Configuration Wizard, see Identifying DNS servers.