Index
A
- AAAA records
- DNS, verifying for / Checking DNS for strange AAAA records
- App46
- about / App46 by IVO Networks
- used, for resolving connection issues of IPv4 application / App46 by IVO Networks
- ARP cache / I enabled NLB and DA broke!
C
- CA / Installing the IPsec machine certificate
- CA server
- about / Planning for Certificates (PKI)
- selecting, in wizard / Choosing the CA in the wizards
- certificate
- planning / Planning for Certificates (PKI)
- expiration / Marking your calendars for certificate expirations
- Certificate Revocation Lists (CRL) / SSL certificate for NLS
- Certutil -store my command / Reading the client logfiles
- commands, log file / Reading the client logfiles
- Common Name (CN) / Requirements for the machine certificate
- computer account
- pre-staging / Prestage the computer account
- configuration, external NIC / Configuring external NIC
- configuration, GPOs / Configuring the GPO
- configuration, internal NIC / Configuring internal NIC
- configuration, NLB
- on DirectAccess server / I enabled NLB and DA broke!
- resolution / The resolution
- Contoso_ISATAP / Creating a security group and DNS record
D
- Dedicated IPs (DIP) / Creating a security group and DNS record
- dedicated IPs (DIPs) / I enabled NLB and DA broke!
- DirectAccess
- Remote Access server, preparing for / Preparing your Remote Access servers for DirectAccess
- deploying, behind NAT / To NAT or not to NAT?
- certificate, planning / Planning for Certificates (PKI)
- IPv4 application, connection issues over / IPv4 applications don't connect over DA
- DirectAccess client
- 6to4 adapter, disabling on / Disabling the 6to4 adapter on your clients
- WFAS, setting / Setting up client-side firewall rules
- RDP connection, establishing to / RDP to a DirectAccess client
- with native IPv6 / Clients with native IPv6
- DirectAccess connection
- about / Three is better than one
- 6to4, used / 6to4
- Teredo, used / Teredo
- IP-HTTPS, used / IP-HTTPS
- DirectAccess Connectivity Assistant (DCA) / Reading the client logfiles
- DirectAccess server
- computer account, pre-staging / Prestage the computer account
- IP-HTTPS SSL certificate, installing / Installing the IP-HTTPS SSL certificate
- IPsec machine certificate, installing / Installing the IPsec machine certificate
- security, hardening / Security hardening the server
- NLB, configuring on / I enabled NLB and DA broke!
- contact issues / Cannot contact some servers
- DirectAccess server, contact issues
- routing / Routing
- name resolution / Name resolution
- DNS, verifying / Checking DNS for strange AAAA records
- Teredo-connected clients / Does it work over IP-HTTPS and not Teredo?
- DNS
- verifying, for AAAA records / Checking DNS for strange AAAA records
- DNS record, ISATAP
- creating / Creating a security group and DNS record
- domain membership
- about / Hostname and domain membership
E
- EnterpriseClient
- Teredo, setting to / Set Teredo to EnterpriseClient
- external NIC
- configuring / Configuring external NIC
G
- <gateway> / Adding static routes
- Getting Started Wizard
- avoiding / Don't use the Getting Started Wizard!
- avoiding, reasons / Reasons not to use the Getting Started Wizard
- self-signed certificate, using / Self-signed certificates
- self-hosted NLS / Self-hosted NLS
- Teredo, disabling / Disables Teredo
- client policy, applying / Applies client policy to the domain computers group
- advanced choice, missing / No advanced choices
- GPOs / Hostname and domain membership
- defining / Defining your GPOs and security groups
- about / Defining your GPOs and security groups
- setting, in wizard / Let the wizards take care of it
- creating / Creating your own GPOs, Creating the GPO
- used, for setting Teredo / Using Group Policy for this change
- used, for disabling 6to4 adapter / Using Group Policy for this change
- configuring / Configuring the GPO
H
- hostname
- setting / Hostname and domain membership
I
- <Interface ID> / Adding static routes
- installation, IP-HTTPS SSL certificate / Installing the IP-HTTPS SSL certificate
- installation, IPsec machine certificate / Installing the IPsec machine certificate
- internal NIC
- configuring / Configuring internal NIC
- IP-HTTPS / To NAT or not to NAT?
- about / IP-HTTPS
- used, for DirectAccess connection / IP-HTTPS
- SSL certificate, planning for / SSL certificate for IP-HTTPS
- IP-HTTPS SSL certificate
- installing / Installing the IP-HTTPS SSL certificate
- Ipconfig /all command / Reading the client logfiles
- IPsec
- machine certificate / Machine certificates for IPsec
- IPsec machine certificate
- installing / Installing the IPsec machine certificate
- IPv4 application
- connection issues, over DirectAccess / IPv4 applications don't connect over DA
- connection issues, resolving by App46 / App46 by IVO Networks
- IPv6
- differentiating, with ISATAP / Do I need IPv6 or ISATAP?
- Manage Out, establishing with / What does Manage Out have to do with IPv6?
- ISATAP
- differentiating, with IPv6 / Do I need IPv6 or ISATAP?
- about / What does Manage Out have to do with IPv6?
- security group, creating / Creating a security group and DNS record
- DNS record, creating / Creating a security group and DNS record
- GPOs, creating / Creating the GPO
- GPOs, configuring / Configuring the GPO
- machines, adding / Adding machines to the group
- connection issues, with multi-site DirectAccess / No ISATAP with multisite DirectAccess
- ISATAP environment
- creating / Creating a selective ISATAP environment
K
- Kerberos Proxy / Machine certificates for IPsec
L
- Load Balanced Cluster / I enabled NLB and DA broke!
- log file
- reading / Reading the client logfiles
- commands / Reading the client logfiles
M
- MAC address
- spoofing, for virtual machine / MAC address spoofing for virtual machines
- machine certificate
- for IPsec / Machine certificates for IPsec
- requisites / Requirements for the machine certificate
- CA server, selecting in wizard / Choosing the CA in the wizards
- Manage Out
- establishing, with IPv6 / What does Manage Out have to do with IPv6?
- multi-site DirectAccess
- ISATAP, connection issues / No ISATAP with multisite DirectAccess
N
- name resolution
- about / Name resolution
- Name Resolution Policy Table (NRPT) / Setting up the Network Location Server (NLS)
- NAT
- DirectAccess, deploying behind / To NAT or not to NAT?
- native IPv6
- being applied, to DirectAccess client / Clients with native IPv6
- Netsh advfirewall monitor show mmsa command / Reading the client logfiles
- Netsh advfirewall show currentprofile command / Reading the client logfiles
- netsh command / Checking DNS for strange AAAA records
- Netsh dnsclient show state command / Reading the client logfiles
- Netsh interface httpstunnel show interface command / Reading the client logfiles
- Netsh interface teredo show state command / Reading the client logfiles
- Netsh namespace show effectivepolicy command / Reading the client logfiles
- Netsh namespace show policy command / Reading the client logfiles
- Network Connectivity Assistant (NCA) / Reading the client logfiles
- Network Connectivity Status Indicator (NCSI) / The resolution
- Network Level Authentication (NLA) / Security hardening the server
- NIC
- about / NIC configuration
- NIC binding
- about / NIC binding
- NIC configuration
- about / NIC configuration
- internal NIC, configuring / Configuring internal NIC
- external NIC, configuring / Configuring external NIC
- NLB
- configuring, on DirectAccess server / I enabled NLB and DA broke!
- NLB, configuring
- resolution / The resolution
- NLS / Self-signed certificates
- about / SSL certificate for NLS, What happens when NLS is offline?
- SSL certificate, planning for / SSL certificate for NLS
- setting up / Setting up the Network Location Server (NLS)
- offline mode / What happens when NLS is offline?
- offline mode, resolution / The resolution
O
- offline mode, NLS / What happens when NLS is offline?
- resolution / The resolution
- Organizational Unit (OU) / Prestage the computer account
P
- -p / Adding static routes
- PowerShell
- launching / What happened to Teredo?
- Public Key Infrastructure (PKI) / Installing the IPsec machine certificate, Planning for Certificates (PKI)
- pulls
- about / Pulls versus pushes
- vs, pushes / Pulls versus pushes
- pushes
- about / Pulls versus pushes
- vs, pulls / Pulls versus pushes
R
- RDP connection
- establishing, to DirectAccess client / RDP to a DirectAccess client
- Receive Side Scaling (RSS) / NIC binding
- Remote Access Management Console
- about / Remote Access Management Console
- Remote Access role
- adding / Adding the roles
- Remote Access server
- Remote Access Setup Wizard
- route command / Adding static routes
- routing
- about / Routing
S
- <subnet> / Adding static routes
- <subnet mask> / Adding static routes
- security
- hardening, for DirectAccess server / Security hardening the server
- security group, ISATAP
- creating / Creating a security group and DNS record
- security groups
- defining / Defining your GPOs and security groups
- self-hosted NLS
- about / Self-hosted NLS
- self-signed certificate
- using / Self-signed certificates
- SSL certificate
- planning, for NLS / SSL certificate for NLS
- planning, for IP-HTTPS / SSL certificate for IP-HTTPS
- static routes
- adding / Adding static routes
- Subject Alternative Name (SAN) / Requirements for the machine certificate
- Systeminfo command / Reading the client logfiles
T
- 6to4 / To NAT or not to NAT?
- about / 6to4
- used, for DirectAccess connection / 6to4
- tips and tricks / Teredo and 6to4 tips and tricks
- 6to4 adapter
- disabling, on DirectAccess client / Disabling the 6to4 adapter on your clients
- disabling, GPOs used / Using Group Policy for this change
- Teredo / To NAT or not to NAT?
- about / Teredo
- used, for DirectAccess connection / Teredo
- tips and tricks / Teredo and 6to4 tips and tricks
- setting, to EnterpriseClient / Set Teredo to EnterpriseClient
- setting, GPOs used / Using Group Policy for this change
- using / What happened to Teredo?
- Teredo-connected clients
- connection issues / Does it work over IP-HTTPS and not Teredo?
U
- Unified Access Gateway (UAG) / To NAT or not to NAT?
V
- Virtual IP (VIP) / Creating a security group and DNS record
- virtual machine
- MAC address, spoofing for / MAC address spoofing for virtual machines
W
- WFAS / Setting up client-side firewall rules
- setting, for DirectAccess client / Setting up client-side firewall rules
- about / Windows Firewall with Advanced Security
- Windows Firewall with Advanced Security / Security hardening the server
- wizard
- GPOs, setting in / Let the wizards take care of it