Page | 34
E Series Installation Guide
l
Firewall rules have been configured to allow traffic if the DirectAccess server is on an IPv4 net-
work:
n
Teredo
n
6to4
n
IP-HTTPS
n
If the appliance only has one configured network adapter, TCP port 62000 must be
opened on the appliance.
l
If using a security group to manage access for clients, the group has been created in AD prior to
running the setup up wizard.
l
If customized GPOs will manage settings for clients and servers, they have been created prior to
running the setup wizard.
l
AD will be used for DirectAccess authentication and authorization.
l
DNS needs to resolve to either the public host name of the DirectAccess entry point, or the NAT
device for the DirectAccess server.
Requirement Checklist
The following items will be required to set up Remote Access. Plan ahead so that items are available
when needed to complete configuration.
l
Domain controller – DirectAccess requires Windows Server 2003 or higher.
l
Public address – usually an FQDN that clients will use to connect to the network.
l
DirectAccess clients – must be Windows clients that are domain joined. Supported options:
n
8 Enterprise and higher
n
7 (Ultimate, Enterprise)
Additional Configuration Notes
The notes below discuss options that may apply to some deployments. They exceed the scope of
these instructions, but will be helpful to consider when planning deployment.
l
DirectAccess
n
Network Location Server – the wizard will configure a default NLS on the appliance if an
external server is not designated.
n
Group Policy Objects – the wizard will create the two required GPOs with default settings
unless customized group policies are available to assign.
n
Security group – an AD security group is required to apply customized group polices to
client computers. All remote computers in the domain can use DirectAccess unless an AD
client group is specified to restrict access.