I am currently drawing up a work proposal for a (potential) customer. I think the scenario is fairly simple, but I've not yet found an answer anywhere.
They wish to have a 2 node UAG array with Direct Access and also to publish Exchange Server 2010. Can I support both scenarios on the same 2 boxes?
Also, what about licensing, can I used Windows Server 2008 SE, or must it be EE for high availability? My confusion is that UAG uses it own adaptation of Windows NLB, so I'm not sure if the same rules apply.
Thanks for any help!
Thanks for that. I have one more question. My customer currently has a number of remote sites which have workgroup computers. My challenge is to add them to the domain so they can use Direct Access, and avoid having a VPN connection for each site. My idea, then, would be to activate VPN on the same boxes in the central site, and connect the workgroup computers via VPN temporarily to the central site and add them to the domain so they can thereafter use Direct Access. Can I also enable a VPN connection on the same boxes?
Yes, you can use a UAG portal to publish "Remote Network Access" which is SSTP VPN. You can then connect your Windows 7 clients that are going to be DirectAccess clients to the SSTP VPN, join them to the domain and get their DA settings, and when they disconnect they will then be DA connected.
Appears questions already answered, but thought it looked like good opportunity to shamelessly plug my services..... If you need help with your first couple UAG implementations while you are ramping up and learning the product, please keep MBR Security in mind :)
Mark Resnik (former tech services lead at Whale/Microsoft and specialist on the product since 2002)