Direct Access questions RRS feed

  • Question

  • Hey

    I have a running 2012 R2 direct access (failover cluster) running.

    I would like to create a side-by-side direct access cluster (on Windows Server 2016)

    (2 network adaptors - DMZ(external) and LAN)

    Question 1:

    Would you set default gateway on DMZ or LAN adaptor? (my existing cluster have default gateway set to DMZ - and added routes)

    Question 2:

    Is it possible to use the same PrefixMapping as the existing cluster? (and howto)? (we have use a connection broker - only support IP redirection - so we have added a static IPv6 to all the RDS servers - - using the workaround Powershell)

    Thanks in advance


    Friday, January 5, 2018 6:48 PM

All replies

  • In a multi-homed (2 NIC) DA or VPN server, the Default Gateway always goes on the "External" NIC (DMZ in your case) - and then you add routes for the internal network, just like you stated.

    The IPv6 prefixes that DA uses are automatically generated and will be different than those of your current DA environment. Even if there was a way to manually adjust them (perhaps via PowerShell) - I doubt it would be supported and would probably cause trouble with your current environment anyway, so I don't recommend it. Easier/cleaner to let DA set itself up with its own prefixes and when you migrate users over to the new DA environment to reconfigure the RDS servers according to the new prefix, I would think.

    Friday, January 12, 2018 2:24 PM