locked
Direct Access and Routing,., RRS feed

  • Question

  • I'm trying to setup a combination NAT and Direct Access on a two nic server, one nic connected to an external network and the other to an internal network.  I have an experimental setup of a 2012 R2 AD Server and a 2012 R2 routing/direct access server. When I configure the NAT server alone, it works and packets are translated/routed from the AD server to the outer network. Once I configure remote access it stops working. Unconfigure remote access, it works again.

    Can anyone tell me what I'm doing wrong? How can I get NAT and Remote Access working at the same time?

    Sunday, October 26, 2014 11:16 PM

All replies

  • Are you implementing NAT (with RRAS) and DirectAccess on the same server?

    If so, that is not the right setup. You don't need NAT on the same server. An optimal DirectAccess Servers has no NAT at all. But if you do need to use NAT, the NAT device should be put in front of the DirectAccess Server. It is common to have a front-end firewall in front of a DirectAccess Server, where the front-end firewall provides the NAT capability.


    Boudewijn Plomp | BPMi Infrastructure & Security

    Please remember, if you see a post that helped you please click "Vote as Helpful", and if it answered your question, please click "Mark as Answer".

    Wednesday, October 29, 2014 12:29 PM
  • Boudewijn, thanks for your reply. I am running a very small network and would rather not have an extra piece of hardware if I can avoid it. I would prefer to run (RRAS) NAT and Direct Access on the same hardware if that is possible. But so far when I configure Direct Access the RRAS NAT stops working.
    Friday, October 31, 2014 1:54 PM