direct access force tunneling for some clients RRS feed

  • Question

  • I want to set up some clients using Direct Access 2012 to use forced tunneling, but I do not want to change the Direct Access configuration which would set it up for all clients. Could I make a copy of the Direct Access Clients settings GPO and modify it for a group of computers? What settings would I change? All the clients are using HTTPS tunneling to access the Direct Access server, which is running with two adapters behind an edge device.
    Wednesday, April 27, 2016 5:59 PM


  • Hi,

    If you compare a split-tunneling iwth a force tunneling configuration you will notice two changes :

    -First a wildcard entry for the DNS namespaces

    -Templates\Network\Network connections\Route all trafic throught the internal network

    Your approach is good with two GPO. Just be sure a single computer does not get both.

    BenoitS - Simple by Design

    Wednesday, April 27, 2016 7:09 PM