locked
SSL VPN with DirectAccess same array RRS feed

  • Question

  • Hello,

    I am just wondering why technically or politically, a Forefront UAG array cannot host both an SSL VPN and DirectAccess solution? Our organization is looking at DirectAccess as a road map, but now it seems that we have to deploy a second array for the DirectAccess functionality, will MS address this in the future?

    Thanks,

    Brent.

    Friday, April 30, 2010 1:58 PM

Answers

  • DirectAccess and SSTP is supported, along with standard portal access.

    The key limitaton is combining DirectAccess with the SSL Network Tunneling (Network Connector) component.

    Cheers

    JJ


    Jason Jones | Forefront MVP | Silversands Ltd | My Blogs: http://blog.msedge.org.uk and http://blog.msfirewall.org.uk
    • Marked as answer by Erez Benari Tuesday, May 4, 2010 12:13 AM
    Friday, April 30, 2010 2:48 PM
  • Hi Brent,

    Like Jason said - all roles are supported on the same server. Your might have read the older support statement which said that only DA+SSTP is supported on the same box. The current support statement says that you can put all the UAG server roles on the same box. Not that we have good documentation on how to make that work right now :), but it can be done.

    Also - the exception is the one that Jason pointed out - you can't put DA and the Network Connector on the same box.

    HTH,

    Tom


    MS ISDUA/UAG DA Anywhere Access Team
    • Marked as answer by Erez Benari Tuesday, May 4, 2010 12:13 AM
    Monday, May 3, 2010 2:38 PM

All replies

  • DirectAccess and SSTP is supported, along with standard portal access.

    The key limitaton is combining DirectAccess with the SSL Network Tunneling (Network Connector) component.

    Cheers

    JJ


    Jason Jones | Forefront MVP | Silversands Ltd | My Blogs: http://blog.msedge.org.uk and http://blog.msfirewall.org.uk
    • Marked as answer by Erez Benari Tuesday, May 4, 2010 12:13 AM
    Friday, April 30, 2010 2:48 PM
  • Hi Brent,

    Like Jason said - all roles are supported on the same server. Your might have read the older support statement which said that only DA+SSTP is supported on the same box. The current support statement says that you can put all the UAG server roles on the same box. Not that we have good documentation on how to make that work right now :), but it can be done.

    Also - the exception is the one that Jason pointed out - you can't put DA and the Network Connector on the same box.

    HTH,

    Tom


    MS ISDUA/UAG DA Anywhere Access Team
    • Marked as answer by Erez Benari Tuesday, May 4, 2010 12:13 AM
    Monday, May 3, 2010 2:38 PM