locked
UAG & DA management Question RRS feed

  • Question

  • Hi everyone,

    I just have 2 quick questions:

     

    1-      I just want to know if Direct Access will enable me to access and administer servers remotely?

     

    2-      I know UAG is needed to extend the functionalities of DA to earlier versions of windows server, but is UAG required if all servers are running Win 2008 R2?

     

    Thanks,

     

     

    Monday, June 28, 2010 4:37 PM

Answers

  • Hi Tariq,

    A1: Yes

    A2: If you are running a pure IPv6 environment then native DirectAccess will provide what you need. However, if you are using IPv4 addresses on your servers you will need UAG to perform the IPv6=>IPv4 translation with NAT64.

    Cheers

    JJ


    Jason Jones | Forefront MVP | Silversands Ltd | My Blogs: http://blog.msedge.org.uk and http://blog.msfirewall.org.uk
    • Marked as answer by TariqA Tuesday, June 29, 2010 7:22 AM
    Monday, June 28, 2010 9:36 PM
  • Hi Tariq,

    In addition to what Jason said:

    1. Yes, you will be able to access the network in the same way as if the DA client were directly connected to the intranet.

    2. UAG provides more than just NAT64/DNS64 - UAG DA enables you to configure arrays of up to 8 DA servers, and you can use integrated support for NLB if you don't have a hardware load balancer that supports DirectAccess (not sure if the F5 solution is available yet). In addition, you can put the SSTP VPN server on the DirectAccess array and even put your SSL VPN solution on the UAG DA server array.

    HTH,

    Tom


    MS ISDUA/UAG DA Anywhere Access Team
    • Marked as answer by TariqA Tuesday, June 29, 2010 7:22 AM
    Monday, June 28, 2010 11:37 PM

All replies

  • Hi Tariq,

    A1: Yes

    A2: If you are running a pure IPv6 environment then native DirectAccess will provide what you need. However, if you are using IPv4 addresses on your servers you will need UAG to perform the IPv6=>IPv4 translation with NAT64.

    Cheers

    JJ


    Jason Jones | Forefront MVP | Silversands Ltd | My Blogs: http://blog.msedge.org.uk and http://blog.msfirewall.org.uk
    • Marked as answer by TariqA Tuesday, June 29, 2010 7:22 AM
    Monday, June 28, 2010 9:36 PM
  • Hi Tariq,

    In addition to what Jason said:

    1. Yes, you will be able to access the network in the same way as if the DA client were directly connected to the intranet.

    2. UAG provides more than just NAT64/DNS64 - UAG DA enables you to configure arrays of up to 8 DA servers, and you can use integrated support for NLB if you don't have a hardware load balancer that supports DirectAccess (not sure if the F5 solution is available yet). In addition, you can put the SSTP VPN server on the DirectAccess array and even put your SSL VPN solution on the UAG DA server array.

    HTH,

    Tom


    MS ISDUA/UAG DA Anywhere Access Team
    • Marked as answer by TariqA Tuesday, June 29, 2010 7:22 AM
    Monday, June 28, 2010 11:37 PM