The Implementing DirectAccess module provides you with the instruction and server hardware to develop your hands-on skills in the defined topics. This module includes the following exercises:

  • Prepare Domain Controller System Requirements
  • Prepare the DirectAccess Server Prerequisites
  • Configure the Network Location Server and IIS
  • Prepare the DirectAccess Client
  • Configure the DirectAccess Server
  • Verify DirectAccess Client Connectivity

Lab time: It will take approximately 1 hour and 45 minutes to complete this lab.

Exam Objectives

The following exam objectives are covered in this lab:

  • Install and configure DirectAccess
  • Implement DirectAccess server requirements
  • Implement client configuration

Exercise 1 - Prepare Domain Controller System Requirements

DirectAccess is a feature in Windows Server 2008 R2 and later versions that gives corporate remote users the capability to securely connect to the shared folders, websites, and applications in the intranet without having to dial in to a virtual private network (VPN) server.

In this exercise, you will configure system requirements to enable the successful implementation of DirectAccess.

DirectAccess requires a domain controller that will authenticate dial-in users who connect to the domain network and access internal resources, like shared folders and applications. In this exercise, to install the prerequisites for DirectAccess, you will: enable DHCP service; create a DNS Resource Record; install Active Directory Certificate Services; create a DirectAccess security group for client workstations; set up certificate templates for multiple names; enable firewall rules for a successful ICMPv6 echo request; remove ISATAP; and enable a certificate revocation list for the certificate authority server.

Exercise 2 - Prepare the DirectAccess Server Prerequisites

In this exercise, you will setup the prerequisites on the DirectAccess server to prepare it for configuration. You will configure two network interfaces, one of which is using a public IP address to create the scenario of the “internet” in the lab environment. The other network interface will be configured with an internal IP address that is connected to the internal corporate network.

Exercise 3 - Configure the Network Location Server and IIS

In this task, you will prepare the intranet server, called PLABDM01, which will function as the application server running IIS and as the network location server for DirectAccess clients.

The Network Location Service (NLS) is an integral component of DirectAccess. Its purpose is to enable DirectAccess clients to detect whether it is located in the corporate network. When a DirectAccess client is in the corporate network, DirectAccess is not used to connect to internal resources, because the client is connected directly to the server that is hosting the shared folder.

Exercise 4 - Prepare the DirectAccess Client

After setting up the numerous system prerequisites on the DirectAccess server, the Network Location Server, and the shared folders on the internal server, you will now prepare the requirements for the DirectAccess client.

Exercise 5 - Configure the DirectAccess Server

Installing and configuring the DirectAccess Server is a straightforward process with the DirectAccess Wizard, which will guide you through the process of setting up the network service. The wizard assumes that you have preconfigured the necessary requirements to ensure the successful implementation of the service.

Exercise 6 - Verify DirectAccess Client Connectivity

After configuring PLABWIN811 to use two network interfaces, corpnet and Internet, you will now test the computer’s connectivity to internal resources with the Internet network connection disabled while corpnet is enabled.

In the latter part of this exercise, you will disable corpnet and enable Internet to again test PLABWIN811’s connectivity to internal resources.

Comprehensive Learning

See the full benefits of our immersive learning experience with interactive courses and guided career paths.