What are the direct access server requirements?
Direct access external DNS requirements?
- DirectAccess server, such as directaccess.contoso.com
- Certificate Revocation List (CRL), such as crl.contoso.com
What are the certificate requirements for Direct Access?
• The IP-HTTPS listener on the DirectAccess server requires a website certificate. The IP-HTTPS listener requires a website certificate, and the DirectAccess client must be able to contact the server hosting the CRL for the certificate.
• The DirectAccess server requires a computer certificate to establish the IPsec connections with the DirectAccess clients.
Direct access Internal DNS Requirements
One A record for the NLS server
One A record for the CRL Server
Remove ISATAP from Global Query Block List using dnscmd /config /globalqueryblocklist isatap