O'Reilly logo

Microsoft DirectAccess Best Practices and Troubleshooting by Jordan Krause

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Setting up client-side firewall rules

Your internal ISATAP machine now has the ability to route packets out to the DirectAccess client computers through the ISATAP tunnel, but why on earth would the Windows Firewall that is running on those DirectAccess clients allow ICMP, RDP, SMB, or any traffic from this weird, IPv6-based ISATAP client that is all of a sudden trying to hit it? Our next and final step is to configure Windows Firewall with Advanced Security (WFAS) rules on the DirectAccess client computers so that they allow these communications from the internal ISATAP machines, instead of dropping those packets, like they do by default. I said it once, and I'll say it again, Group Policy is awesome, so let's use another GPO to define these ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required