So.... I'm a consultant. I also assisted in the development of the original courseware for Direct Access for Windows 7. I've also deployed it for a number of clients. My perspective is tinged from those things.
DA _is_ a traditional VPN. It simply is an "automatically on" VPN (IPSec/L2TP). Your performance will be the same as any other VPN of that type. Using DA is completely seamless to the end-user (for exported resources). Configuring DA for Win7 on Server 2008R2 is quite doable. But very very persnickety. Both for the client and the server gateway. Debug information, in case you run into a problem, is pretty minimal. Using DA on Windows 8 (and above) is trivial. Configuring DA on Server 2012 and above is very easy. Debug information is quite helpful and seriously improved. While I would be happy for you to hire me, if you follow the documentation, you shouldn't have any problems with Win8.1 and above; and Server 2012R2 and above. From: [email protected] [mailto:[email protected]] On Behalf Of Melvin Backus Sent: Tuesday, March 15, 2016 8:11 AM To: [email protected] Subject: RE: [NTSysADM] DirectAccess I'm very interested in responses to this as well. I'm considering a project to implement this. I have a few additional questions if I may. Are your client machines running Win7 or Win8.x? If you are only running 8.x, did you have / create a CA in place or use the Kerberos proxy functionality? For any of you who looked at this and decided not to do it and went another way, why and what solution did you pick instead? -- There are 10 kinds of people in the world... those who understand binary and those who don't. From: [email protected]<mailto:[email protected]> [mailto:[email protected]] On Behalf Of Kish n Kepi Sent: Tuesday, March 15, 2016 7:31 AM To: [email protected]<mailto:[email protected]> Subject: [NTSysADM] DirectAccess I would like to hear from people who have implemented DirectAccess on Windows Server 2012 R2. 1. Did you do it yourself or hire a consultant 2. Was it difficult, or time-consuming to deploy the solution 3. To how many computers did you deploy 4. Does it work seamlessly as advertised 5. Is throughput same, faster or slower than conventional VPN? Any other questions I'm not knowledgeable enough to ask? Kish
