Shulou(Shulou.com)06/02 Report--

DirectAccess

Client

Windows 7,8,8.1,10 must be Enterprise Edition

Must be a domain environment

Communications: IPv6 environment

Exchanger

Routing Devic

DA service composition

AD domain environment

GPO Group Policy

PKI certificate

Name policy resolution table

DNS

Characteristics of DA

Client: the client does not need to manually configure any network connection, and can automatically switch between different networks, regardless of any network public network environment, can directly access the company's internal resources

Management: externally oriented client management

Waiting for external clients to access the internal network

Wait for external clients to connect through other ways such as *.

DA can help managers directly manage whether the client is on the internal network or not: GPO push, remote management

IPv4-IPv6 conversion protocol

ISATAP

6to4

Teredo

IP-Https

Deployment attention

You need to create a group of clients dedicated to the DA feature, and add clients that need to use the DA feature to the group

DirectAccess&Web App Proxy and others will conflict with the current routing and remote access service, and the service must be stopped & disabled

Virtual private network

A virtual tunnel through a public network

× × ×

When accessing resources & cross-network access-authentication

During data transfer (across the network)-data encryption

Authentication protocol

Microsoft

MS-chap-v2- is based on password

EAP- is certificate-based

Data encryption protocol

PPTP- plaintext transmission

L2TP-IPsec × ×

Shared secret key

Certificat

IKEv2- × × reconnect (the client automatically maintains the current × × connection when switching the network)

Secure transmission of SSTP- single port (443)

Authentication mode

× × support

* * Server workgroup status-Local user

* server domain environment-domain user

× × × + NPS

NPS Network Authentication (RADIUS Server)

* × server (RADIUS client)

Client × × broadcast

CMAK toolkit-configuration files for centralized configuration of client × × broadcast

Group Policy-batch deployment of client × × configuration

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.