Test Lab Guide: Demonstrate DirectAccess with Network Access Protection

Applies To: Windows Server 2012, Windows Server 2012 R2 Preview

[Content in this topic that applies specifically to Windows Server 2012 R2 Preview is preliminary and subject to change in future releases.]

Remote Access is a server role in the Windows Server® 2012 operating system that enables remote users to securely access internal network resources using DirectAccess or RRAS VPN. This guide contains step-by-step instructions for extending the Test Lab Guide: Demonstrate DirectAccess Single Server Setup with Mixed IPv4 and IPv6 to demonstrate Remote Access with Network Access Protection.

Network Access Protection (NAP) is a feature in Windows Server 2012 that controls access to network resources based on a client computer’s identity and compliance with corporate governance policy. NAP allows you to define levels of network access based on who a client is, the groups to which the client belongs, and the degree to which that client is compliant with corporate governance policy. If a client is not compliant, NAP provides a mechanism to automatically bring the client back into compliance and then dynamically increase its level of network access.

About this guide

This guide contains instructions for configuring and demonstrating Remote Access using five servers and one client computer. The completed Remote Access with NAP test lab simulates an intranet and the Internet, and demonstrates NAP on client computers.


This lab is a proof of concept using the minimum number of computers. The configuration detailed in this guide is for test lab purposes only, and is not to be used in a production environment.