Checklist: Implementing a DirectAccess Design for Full Intranet Access

Updated: October 7, 2009

Applies To: Windows Server 2008 R2

Important

This topic describes deployment of DirectAccess in Windows Server 2008 R2. For deployment of DirectAccess in Microsoft Forefront Unified Access Gateway (UAG), see the Forefront UAG DirectAccess Deployment Guide (https://go.microsoft.com/fwlink/?LinkId=179989).

This checklist includes cross-reference links to important concepts about deploying DirectAccess in the full intranet access model. It also contains links to procedures and other checklists that will help you complete the tasks that are required to implement this design.

Note

Complete the tasks in this checklist in order. When a reference link takes you to a conceptual topic, a procedure, or to another checklist, return to this topic so that you can proceed with the remaining tasks in this checklist.

Checklist: Implementing a DirectAccess design for full intranet access

	Task	Reference
	Review important concepts and the example for the DirectAccess full intranet access model.	Full Intranet Access Full Intranet Access Example
	(Optional, but recommended) Demonstrate full intranet access in a test lab.	DirectAccess test lab (https://go.microsoft.com/fwlink/?Linkid=150613)
	Configure the required infrastructure for DirectAccess.	Checklist: Preparing Your Infrastructure for DirectAccess
	Prepare the DirectAccess server computer for the DirectAccess Setup Wizard.	Checklist: Preparing Your DirectAccess Server
	Install the DirectAccess feature on the DirectAccess server.	Install the DirectAccess Feature
	Configure the DirectAccess server for the full intranet access method with the DirectAccess Setup Wizard.	Configure the DirectAccess Setup Wizard for Full Intranet Access
	Configure the Corporate Website Probe URL and Corporate Site Prefix List Group Policy settings.	Design Your Intranet for Corporate Connectivity Detection Configure Corporate Connectivity Detection Settings
	If needed by your design plan, deploy and configure IPv6/IPv4 translator and IPv6/IPv4 DNS gateway devices.	Choose Solutions for IPv4-only Intranet Resources See the IPv6/IPv4 translator and IPv6/IPv4 DNS gateway device documentation. Configure the NRPT for an IPv6/IPv4 DNS Gateway
	If needed by your design plan, configure force tunneling.	Configure Force Tunneling for DirectAccess Clients
	If needed by your design plan, configure a connection or routing to the Internet Protocol version 6 (IPv6) Internet.	Connect to the IPv6 Internet
	If needed by your design plan, configure client authentication and certificate mapping for Internet Protocol over Secure Hypertext Transfer Protocol (IP-HTTPS) connections.	Configure Client Authentication and Certificate Mapping for IP-HTTPS Connections
	If needed by your design plan, configure connection security rules to protect traffic sent between DirectAccess clients.	Configure Connection Security Rules for Traffic Between DirectAccess Clients