I'm trying to set up DirectAccess in the R2 beta, but it requires one physical NIC beclassified as a 'Domain network' and one NICnot classified as a 'Domain network'. How do you manually set the network profile? No matter what I do to the NIC settings, Windows keeps automatically classifying both of my NICs as being in 'Domain network'

What is the second NIC connected to? What is its default gateway?Bill

Both NICs are connected to a switch. I tried setting the default gateway on both NICs to our default gateway for the subnet. I also tried giving one NIC a default gateway and no default gateway on the second NIC. same result

You will need to connect the second NIC to a different network with a different default gateway. The whole point of DirectAccess is to connect to a remote network.Bill

Lets say I just have one network which is accessible from the outside and obviously the inside. I have a domain joined laptop which I take home from work. Isn't the point ofDirectAccess for me to be able to connect to myDirectAccess server over the internet and have access to my internal resources, using DirectAccess as a gateway (much like a Terminal Services Gateway)? In this case I don't understand why I would needtwo networks. The only network I have is able to access the domain controllers (which I believe will makeWindows always classify the network as a'Domain Network') and it is accessible from the outside.

OK. You take your laptop home. How are you going toconnect to a network? Do you plug into a home network or do you connect directly yo the Inernet? With existing technology you need to use Terminal Services or VPN to create a secure connection through the Internet. Directaccess will do that for you using IPv6. But there still must be an Internet connection through the public network between your home and the corporate public router/firewall. Bill

Yes I would connect to the internet using my home ISP to the corporate public router. My problem is, Windows is automatically classifing my NIC on the server as a 'Domain network'. I don't want it to do that. There must be a way to manually change that.

That will always happen if you are trying to run this on your corporate LAN. The only public network will be beyond the corporate router/firewall. What instructions are you using to configure this? I suspect you are using instructions designed for a server directly connected to a public network.Bill

I am using the doc found here: http://www.microsoft.com/downloads/details.aspx?FamilyID=64966e88-1377-4d1a-be86-ab77014495f4&DisplayLang=en Although it doesn't get into the details of setting it up. I was unable to find anything else. I now have the server configured like this: 1 NIC on our private subnet. There is no access to this subnet from outside the firewall 1 NIC on our public subnet. This ip is accessible from outside of the firewall. It is a public network. I can ping it from my house or anywhere else. I can remote in to this server from anywhere. During the DirectAccess setup you must choose 'Interface connected to the internet' and 'Interface connected to the enterprise network' I choose the first NIC for the enterprise network and that is fine. I choose the second NIC for the interface connected to the internet and i get error 'The interface connected to the Internet must not be classified as a Domain Network' As you can see here: http://iepbng.bay.livefilestore.com/y1pmzUln_si5rl9i7AKiBjKXZGYQJJVR3R0Cz3ltHyxryacTTKOAztBD2V5dwThL6dR_3ZxhpbcrtlMabYOAomSlQ/screen.jpg Windows keeps automatically classifying both NIC's a 'Domain Networks' This is because Windows will ping a domain controller during the 'identifying' stage which happens when a NIC is enabled or plugged in. If the NIC can ping a DC, Windows classifies it as a 'Domain Network'. This IP is 100% accessible from the outside. It is absolutely on a public network and yet it is classified as a 'domain network' because it can ping a DC. There must be a way to manually set the network location as something other than 'domain network'

I was able to get around this issue by creating a deny rule in the windows firewall to restrict the public NIC from contacting the IPs of my DCs. A crude workaround but at least windows classifies my NIC as being on the 'Public network' now. Still... there must be a better way of doing this

Could you please explain step by step how you configured your firewall?