I've recently setup DirectAccess for a primary school for students that take their netbooks home. At this stage, they are on a force tunnel setup and we are using it to push students through the schools filtered ISP connection. We have the SMB port blocked
at the DA server so that students can't browse the network from home.
At the moment, our test group of users (approx. 5) is working well, with 1 exception. The students are used to putting their netbooks to sleep when they leave school, and turning them back on when they get home. Sometimes the connection doesn't
get established and they are left with a 'Proxy not responding' error when trying to browse. The connection status shows they are connected, and on the DA server it all looks o.k. I've also noticed that it could take around 30 seconds to a minute
to make the connection.
At this stage, students are being advised to restart their machine if they have connection issues, but it seems ridiculous to have to do this all the time. We are projecting in the coming weeks that we will have around 400 netbooks using this method when it becomes adoptive.
Our current setup is through a DMZ (TMG 2010) that pushes traffic to the DA server (NLS and DA on the same virtual machine) within our network. We are running DA on a 2012R2 server. The virtual machine has 2 CPU's assigned and approx. 6GB if RAM, but it doesn't look to be under any load. Our same TMG DMZ server also pushes a VPN to staff through to a NPS server internally. Their connection takes around 3-5 seconds to be established, although they have to manually double click an icon that points to their rasphone.pbk file.
Can anyone suggest anything to improve the connection speed and reliability of the DA service?