Direct Access outbound security? Default Gateway?
For the sake of discussion, I have 3 devices between my inside and outside networks. IPV4: Firewall (default gateway) Proxy (set via WPAD) New Direct Access box. I have noticed that computers insite the building now have our Direct Access server as their default gateway for IPV6. Is this required inside the building? How do I control inside to outside access for IPV6 to prevent anything except servers replying to Direct Access client that are outside? Please advise, thanks.
June 27th, 2011 6:12pm

Hi, Thanks for posting in Microsoft TechNet forums. Connectivity to the IPv6 Internet or native IPv6 support on your intranet are not required. DirectAccess uses and automatically configures IPv6 transition technologies to tunnel IPv6 traffic across the IPv4 Internet (6to4, Teredo, IP-HTTPS) and across your IPv4-only intranet (ISATAP). Here's a good article on that topic http://technet.microsoft.com/en-us/magazine/cc194397.aspx "A common misperception about Internet Protocol version 6 (IPv6) is that in order to use it, you must deploy native IPv6 addressing and routing, which requires a detailed analysis of IPv6 addressing schemes, router updates and configuration, and a rollout schedule. Although this should eventually be done for native IPv6 connectivity, you can easily deploy tunneled IPv6 connectivity using the Intra-Site Automatic Tunnel Addressing Protocol (ISATAP). With tunneled IPv6 connectivity, hosts that support ISATAP can communicate using IPv6 traffic that is encapsulated with an IPv4 header (the IPv4 Protocol field is set to 41). ISATAP traffic can traverse an IPv4-only intranet, so you can begin testing IPv6-capable applications immediately, without having to wait for a native IPv6 infrastructure." Please remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
Free Windows Admin Tool Kit Click here and download it now
June 28th, 2011 1:45pm

Hi, As this thread has been quiet for a while, we assume that the issue has been resolved. At this time, we will mark it as ‘Answered’ as the previous steps should be helpful for many similar scenarios. If the issue still persists, please feel free to reply this post directly so we will be notified to follow it up. You can also choose to unmark the answer as you wish. BTW, we’d love to hear your feedback about the solution. By sharing your experience you can help other community members facing similar problems. Thanks for your understanding and efforts. Best Regards Magon Liu TechNet Subscriber Support in forum. If you have any feedback on our support, please contact tnmff@microsoft.com Please remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
July 1st, 2011 6:54am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics