LAN side firewall settings for Direct Access (Windows Server 2012 R2) in DMZ?

I am currently planning to set up our first Direct Access server (Windows Server 2012 R2). I will be in our firewall DMZ and we will be using the IP-HTTPS listener.

For the Internet facing rule only TCP 443 inbound/outbound is sufficient but for the LAN facing rules (not talking about the Windows server firewall) what would be the recommended firewall rules for a Direct Access server? Is there a best practice guideline to follow for this? Appreciate any advice or comments. Thank you.



February 17th, 2015 2:59pm

Hi,

DirectAccess Gateway is a member server of your AD domain. Windows Firewall profile must be domain profile.

Free Windows Admin Tool Kit Click here and download it now
February 17th, 2015 4:51pm

The DirectAccess Server must be able to talk to all Domain controllers. So the usual ports required.

Then any applications you want to use via DA you will need to open the ports.

Sometimes its easier to allow IP of DA server to IP of Application server?

February 18th, 2015 5:07am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics