As we all know the network location server is an important part of any Direct Access deployment to ensure that DA clients can know whether they are connected directly to the internal LAN or connecting from external via DA.

I have seen discussion about deploying the network location server (simple blank IIS/Apache web site) in an NLB  configuration but is there any way to have multiple network location servers for high availability reasons? During the DA configuration process you can only input a single dns record for the NLS so it does not appear possible. Has anyone found a way to do this?

Hi,

Yes it's a good practice to have NLB in high-availability. So a single FQDN with NLB or HLB as high-availability solution. Major problem is when DirectAccess clients connected on LAN cannot join the Network Location server. They consider they are connected on Internet not on LAN and try to activate DirectAccess. In such situation, If users can disable DirectAccess (so no force tunneling) they can solve the problem. Once NLS is back online, computer automatically change the firewall profile to domain.