#DirectAccess support for wildcard certificates

As you probably might know Forefront UAG DirectAccess deployment requires a public key infrastructure (PKI) to issue certificates to DirectAccess clients, the Forefront UAG DirectAccess server, and the network location server.

Certifcates used by DirectAccess can be catagorized by:

Continue reading “#DirectAccess support for wildcard certificates”

Configure #DirectAccess for Mobile Broadband

Last week I noticed some problems with DirectAccess by using UMTS/3G broadband network of a Dutch mobile provider (KPN). A number of IPv6 translation methods don’t work by default which results DirectAccess by broadband is not always guaranteed. Table below shows a comparison of the various telecom providers and supported IPv6 translation methods.

IPv6 Translation ISP Provider support matrix

Provider 6to4 Teredo IP-HTTPS
KPN (UMTS) X(1) X(2)
Vodafone (UMTS)
FRITZ (ADSL) n/a
  1. Teredo traffic—UDP destination port 3544 inbound and UDP source port 3544 outbound.
  2. 6to4 traffic—Protocol 41 inbound and outbound

Continue reading “Configure #DirectAccess for Mobile Broadband”

#Forefront #UAG 2010 SP1 | #DirectAccess Resources

Past few weeks I have been involved with the implementation of direct access to one of our customers. This implementation was successfully achieved by using the following resources:

 

Planning & Design

  Continue reading “#Forefront #UAG 2010 SP1 | #DirectAccess Resources”