I am going to deploy Microsoft DirectAccess to our demo lab and have couple of problems / Q:s
Our lab network topology is on the picture. First there is our ISP:s modem/router device which i dont have access (i can´t configure this device).
I suppose that there is route 188.8.131.52/28 --> to our ASA:s external interface.
Then there is our ASA which has couple of interfaces, 1 x external, 1 x internal.
On ASA there is dynamic PAT which is using IP of enternal interface.
From ASA to Cisco 2821 router there is straight cabel to interface Gi0/0. On router there is interface Gi0/1 which is connected to C3560 switch.
I have created multiple vlan/SubIF to router and same VLAN:s to switch.
Then there is VMware ESX 4i host with W2008 Enterprise server with MS UAG server.
On W2008 i have two interfaces, one to internal and one to external.
Q1: which is the easiest way to get real ip(184.108.40.206) without NAT to our UAG server (MS document s says that this server should be directly connected to internet wihtout NAT). So what i have to do if i want to.
I know that i have to make somekind of DMZ where i can put that VMware interface, but how do i do it?
Can i make static route to ASA like 220.127.116.11/29 --> 10.2.72.2 and then on the router i make vlan which has ip 18.104.22.168 and then put my VMware interface to there?
I think thats not good option?