lighthousekeeper
asked on
DirectAccess 2012 Certificate question for Windows 7 client access
Hi,
I am aware that the proper versions of Windows are a requirement for DirectAccess to work, that is not an issue.
I have setup DirectAccess 2012 with a single NIC and have successfully gotten Windows 8 client machines to connect when outside of the corporate LAN. Now, my next step is to get the Windows 7 clients connecting.
My understanding to allow Windows 7 clients to connect is you need to use Computer Certificates... But where is this certificate required, is it for the DirectAccess-IPHTTPS or for the DirectAccess-NLS?
I am going to purchase a certificate from a public authority as I have heard this simplifies matters. How do I go about installing the certificate and performing the signing process on my DA server? Do I do it through IIS Certificates or through MMC Certificates.
Does it matter if the certificate which I sign matches the hostname which I have designated for the remote access server?
Thanks!
I am aware that the proper versions of Windows are a requirement for DirectAccess to work, that is not an issue.
I have setup DirectAccess 2012 with a single NIC and have successfully gotten Windows 8 client machines to connect when outside of the corporate LAN. Now, my next step is to get the Windows 7 clients connecting.
My understanding to allow Windows 7 clients to connect is you need to use Computer Certificates... But where is this certificate required, is it for the DirectAccess-IPHTTPS or for the DirectAccess-NLS?
I am going to purchase a certificate from a public authority as I have heard this simplifies matters. How do I go about installing the certificate and performing the signing process on my DA server? Do I do it through IIS Certificates or through MMC Certificates.
Does it matter if the certificate which I sign matches the hostname which I have designated for the remote access server?
Thanks!
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
you are right . configured just so.