We are in the process of implementing DirectAccess with Server 2012 R2. So far, it looks very promising. Clients can communicate from our management servers exactly as desired. However, we would like to provide a way for our Help Desk to connect to those machines (for instance, to be able to initiate remote control).
ISATAP is technically no longer supported, as well as it seems there are some risks/challenges associated with it anyways. I was wondering if anyone has come up with any good solutions for this. Since it would just be for a few, I was thinking about also configuring the server to allow inbound VPN for IPv6 only and just have our Help Desk users initiate a VPN connect to the server the few times this functionality would be necessary. Has anyone done anything like that? I haven't set up VPN in Windows Server in at least 8 years, so any advice would be helpful. If you have any other suggestions, I'd also be happy to accept that.
Thanks!