Server 2012 DirectAccess on VMware Workstation

Hey folks,

I'm new to DirectAccess, and am trying to wrap my head around it. I'm trying to test out Windows Server 2012 DirectAccess in a VMware Workstation lab environment. All of my lab systems are using the VMware NAT network.

The Windows Server 2012 system with the DirectAccess role has a "private" network interface on the NAT network, and a "public" network interface, with a statically configured public IPv4 address on thehost-only network. It is configured using the Edge option in the DirectAccess wizard. The "public" IPv4 address is the IP address I plugged into the wizard, for the system's public IPv4 address.

I have a Windows 8 Enterprise client system that was initially on the NAT network during provisioning, so it could get the DirectAccess GPOs, but then I moved it over to an isolated host-only network (VMnet2), to emulate being on the Internet (even though it does not have access to public DNS, or the ability to route to the Internet), and configured it with a public IPv4 address on the same subnet as the DirectAccess server's "public" interface.

The Windows 8 client seemingly does not have the ability to establish an IP-HTTPS tunnel to the DirectAccess server.

PS C:\Windows\system32> Get-NetIPHttpsState


LastErrorCode   : 0x80190194
InterfaceStatus : Failed to connect to the IPHTTPS server; waiting to reconnect

PS C:\Windows\system32> Get-NetIPHttpsConfiguration


PolicyStore       : ActiveStore
ConfigurationType : GroupPolicy
Profile           :
ProfileActivated  :
State             : Default
ServerURL         : https://209.228.130.28:443/IPHTTPS
Type              : Client
AuthMode          :
StrongCRLRequired : False

PS C:\Windows\system32> Get-DnsClientNrptPolicy


Namespace                        : .
QueryPolicy                      :
SecureNameQueryFallback          :
DirectAccessIPsecCARestriction   :
DirectAccessProxyName            :
DirectAccessDnsServers           : 2002:d1e4:821c:3333::1
DirectAccessEnabled              :
DirectAccessProxyType            : NoProxy
DirectAccessQueryIPsecEncryption :
DirectAccessQueryIPsecRequired   : False
NameServers                      :
DnsSecIPsecCARestriction         :
DnsSecQueryIPsecEncryption       :
DnsSecQueryIPsecRequired         : False
DnsSecValidationRequired         : False
NameEncoding                     : Utf8WithoutMapping

Namespace                        :DirectAccess-NLS.contoso.com
QueryPolicy                      :
SecureNameQueryFallback          :
DirectAccessIPsecCARestriction   :
DirectAccessProxyName            :
DirectAccessDnsServers           :
DirectAccessEnabled              :
DirectAccessProxyType            : UseDefault
DirectAccessQueryIPsecEncryption :
DirectAccessQueryIPsecRequired   : False
NameServers                      :
DnsSecIPsecCARestriction         :
DnsSecQueryIPsecEncryption       :
DnsSecQueryIPsecRequired         : False
DnsSecValidationRequired         : False
NameEncoding                     : Utf8WithoutMapping

Any thoughts on what I've got configured incorrectly? I'm not sure which default gateway and DNS server address to configure on the Windows 8 client's "public" network interface, since it's not really connected to the Internet.

Cheers,
Trevor

---

If this post was helpful, please click the little "Vote as Helpful" button :)

Trevor Sullivan
Trevor Sullivan's Tech Room
Twitter Profile