I have just setup a Direct Access 2012 R2 server in my network, 2012 domain and all Windows 8 clients.
Internal CA environment (no external CRL) using a public issued cert for IPHTTPS tunnel, 2 interfaces for the DA server, 1 internal and 1 in the DMZ behind a NAT firewall (1 public IPv4 address) and my test clients are connecting fine to internal resources.
1. When I enable Force Tunneling the clients no longer are able to access the external internet. Is there anything I need to add to make this work?
2. I am having trouble with our Remote Desktop Session Hosts. I can only assume it has something to do with the DNS as we have our AD domain performing internal DNS of the int.contoso.com domain and public DNS performing for the external Contoso.com domain (RDWA etc). DA has only int.contoso.com set as a DNS Name Suffix in the Infrastructure Setup. Should I add the external contoso.com Name Suffix in there too?
3. I have a Kaspersky Security Center server for centralized AV admin, can I still push out AV updates to the clients that connect with DA. Do I add my KSC server to the Management Servers list in the Infrastructure Server Setup page on the DA setup. Does that list allow those servers to access the DA clients?