Hi,
We have created a cluster with two DirectAccess-servers and with only IP-HTTPS we could RDP and browse C:/ drive for example, and it works from both of the DirectAccess-servers. I could only this method from the server that the client is connected. Naturally, I don't want anyone managed from these servers, so I created a third server with in mind that these server I will managed the DA-clients. I stumble upon alot of problems, pinging from this server works but not RDP or other protocol. For testing we have created an firewall rule that will allow any RDP-connection. I have added the server within the management in the DA-settings and allowed the IPv6-address.
Our environment consist of native IPV6-addresses configured on each server, communication between them is OK and pinging the clients works from the management-server, but only if the clients is connected to the first server in the cluster.
So from my perspective this looked like an routing issue, but the paradox is how to add two routes for each server whit the same client prefixs? Since the RDP works from the servers, I would assume that the firewall rules are OK.
I tested to configure the management server whit an gateway to both server and initiated and RDP-session, that failed.
Some tips to get this, very undocumented when it comes to configure external load balancer, Since it's IP-HTTPS/443 it should work.