Für unsere deutschen Kunden Premier Support ist auch in deutscher Sprache verfügbar. Wir helfen Ihnen gerne bei allen Ihren Migrationsproblemen.
Specify Alternate Text

Install and configure Direct Access on a Windows Server 2016 Essentials for hassle-free remote access

Did you ever troubleshoot VPN problems between Windows 10 and a Windows Server 2016 deployment? Get disconnects every now and then but you have no idea why that happens? Do you get 'error 720 a connection to the remote computer could not be established'? Use Direct Access instead of the old VPN solution.

One of the many advantages over ‘ordinary’ VPN is that Direct Access is fully transparent to the end-user. Direct Access connects automatically if the client finds it is ‘outside’ of your corporate network making resources available as if you are connected inside your corporate network. Mapped drives and local applications hosted on your server act as if you are inside your corporate Lan and the connection from your client to your server is secure. Clients without a proper certificate from your own PKI infrastructure, that runs by default on a Windows Server 2016 Essentials, cannot connect to Direct Access.

Deploying Direct Access on a server that runs the ‘Essentials Experience’ role on a Windows Server 2016 Standard/Datacenter or on a Windows Server Essentials 2016 SKU requires more 'tuning' then when it is installed on a separate member server in your domain. This simplified deployment is meant for SMB’s who only have one server and that server will be configured as a Direct Access server using the same certificate that is used for Anywhere Access. Deploying Direct Access on a Domain Controller (supported by Microsoft) is not considered ‘the most secure way’ but most of the SMB’s I know come from a Small Business Server and as we know that had everything on one box. In another guide, I will write about deploying Direct Access and the NLA (Network Location Server) on separate servers but for now, we focus on the smallest business.

For DirectAccess to work you need a Windows 10 Enterprise license.

The ‘Numinous Travel Company’ has such a server in their office, it is a Windows Server 2016 Standard with the Essentials Experience role and DHCP installed. It is the only server they have because ‘Numinous Travel Company’ has only 7 employees. They already configured Anywhere Access through the Windows Server Essentials Dashboard with a free Lets Encrypt certificate. More information on this can be found here Get a free Let’s Encrypt SSL certificate for Access Anywhere and automatically renew it. This is a prerequisite for installing Direct Access so if you have not yet configured Anywhere Access on your server it is now the time to do that.

Get free access to this tutorial and more

We excel at providing you the tutorials you need to get through that difficult migration project or configuration. It's like having a virtual coach looking over your shoulder. The documentation you'll find here is priceless. Our tutorials have screenshots of every step and Powershell scripts if applicable. 

Subscribe and receive ‘how to’ and ‘best practice’ articles on server and cloud maintenance, design and troubleshooting.

  • Monthly newsletter with a summary of all new tutorials
  • Get an email as soon as a new tutorial has been published

About www.server-essentials.com 

www.server-essentials.com is founded by Mariette Knap, a Dutch Microsoft MVP. www.server-essentials.com is a community for IT Consultants and Business Owners who, themselves, take care of the IT infrastructure and Employees who do that little extra in the company to keep things running. Our forum is for discussing all things ‘IT’ and more.  Our documentation is top notch and written by and for the community.

Change your cookie settings

Contact Us

Concentrix BV

C. de Rijcklaan 1

3723 PM Bilthoven

The Netherlands

KvK 30202318

VAT Id 814036739B01

The layout of this page is made to be viewed online.