You need to ensure that DirectAccess clients access all Internet websites by using their DirectAccess connection

Your network contains an Active Directory domain named contoso.com. The domain contains a server named
Server1 that has the Remote Access server role installed.
DirectAccess is implemented on Server1 by using the default configuration.
You discover that DirectAccess clients do not use DirectAccess when accessing websites on the Internet.
You need to ensure that DirectAccess clients access all Internet websites by using their DirectAccess
connection.
What should you do?

Your network contains an Active Directory domain named contoso.com. The domain contains a server named
Server1 that has the Remote Access server role installed.
DirectAccess is implemented on Server1 by using the default configuration.
You discover that DirectAccess clients do not use DirectAccess when accessing websites on the Internet.
You need to ensure that DirectAccess clients access all Internet websites by using their DirectAccess
connection.
What should you do?

A.
Configure a DNS suffix search list on the DirectAccess clients.

B.
Configure DirectAccess to enable force tunneling.

C.
Disable the DirectAccess Passive Mode policy setting in the DirectAccess Client Settings Group Policy object
(GPO).

D.
Enable the Route all traffic through the internal network policy setting in the DirectAccess Server Settings
Group Policy object (GPO).

Explanation:

With IPv6 and the Name Resolution Policy Table (NRPT), by default, DirectAccess clients separate their intranet
and Internet traffic as follows:
DNS name queries for intranet fully qualified domain names (FQDNs) and all intranet traffic is exchanged over
the tunnels that are created with the DirectAccess server or directly with intranet servers. Intranet traffic from
DirectAccess clients is IPv6 traffic.
DNS name queries for FQDNs that correspond to exemption rules or do not match the intranet namespace,
and all traffic to Internet servers, is exchanged over the physical interface that is connected to the Internet.
Internet traffic from DirectAccess clients is typically IPv4 traffic.
In contrast, by default, some remote access virtual private network (VPN) implementations, including the VPN
client, send all intranet and Internet traffic over the remote access VPN connection. Internet-bound traffic is
routed by the VPN server to intranet IPv4 web proxy servers for access to IPv4 Internet resources. It is possible
to separate the intranet and Internet traffic for remote access VPN clients by using split tunneling. This
involves configuring the Internet Protocol (IP) routing table on VPN clients so that traffic to intranet locations is
sent over the VPN connection, and traffic to all other locations is sent by using the physical interface that is
connected to the Internet.
You can configure DirectAccess clients to send all of their traffic through the tunnels to the DirectAccess server
with force tunneling. When force tunneling is configured, DirectAccess clients detect that they are on the
Internet, and they remove their IPv4 default route. With the exception of local subnet traffic, all traffic sent by
the DirectAccess client is IPv6 traffic that goes through tunnels to the DirectAccess server.



Leave a Reply 4

Your email address will not be published. Required fields are marked *


kurt

kurt

select force tunneling to force DA clients to send all inet traffic through the corp network

Marissa Gist

Marissa Gist

VPN represents Exclusive Private community and also the application Cost-free VPN Server delivers anyone the flawless possiblity to established the Totally free VPN Proxy almost all totally free. Down load your software no cost at this point as well as make certain superb defense for your sensitive files in addition to pertaining to online cell marketing communications protection.

https://play.google.com/store/apps/details?id=s.freevpn.bestservicefree

someone

someone

free advertisment

Gilbert

Gilbert

Answer is B, on server 2012 forced tunneling is configured by checking a check box.