You need to ensure that DirectAccess clients access all Internet websites by using their DirectAccess connection

Your network contains an Active Directory domain named contoso.com. The domain contains a
server named Server1 that has the Remote Access server role installed.
DirectAccess is implemented on Server1 by using the default configuration.
You discover that DirectAccess clients do not use DirectAccess when accessing websites on the
Internet.
You need to ensure that DirectAccess clients access all Internet websites by using their DirectAccess
connection.
What should you do?

Your network contains an Active Directory domain named contoso.com. The domain contains a
server named Server1 that has the Remote Access server role installed.
DirectAccess is implemented on Server1 by using the default configuration.
You discover that DirectAccess clients do not use DirectAccess when accessing websites on the
Internet.
You need to ensure that DirectAccess clients access all Internet websites by using their DirectAccess
connection.
What should you do?

A.
Configure a DNS suffix search list on the DirectAccess clients.

B.
Enable the Route all traffic through the internal network policy setting in the DirectAccess Server
Settings Group Policy object (GPO).

C.
Configure DirectAccess to enable force tunneling.

D.
Disable the DirectAccess Passive Mode policy setting in the DirectAccess Client Settings Group
Policy object (GPO).



Leave a Reply 8

Your email address will not be published. Required fields are marked *

11 + fourteen =


Rob

Rob

I think the answer should be “B”.

3.
In the console tree of the Group Policy Management Editor snap-in, open Computer Configuration\Policies\Administrative Templates\Network\Network Connections.

4.
In the details pane, double-click Route all traffic through the internal network.

5.
In the Route all traffic through the internal network dialog box, click Enabled, and then click OK.

https://technet.microsoft.com/en-us/library/ee649127(v=ws.10).aspx

Matt

Matt

The answer is actually C. B states that you change the DirectAccess SERVER GPO settings. You need to change the CLIENT GPO settings, not Server.

Rob

Rob

The actual setting is “Route all traffic through the internal network”

This is “Know as” force tunneling.

This is why I say the answer is B.

bob

bob

yes but if you tick the box on setup to enable force tunneling you don’t have to touch the gpo

Bobloblaw

Bobloblaw

C – MS do not support the amending on the DirectAccess GPOs directly.

renek

renek

B, u would use C if you we’re configuring DirectAccess via the Setup Wizard. But as DA is already configured and used i would say edit the GPO setting.