TECHNIG
Gateway for IT Experts and Tech Geeks

How to Configure DirectAccess VPN on Server 2016?

This article is going to explain the process of install and configure DirectAccess VPN in Windows Server 2016. In Windows Server 2016 and Windows Server 2012, you can deploy both DirectAccess and Routing and Remote Access Service (RRAS) on the same server. These allowing you to provide DirectAccess connectivity to supported clients as well as providing VPN access to remote clients that do not support.

The clients which support DirectAccess are Windows 10 Enterprise, 10 Enterprise 2015 Long Term Servicing Branch (LTSB), Windows 8 Enterprise, Windows 7 Ultimate and Windows 7 Enterprise.

Install and Configure DirectAccess VPN

I’m going to install DirectAccess-VPN with PowerShell command. You can install it from server manager dashboard using GUI. As a system administrator, improving your command line skill is necessary.

  1. From your Windows Server open Windows PowerShell and type “Get-WindowsFeature RemoteAccess” then press enter. It shows the Remote Access is status. Also to see the DirectAccess, type DirectAccess-VPN.
Install Remote Access with PowerShell
Install Remote Access with PowerShell

2. Now, for installing DirectAccess-VPN, type the “Install-WindowsFeature DirectAccess-VPN -IncludeManagementTools” command and press enter.

Install DirectAccess VPN with PowerShell
Install DirectAccess VPN with PowerShell

Note: This command will install Remote Access Management and Routing and Remote Access. In order to configure a traditional VPN server, you should configure with Routing and Remote Access. But to configure DirectAccess VPN server, you need to configure it through Remote Access Management.

3. Type “ramgmtui” on Windows run and open the Remote Access Management to configure DirectAccess VPN Server.

Remote Access Management on Windows Server 2016
Remote Access Management on Windows Server 2016

4. On Remote Access Management console, click Run Getting Stared Wizard. This wizard will configure DirecetAccess and VPN server quickly.

5. On Configure Remote Access page, click Deploy both DirectAccess and VPN (recommended). This option will configure DirectAccess VPN server. This will allow remote client computers that not supported for DirectAccecss to connect over VPN.

Deploy and Configure DirectAccess VPN Server on Windows Server 2016
Deploy and Configure DirectAccess VPN Server on Windows Server 2016

The second option will only deploy DirectAccess, and the third option will configure a traditional VPN server with Routing and Remote Access.

6. On the Remote Access Server Setup page, select Behind an edge device (with a single network adapter) and type IP address used by client to connect to the remote access server, then click Next.

Behind an edge device (with a single network adapter)
Behind an edge device (with a single network adapter)

7. Now click Finish to apply remote access settings. If you want to bring changes or review the configuration settings of GPO settings, Remote clients settings, Remote Access Server settings and Infrastructure Server, click on Click here link to open the Remote Access Review page.

Remote Access Settings will be applied
Remote Access Settings will be applied

8. Finally the configuration of DirectAccess VPN will be completed successfully.

Configure DirectAccess VPN applied successfully
Configure DirectAccess VPN applied successfully

Try to navigate Remote Access Management console, to see more settings and find out he new features you need to understand. See the VPN section relevant to this article.

Remote Access Management Console
Remote Access Management Console

8. On Remote Access Management Console, click Open RRAS Management under VPN.  Select the ports on Routing and Remote Access to see the active and inactive VPN connections.

Configure Routing and Remote Access in Windows Server 2016
Configure Routing and Remote Access in Windows Server 2016

That’s all bout configure DirectAccess VPN in Windows Server 2016. This configuration works for Server 2012 R2 also. So don’t worry, just configure on Server 2012.

How to Test DirectAccess-VPN?

To test the DirectAccess-VPN whether it’s work or not. Create a VPN connection on a client machine and connect to DirectAccess. From Windows 7 and newest version support DirectAccess. But the older versions are non supported DirectAccess devices.

5 Comments
  1. Faiz Orz says

    Thanks, dear admin, I really need it.
    Is it work with windows server R2 2012 or not ?

    1. Shais says

      Yes, on both servers configuration is the same.

  2. Ben Wilson says

    VPN Services are great. I was able to use arcvpn to watch all my favorite shows and content online.

    1. Shais says

      Yes, this is great. In private network Windows policy won’t allow to use third party application.

  3. Ramesh Chand says

    I am getting issue with client computers only the VPN show connected but the Direct Access is null

    I have following:
    AUSU Router.
    Single network connection for Direct Access.
    Server 2016 DC and same Direct access installed on that server.
    no firewall

    please advise me

Leave A Reply

Your email address will not be published.