Information Technology Reference
In-Depth Information
FIGURE 3-65
The Applying Remote Access Setup Wizard Settings dialog box
You can correct any errors and restart the applying step of the wizard from the main
Remote Access Management console.
Beginning with Windows Server 2012 and Windows 8, DirectAccess clients are configured to
use Kerberos authentication by default. This means that Windows 8 and later clients do not
need a certificate to connect. If you enable connecting with Windows 7 clients to a Windows
Server 2012 or Windows Server 2012 R2 DirectAccess server, you need to enable computer
certificate authentication. You also need to enable computer certificate authentication for
two-factor authentication or for a multisite deployment of DirectAccess.
To enable computer certificate authentication, follow these steps:
1.
Open the Remote Access Management console and select DirectAccess And VPN in
the Configuration section of the left pane.
Click Edit in Step 2 Remote Access Server in the Remote Access Setup pane.
2.
3.
Click Authentication in the left pane and select Use Computer Certificates.
4.
Select Use An Intermediate Certificate if you want to use an intermediate certificate
authority certificate, such as the DirectAccess RADIUS certificate.
5.
Click Browse to open a list of available certificates, as shown in Figure 3-66.
6.
Select the certificate you want to use and click OK.
