locked
Any chance of a light version of DirectAccess for WHS Vail

    General discussion

  • While I understand that the regular version of DirectAccess included with 2008 R2 might be too complex a setup for regular home setup. Even home users can appreciate the notion of just connecting to the Internet and accessing their shares just as if they were at home without having to worry about where they actually are at the moment.

    The way the regular version of DirectAccess works is that when it is setup a Windows 7 client that connects to the Internet will automatically establish an SSL VPN connection to a 2008 R2 server. When a client requests resources that are only available on the local network (such as network shares) the request automatically gets routed over the SSL VPN tunnel. The only problem with DirectAccess are its requirements on both the server and the client. The server has to have two NICs that each have its own addressable IP address on an IPv6 network (one public, one local). The client must be running a version of Windows 7 that supports DirectAccess (Enterprise and Ultimate) and be able to access the IPv6 network. These requirements are obviously way above and beyond what the average home would have access to.

    The light version of DirectAccess I see for WHS Vail would probably be something like Hamachi (which is a zero configuration VPN). A network driver gets installed on the client that knows how transverse NAT and firewalls and automatically establish a VPN tunnel with WHS Vail. WHS Vail can then provision the client with an IP address from the local network. To the client it will look just like a regular network connection to the local network and be able to access local resources. For NAT and firewall transversal I could see WHS Vail providing a cloud solution that would help facilitate connections between WHS Vail servers and their respective clients acting as a relay for the tunnel if necessary, maybe through the use of the .NET service bus on the Azure platform.

    While I can see this functionality being provided through an add-in I would really like to see this functionality provided natively by WHS as it would seem like natural extension to WHS Vail's existing remote access solution.

    I have filed a Connect suggestion for DirectAccess here.

    Saturday, May 01, 2010 8:19 PM

All replies

  • While I understand that the regular version of DirectAccess included with 2008 R2 might be too complex a setup for regular home setup. Even home users can appreciate the notion of just connecting to the Internet and accessing their shares just as if they were at home without having to worry about where they actually are at the moment.

    The way the regular version of DirectAccess works is that when it is setup a Windows 7 client that connects to the Internet will automatically establish an SSL VPN connection to a 2008 R2 server. When a client requests resources that are only available on the local network (such as network shares) the request automatically gets routed over the SSL VPN tunnel. The only problem with DirectAccess are its requirements on both the server and the client. The server has to have two NICs that each have its own addressable IP address on an IPv6 network (one public, one local). The client must be running a version of Windows 7 that supports DirectAccess (Enterprise and Ultimate) and be able to access the IPv6 network. These requirements are obviously way above and beyond what the average home would have access to.

    The light version of DirectAccess I see for WHS Vail would probably be something like Hamachi (which is a zero configuration VPN). A network driver gets installed on the client that knows how transverse NAT and firewalls and automatically establish a VPN tunnel with WHS Vail. WHS Vail can then provision the client with an IP address from the local network. To the client it will look just like a regular network connection to the local network and be able to access local resources. For NAT and firewall transversal I could see WHS Vail providing a cloud solution that would help facilitate connections between WHS Vail servers and their respective clients acting as a relay for the tunnel if necessary, maybe through the use of the .NET service bus on the Azure platform.

    While I can see this functionality being provided through an add-in I would really like to see this functionality provided natively by WHS as it would seem like natural extension to WHS Vail's existing remote access solution.

    I have filed a Connect suggestion for DirectAccess here.

    While an intriguing idea, you leave out the vast majority of users because the only client that supports DirectAccess is 7 Ultimate/Enterprise (not to mention you would end up completely eliminating the need for the RA website, which I don't see MS doing considering all of the work they've already done for it, including media streaming).
    Saturday, May 01, 2010 8:35 PM
    Moderator
  • This is why I mention implementing a DirectAccess solution similar to Hamachi instead of trying to leverage the native DirectAccess feature of 2008 R2. The Hamachi solution requires only a network driver on the client, allowing for down level versions of Windows 7 or even previous down level versions of Windows. 

    Also, I think the DirectAccess solution complements the current remote access website as there will be times when you will need to access files remotely on the server but don't have access to one of the client computers that is setup for DirectAccess. Or you may want to take advantage of the media steaming features.

    I didn't mention DirectAccess with the intention of replacing the remote access solution, I meant the suggestion as a means to enrich the current solution.

    Sunday, May 02, 2010 12:44 AM
  • DirectAccess is on our radar, but due to it’s requirement on Windows 7 Ultimate & Enterprise, as well as the need for a local DNS server and two WAN IP addresses, the configuration for a home is too complicated to set up at this time.  it’s something we’re looking at and working with the DirectAccess team for future versions of Home Server, if we can figure out how to reduce the complexity of the network configuration, which is by far the biggest hurdle.
     
    For now you’ll have to leverage the totally awesome Remote Access Website!  :)
       Sean
     
    This post is "AS IS" and confers no rights.
     
    "emed795" wrote in message news:8ba0acc6-b37d-4a62-85f7-bf5b4053ed3b...

    This is why I mention implementing a DirectAccess solution similar to Hamachi instead of trying to leverage the native DirectAccess feature of 2008 R2. The Hamachi solution requires only a network driver on the client, allowing for down level versions of Windows 7 or even previous down level versions of Windows.

    Also, I think the DirectAccess solution complements the current remote access website as there will be times when you will need to access files remotely on the server but don't have access to one of the client computers that is setup for DirectAccess. Or you may want to take advantage of the media steaming features.

    I didn't mention DirectAccess with the intention of replacing the remote access solution, I meant the suggestion as a means to enrich the current solution.

    Monday, May 03, 2010 4:25 PM
    Moderator