0

We're considering implementing DirectAccess via Windows Server 2012 R2. While considering the hardware requirements (which aren't very great of course), the question came up: "can we implement the DA server in the cloud?"

By "the cloud" I'm talking public, likely via Rackspace. I'd assume we'd need a tunnel back to the local network. I suppose the benefit here is that we wouldn't need to support another piece of hardware just for this one particular task, and the server needs to be public facing anyhow.

So my question is threefold:

  1. Is this a supported configuration?
  2. If it is supported, are there any particular gotchas, downsides to be aware of? (not interested in arguments regarding cost or anything philosophical)
  3. The site-to-site would terminate to an ASA. Do any public cloud vendors in particular provide tools to simplify this piece?
Boden
  • 4,948
  • 12
  • 48
  • 70
  • So you want your VPN (direct access) endpoints to have to traverse the tunnel to your cloud provider and then another tunnel from their to your on-prem infrastructure? Why? It creates double the points of failure and double the potential bottlenecks? – MDMarra Feb 03 '14 at 20:13
  • Well that's a good point and relates to the second piece of my question, thanks. That said, the primary purpose of DA is management, not so much access to resources/applications so performance might not be so critical. I could also argue that adding a server is a more significant point of failure than a tunnel, and then we'd have to consider additional UPS capacity, local backup, etc. – Boden Feb 03 '14 at 20:31

0 Answers0