A number of prerequisites must be in place before proceeding with this documentation. In addition to the assumptions outlined earlier in this document, it is assumed that the LoadMaster has been configured and that network connectivity to all networks has been verified. In addition, the following prerequisites must be in place before continuing:

  • A unique internal hostname for the load balanced NLS, for example nls.corp.example.com
  • A unique external hostname for each entry point that resolves to the external IPv4 address assigned to the DirectAccess Virtual Service on the LoadMaster, for exampleda-west.example.com, da-east.example.com
  • DirectAccess must be configured to use certificate authentication
  • The NLS cannot be collocated on the DirectAccess server. It must reside on a separate system
  • Intra-Site Automatic Tunnel Addressing Protocol (ISATAP) for outbound DirectAccess client management is not supported when using external load balancers and must be disabled prior to implementing the LoadMaster