Greetings,
I'm trying to configure DirectAccess to work with WAF. I currently got it to work with setting up a Full NAT but reading various forum posts on here suggest this approach is not ideal. I have been Googling and making changes such as #3 in the Rulz but have not had much success.
Using WAF, I can use a web browser and hit the domain and traffic is logged as intended. When a DirectAccess client attempts to hit the same domain, it never connects and no traffic is logged. I have looked through logs DNS proxy, Application Control, Firewall, IPS, WAF, and web filtering but can't seem to find where this traffic is being logged. Using Wirehark, I see the Client Hello with protocol TLSv1.2 but the server replies with '61 Alert (Level: Fatal, Description: Handshake Failure)' with protocol TLSv1.2.
I'm not sure if under the hood something else is occurring of the DirectAccess client that WAF doesn't support or vice versa that is causing the handshake to fail. Regarding the RealConfig screenshot, I tried setting the real server to use HTTPS but read a post setting to HTTP would lower the strain on the server.
Now if I disable WAF, and enable the Full NAT, I see the traffic come in through the Firewall log. Wireshark sees the client hello and the server responds with the server hello and certificate.
Not sure if what I want to accomplish is even possible or supported but I want my internal web server shielded from external traffic so it seems I should go down this route. Any assistance would be greatly appreciated.
Josh
This thread was automatically locked due to age.