Share via

Why Do I Need Two IP Public IP Addresses for DirectAccess?

  • Article

I hear a lot of people ask why you need two public IP addresses to support DirectAccess.

The reason for this is that in order for Teredo to determine what type of NAT device the DirectAccess client is behind, it needs two public addresses on the Teredo server. Note that this is not required for the 6to4 and IP-HTTPS DirectAccess clients.

Teredo is the most common DirectAccess client configuration (about 75%), with IP-HTTPS (about 5%) being far behind as the 3rd most common configuration, with 6to4 representing about 25% of connections. In addition, IP-HTTPS doesn't perform nearly as well as Teredo, so you want to make sure you support Teredo as often as you can.

For more information about Teredo, please see

http://technet.microsoft.com/en-us/library/bb457011.aspx

(This was originally posted at http://forums.isaserver.org/Why_Do_I_Need_Two_IP_Public_IP_Addresses_for_DirectAccess/m_2002098904/tm.htm)