Drag and Drop Question
You are deploying DirectAccess to a server named DA1. DA1 will be located behind a firewall and
will have a single network adapter. The intermediary network will be IPv4. You need to configure
firewall to support DirectAccess. Which firewall rules should you create for each type of traffic? (To
answer, drag the appropriate ports and protocols to the correct traffic types. Each port and protocol
may be used once, more than once, or not at all. You may need to drag the split bar between panes
or scroll to view content.)
Answer: 
https://blogs.technet.microsoft.com/tomshinder/2010/05/06/directaccess-and-firewalls-and-nat/
Protocol 41 inbound and outbound—For DirectAccess clients that use the 6to4 IPv6 transition technology to encapsulate IPv6 packets with an IPv4 header. In the IPv4 header, the Protocol field is set to 41 to indicate an IPv6 packet payload.
UDP destination port 3544 inbound and UDP source port 3544 outbound—For DirectAccess clients that use the Teredo IPv6 transition technology to encapsulate IPv6 packets with an IPv4 and UDP header. The Forefront UAG DirectAccess server is listening on UDP port 3544 for traffic from Teredo-based DirectAccess clients.
TCP destination port 443 inbound and TCP source port 443 outbound—For DirectAccess clients that use IP-HTTPS to encapsulate IPv6 packets within an IPv4-based HTTPS session. The Forefront UAG DirectAccess server is listening on TCP port 443 for traffic from IP-HTTPS-based DirectAccess clients.
0
0