Thank you for your feedback.
The Add Roles wizard in Windows 2012 R2 preview forces the installation of IIS when selecting to install RAS. After the install, IIS can be shut down and RRAS seems to work fine for straight forward NAT and VPN. However, if I try to Remove the
IIS Role, then the Roles wizard forces the removal of RAS. This may be specific to Windows Server 2012 R2 Preview. I haven't regression tested to see if the new RAS/IIS Roles dependency is an issue in Windows Server 2012. In all versions
previous to Windows 2012, RRAS could be installed easily without IIS using the Windows Add/Remove Windows Components wizard. An answer to my question could be a work around for manually installing just RRAS - bypassing the use of the Add Roles
wizard.
I noticed that the Lab Guide base configuration works around the Public IP address requirement by using a Public IP Address and subnet in the Lab environment to simulate the Internet. Since I'm working with virtual machines, I really don't want to
connect a virtual switch directly to the public Internet or DMZ. I would like to keep all my virtual network interfaces inside a security perimeter.
An answer to my Direct Access private network IP address, behind and edge device, could be a procedure for first installing Direct Access with a Public IP address, then manually changing the configuration after installation to use a private IP address.
If not going to "fix" the R2 release, then an even easier solution would be if someone would update the Technet Library documentation for Direct Access Installation to specify that a Public IP Address IS REQUIRED. After all, if Direct Access
works with a Public IP address using the behind edge device installation options, then the only thing broken is the documentation - and the people that want to put a firewall device in the perimeter between the DA server and the Internet.
Windows Server 2012 R2 - Direct Access Server Setup for Behind a NAT Device Should Not Require a Public IP Address
.png)
