This topic describes the methods that are available for deploying and configuring Forefront UAG DirectAccess:

The following describe the benefits and limitations of each of these methods.

The Forefront UAG DirectAccess Configuration Wizard

The Forefront UAG DirectAccess Configuration Wizard guides you through the configuration stages of the Forefront UAG DirectAccess deployment. After completing the Forefront UAG Configuration Wizard, you have the option to apply the configuration, or to save the configuration settings to an export script. You can view or modify the export script, and when ready, run the script from a Windows PowerShell command prompt. For more information on modifying the export file, see Modifying the Forefront UAG DirectAccess export script.

Manual client configuration using Group Policy

Group Policy provides a policy-based method to create, distribute, and apply Forefront UAG DirectAccess settings to clients, which allows for one-time and ongoing configuration of Forefront UAG DirectAccess settings. Group Policies are configured by the Forefront UAG DirectAccess Configuration Wizard. Manual client configuration can be used for settings that are not configured automatically using the Forefront UAG DirectAccess Configuration Wizard, such as configuring certificate revocation checking for IPsec authentication. For more information, see Group policy (