This was tricky. I had implemented several Direct Access configurations, but none of them went crazy like the newest one.
Network Location Awereness (NLA) kept changing the localtion of DMZ network adapter to Domain Profile. That is not good for Direct Access.
And the fix you ask?
First go to Local Secrurity Policy:
And change Network Location -> User can change location
Then a quick reboot and open Administrative Powershell prompt and type:
Choose a correct adapter that you want to be in Public Profile.
Set-NetConnectionProfile -InterfaceIndex # -NetworkCategory Public
And you are done!
Have a nice one 🙂