Kemp LoadMaster Load Balancing

Kemp LoadMaster Load BalancingWhen deploying Microsoft enterprise mobility solutions such as Windows 10 Always On VPN and DirectAccess, more than one server may be required to meet capacity requirements or provide local and/or geographic redundancy.


Windows Server features an integrated load balancer called Network Load Balancing (NLB). It is an inexpensive way to create a cluster of servers to provide local redundancy. NLB is integrated with DirectAccess and must be configured using the Remote Access Management console. For Always On VPN it must be configured directly using the Network Load Balancing manager.


NLB has some serious drawbacks and limitations and should typically be avoided for most enterprise deployments. NLB is broadcast-based and generates a tremendous amount of noise on the network. Heartbeat messages are broadcast to the subnet every second. As more nodes are added to the cluster, the broadcast traffic grows exponentially. Microsoft suggests a limit of 8 nodes per NLB cluster, practically speaking NLB clusters should be limited to no more than 4 nodes.

In addition, NLB lacks the visibility and granular control of network traffic often required by network administrators. Further, troubleshooting NLB is prohibitively difficult. There are also challenges getting NLB to work correctly in virtual environments, making NLB difficult to support.

Kemp LoadMaster

A dedicated load balancing appliance such as the Kemp LoadMaster is recommended whenever local redundancy or additional capacity is required for DirectAccess and Always On VPN deployments. Physical appliances provide better performance, but virtual appliances work well in most scenarios too.

Kemp LoadMaster Resources

The following is a list of resources for configuring the Kemp LoadMaster for Always On VPN and DirectAccess.

Additional Information

Fill out the form below for more information about Kemp LoadMaster integration with Always On VPN and DirectAccess.