Forum Discussion
Windows firewall doesn't detect SSL VPN as domain network
Hi,
we've had issues when some users logon to VPN where the network profile on their Windows device does not set the connected SSL VPN as "domain network".
This causes problems when trying to do certain things, the main issue we see is users not being able to connect to brokered RDP environment.
I have found an article that addresses this with some reg keys as a work around but it suggests the ideal solution is that the VPN uses callback API's to add routes as soon as the VPN adapter arrives at Windows. Does anyone know how we'd go about configuring this?
Link to page: Windows Firewall not recognizing Domain network on Windows 10 (thewindowsclub.com)
From the above link:
These are the three API that a VPN should use for Windows.
- NotifyUnicastIpAddressChange: Alerts callers of any changes to any IP address, including changes in DAD state.
- NotifyIpInterfaceChange: Registers a callback for notification of changes to all IP interfaces.
- NotifyAddrChanget: Notifies the user about address changes.
- zamroni777Nacreous
you might need to add the vpn segment into ad subnet:
https://learn.microsoft.com/en-us/windows-server/identity/ad-ds/plan/creating-a-site-design#creating-a-subnet-object-design
---editors note: 3 previous sorta duplicative comments were caught in spam...copyingf forward all the unique links into this one post. Thanks zamroni777
https://www.techcrafters.com/portal/en/kb/articles/setup-ad-sites-and-subnets#Configuring_Subnet_Pro...
https://vizrt.my.site.com/NewTekSupport/s/article/Changing-your-Network-Location-Type-using-Group-Po....- marcoperson_250Altocumulus
Helpful link for me thanks for sharing valuable insights.
- Frank0phNimbostratus
Thanks for the recommendation.
I'll give it a try
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com