Windows firewall doesn't detect SSL VPN as domain network

Question

Hi,we've had issues when some users logon to VPN where the network profile on their Windows device does not set the connected SSL VPN as "domain network".This causes problems when trying to do certain things, the main issue we see is users not being able to connect to brokered RDP environment.I have found an article that addresses this with some reg keys as a work around but it suggests the ideal solution is that the VPN uses callback API's to add routes as soon as the VPN adapter arrives at Windows.&nbsp; Does anyone know how we'd go about configuring this?Link to page:&nbsp;Windows Firewall not recognizing Domain network on Windows 10 (thewindowsclub.com)From the above link:These are the three API that a VPN should use for Windows.NotifyUnicastIpAddressChange: Alerts callers of any changes to any IP address, including changes in DAD state.NotifyIpInterfaceChange: Registers a callback for notification of changes to all IP interfaces.NotifyAddrChanget: Notifies the user about&nbsp;address changes.

zamroni777 · Answer

you might need to add the vpn segment into ad subnet:
https://learn.microsoft.com/en-us/windows-server/identity/ad-ds/plan/creating-a-site-design#creating-a-subnet-object-design

---editors note: 3 previous sorta duplicative comments were caught in spam...copyingf forward all the unique links into this one post. Thanks zamroni777
https://www.techcrafters.com/portal/en/kb/articles/setup-ad-sites-and-subnets#Configuring_Subnet_Pro...
https://vizrt.my.site.com/NewTekSupport/s/article/Changing-your-Network-Location-Type-using-Group-Po....

marcoperson_250 · Answer

Helpful link for me thanks for sharing valuable insights.

frank0ph · Answer

Thanks for the recommendation.I'll give it a try

Forum Discussion

Windows firewall doesn't detect SSL VPN as domain network

Recent Discussions

Outlook application issue

Why does WAF block HTTP OPTION method

Rewriting Location Header in iRule

HA Configuration (One in primary and One in DR)

Sending a trusted certificate to server

Related Content

F5 AFM/Edge Firewall and the difference between Edge Firewalls and Next-generation Firewalls (NGFW)

Securing the LLM User Experience with an AI Firewall

Integrating SSL Orchestrator with CheckPoint Firewall VM-Explicit Proxy

F5 Distributed Cloud Network Firewall Rule Evaluation and Packet Flow

Windows Critical RCE Vulnerability, Malicious Solana-py, and EDRKillShifter