Forum Discussion
Pallind
Feb 05, 2021Copper Contributor
Problem with Azure VPN Point-to-site
Behaviour: When connecting to P2S VPN the computer reports loss of internet connection(DnsProbe/WebProbe not responding) on the actual local network(home or other). Browsing internet still works an...
- Sep 27, 2021
So... We continued our troubleshooting with Microsoft Support since we reported the same issue in 2 other environments and I can happily inform that after another month of tracing and investigation of the NCSI logs we were presented with the following solution:
Symptom:
While on P2S VPN, client machines report connectivity loss but browsing and DNS still work.Cause:
According to the NCSI trace, the DNS probe was not using proxy but going Direct instead.Resolution:
Enabled the Specify Global DNS via Registry Key which seems to have solved the problem for now.Registry Key modified: RegPath: Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\NetworkConnectivityStatusIndicator
RegKey: UseGlobalDns=1
Type: DWORD
We are now running this with three different environments/customers and we have zero reported issues from the when now working over Azure VPN.
Case closed!
Pallind
Apr 01, 2021Copper Contributor
Good talk guys!
Just came back to present what MS support informed me about after 4 months of troubleshooting this issue together.
"Thank you for your detailed information and testing.
I’ve just been told from Intune end that this is by design behavior of P2S connection on VPN gateway when using custom DNS and no workaround but use Azure DNS.
I understand that this can be a little frustrating but Intune team has confirmed this as nothing is your end is wrong or misconfigured."
Now I am trying to find a way to get this hybrid-environment to work for our users. We are using OpenSSL-VPN since that supports Azure AD Authentication and from what I can see we cannot redirect DNS-requests for a particular domain to go to our custom DNS and everything else on the local interface DNS.
Pallind
Sep 27, 2021Copper Contributor
So... We continued our troubleshooting with Microsoft Support since we reported the same issue in 2 other environments and I can happily inform that after another month of tracing and investigation of the NCSI logs we were presented with the following solution:
Symptom:
While on P2S VPN, client machines report connectivity loss but browsing and DNS still work.
Cause:
According to the NCSI trace, the DNS probe was not using proxy but going Direct instead.
Resolution:
Enabled the Specify Global DNS via Registry Key which seems to have solved the problem for now.
Registry Key modified: RegPath: Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\NetworkConnectivityStatusIndicator
RegKey: UseGlobalDns=1
Type: DWORD
We are now running this with three different environments/customers and we have zero reported issues from the when now working over Azure VPN.
Case closed!
- GamlabettanSep 27, 2021Copper ContributorNice talk! Good catch!