May 20 2021 01:04 PM
There are several new options in the configuration, but I haven't been able to find any docs.microsoft.com documentation on them.
Aside from the fact that most know what they mean, its important to know Microsoft's intent more than our own interpretations.
Can MSFT chime in on them here?
DisableRdpParsing
DisableDnsParsing
DisableDnsOverTcpParsing
DisableHttpParsing
DisableGradualRelease
DisableSshParsing
DisableTlsParsing
EnableDnsSinkhole
Feel free to tell my Bing search is broken.
Jun 22 2021 03:59 PM
@Jonathan Green Agreed, we need more info on these. We are facing an issue where external users using our SFB edge server are dropping skype calls after 1-2 seconds of sharing desktop video. After changing DisableTlsParsing to "true" instead of the default "false" for both users, the desktop video share is able to be completed.
Jun 22 2021 04:34 PM - edited Jun 22 2021 04:40 PM
Do you think it was related to overhead vs. the actual parsing being the root cause of the disconnects?
One would assume that WDATP or Defender would just now parse TLS logs (similar to PacketBeat, Microsoft's legacy packet gui, or logger of choice) via it's new packet capture abilities that were released 6+ months ago (20H2 or 20H1?).
I've been wrong in the past when I've applied logic to naming conventions in powershell, which is the reason I made this thread. :)
The scenario you ran into would be great for performance gauging too.
I'd be curious over the specifics on network conditions and devices used.
Jun 23 2021 08:18 AM
@Jonathan Green I am not sure! All I know is that with plenty of packet capturing going on and 0 changes in our environment (excluding these new options and their default settings) within the last few weeks this has been a problem for our users who are utilizing the edge sfb server AND trying to complete a desktop screenshare. The audio call works great, but when one user turns on desktop sharing or video, the STUN binding doesn't complete. Wireshark can't capture a successful binding on either PC unless BOTH users have run this command:
Jun 23 2021 09:01 AM