Problem with Azure VPN Point-to-site

%3CLINGO-SUB%20id%3D%22lingo-sub-2115285%22%20slang%3D%22en-US%22%3EProblem%20with%20Azure%20VPN%20Point-to-site%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2115285%22%20slang%3D%22en-US%22%3E%3CP%3EBehaviour%3A%3CBR%20%2F%3EWhen%20connecting%20to%20P2S%20VPN%20the%20computer%20reports%20loss%20of%20internet%20connection(DnsProbe%2FWebProbe%20not%20responding)%20on%20the%20actual%20local%20network(home%20or%20other).%3C%2FP%3E%3CP%3EBrowsing%20internet%20still%20works%20and%20DNS%20name%20resolutions%20works%20as%20well.%3C%2FP%3E%3CP%3EThe%20issue%20can%20after%20a%20while%20resolve%20and%20then%20appear%20again%20while%20still%20being%20connected%20to%20the%20P2S%20VPN.%20Disconnecting%20P2S%20VPN%20will%20resolve%20the%20issue%20immediately.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EOccurrence%3A%3C%2FP%3E%3CP%3EThe%20problem%20is%20intermittent.%20Sometimes%20Windows%20reports%20no%20internet%20directly%20after%20connecting%20through%20Azure%20VPN%20and%20sometimes%20it%20can%20take%20hours.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EUser%20impact%3A%3C%2FP%3E%3CP%3EWhen%20it%20says%20'no%20internet'%20Outlook%20will%20not%20start.%20Starting%20Outlook%20before%20connecting%20to%20VPN%20is%20a%20workaround(will%20still%20be%20able%20to%20fetch%20new%20emails%20afterwards).%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%3ETicket%20opened%20through%20CSP-portal%20with%20Microsoft%20but%20we%20are%202%20months%20in%20from%20first%20raising%20this%20ticket%20and%20we%20keep%20getting%20transferred%20around%20different%20departments%20showing%20the%20issue%20repeatedly.%3C%2FSPAN%3E%3C%2FP%3E%3CP%3EWe%20now%20turn%20over%20to%20the%20great%20knowledge%20around%20the%20internet%20to%20hopefully%20get%20any%20helpful%20info%20or%20solution.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-2115285%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3Evpn%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3Evpn%20connection%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E
New Contributor

Behaviour:
When connecting to P2S VPN the computer reports loss of internet connection(DnsProbe/WebProbe not responding) on the actual local network(home or other).

Browsing internet still works and DNS name resolutions works as well.

The issue can after a while resolve and then appear again while still being connected to the P2S VPN. Disconnecting P2S VPN will resolve the issue immediately.

 

Occurrence:

The problem is intermittent. Sometimes Windows reports no internet directly after connecting through Azure VPN and sometimes it can take hours.

 

User impact:

When it says 'no internet' Outlook will not start. Starting Outlook before connecting to VPN is a workaround(will still be able to fetch new emails afterwards).

 

Ticket opened through CSP-portal with Microsoft but we are 2 months in from first raising this ticket and we keep getting transferred around different departments showing the issue repeatedly.

We now turn over to the great knowledge around the internet to hopefully get any helpful info or solution.

1 Reply

Good talk guys!
Just came back to present what MS support informed me about after 4 months of troubleshooting this issue together.
"Thank you for your detailed information and testing.

I’ve just been told from Intune end that this is by design behavior of P2S connection on VPN gateway when using custom DNS and no workaround but use Azure DNS.

I understand that this can be a little frustrating but Intune team has confirmed this as nothing is your end is wrong or misconfigured."

 

Now I am trying to find a way to get this hybrid-environment to work for our users. We are using OpenSSL-VPN since that supports Azure AD Authentication and from what I can see we cannot redirect DNS-requests for a particular domain to go to our custom DNS and everything else on the local interface DNS.