How can we improve the Windows dev platform?

Enable the Windows 10 Hyper-V Default Switch to work with Cisco AnyConnect

The following Hyper-V networking Configuration breaks DNS name resolution on the Virtual Machine:
1. Connecting the host to a non-corporate (remote) WiFi network.
2. Connecting to the corporate network via Cisco AnyConnect on the host.
3. Start a VM and connect it to the Default Switch (NAT)

When a VM is connected to the default switch and the host is connected to the corporate network via Cisco AnyConnect, the VM looses the ability to resolve DNS addresses. The VM is able to ping both public addresses and corporate addresses; however, it is unable to resolve names on either the public internet or corporate network.

This issue was submitted as a MS Premier support ticket (https://support.microsoft.com/en-us/commercial/incidents/117111417156306) and a Connect bug (https://connect.microsoft.com/WindowsServer/feedback/details/3142497/build-16299-15-hyper-v-default-switch-nat-name-resolution-not-working). Was advised by Premier that this is an architectural issue.

180 votes
Sign in
Check!
(thinking…)
Reset
or sign in with
  • facebook
  • google
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Samuel Grummons shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →
    under review  ·  AdminSarah Cooley (Admin, Windows Developer) responded  · 

    We’re investigating how to best handle VPN and add more configuration around VPN.

    Please:
    1) Upvote if this is important to you. That helps us prioritize.
    2) Let us know which VPN technology you’re using/care most about.
    3) Explain what behavior you’d like to see.

    16 comments

    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      Signed in as (Sign out)
      Submitting...
      • Bill commented  ·   ·  Flag as inappropriate

        Do not automatically show next card in Klondike/Las Vegas Solitare deck- all three cards need to be played first.

      • WSLUser commented  ·   ·  Flag as inappropriate

        Bring OpenVPN support natively to Windows like you're doing for OpenSSH. Alternatively, bring support to use VPN technology in WSL would be great as well. Ideally you'd have both capabilities as various use cases may require usage of one or the other.

      • David Klebanoff commented  ·   ·  Flag as inappropriate

        It's actually worse than described in this ticket. In my case, when a virtual switch in bridge mode is created in Hyper-V, the adapter becomes invisible to Cisco AnyConnect. If that is the adapter currently in use, you lose connectivity. Bridge mode is helpful if you want to expose the virtual machine to others on the network.

      • Anonymous commented  ·   ·  Flag as inappropriate

        Using Cisco AnyConnect for VPN. Ideally allow configuration for tunneling all traffic or split tunnel.

      • Carl P. commented  ·   ·  Flag as inappropriate

        Hello Sarah, The default switch should be able to handle connectivity to either a wired or wireless NIC on the same device.,
        Cisco Anyconnect seems to be the preeminent VPN, but support for ATT Global Network Client would be desirable as well.
        If you can enable support in an upcoming RS4 build, please let us know. :D

      • Paul Dally commented  ·   ·  Flag as inappropriate

        1) Definitely this has my upvote
        2) Cisco AnyConnect 4.1.04011
        3) Ideally, the VMs would have a means of accessing the same resources that applications on the host have dependent upon the connection status of the VPN

      • Anonymous commented  ·   ·  Flag as inappropriate

        Cisco AnyConnect 4.5.02036.

        Desired Behavior: When the host is on a remote network and connected to the company via a split tunnel VPN AND the VM is connected using the default (NAT) switch, we want to see Name resolution occur for both corporate and public internet names.

        Thanks!

      • Samuel Grummons commented  ·   ·  Flag as inappropriate

        Cisco AnyConnect 4.5.02036.

        Desired Behavior: When the host is on a remote network and connected to the company via a split tunnel VPN AND the VM is connected using the default (NAT) switch, we want to see Name resolution occur for both corporate and public internet names.

        Thanks!

      • Anonymous commented  ·   ·  Flag as inappropriate

        In fact, 3 options would be great for the type of network configuration to support

        1) Internet + VPN connectivity made accessible to the VM
        2) internal connectivity between VM + VPN but no internet passthough
        3) VPN only no internet.

      • Christopher Yageman commented  ·   ·  Flag as inappropriate

        I vote yes to fix this. Hosting a virtual pc to support access to say a customer site where they may need to launch a separated vpn is a primary reason for using a virtual pc for our business.

      • Carl P. commented  ·   ·  Flag as inappropriate

        Confirmed with Cisco Anyconnect v4.5. No internet access in the VM when host OS is connected to corporate VPN.

      Feedback and Knowledge Base