Windows Sandbox hast no Internet connection while host ist using a VPN

How on earth can MS deliver this feature with such a bug?! To use the Sandbox “security feature” one first has to make the host more insecure.

Conversation 17 comments

  • earlster

    Premium Member
    30 May, 2019 - 10:33 am

    <p>Does this apply to all VPNs, or just Cisco AnyConnect? Apparently there is a bug in AnyConnect that breaks access of VMs to the internet.</p>

    • pmeinl

      Premium Member
      30 May, 2019 - 10:38 am

      <blockquote><a href="#431616"><em>In reply to earlster:</em></a><em> With Private Internet Access Sandbox does not have internet connectivity.</em></blockquote><p><br></p>

  • lvthunder

    Premium Member
    31 May, 2019 - 2:16 pm

    <p>How do you know it's a bug? It might be by design. The sandbox is meant to test something you are unsure about. I would guess most people wouldn't want that unknown process calling home.</p>

    • zeratul456

      28 May, 2020 - 1:33 pm

      <blockquote><em><a href="#432164">In reply to lvthunder:</a></em></blockquote><p>The exact same issue is present in WDAG. And I sure as heck want that to access the internet..</p>

  • garethb

    Premium Member
    01 June, 2019 - 4:20 am

    <p>So… a sandbox with no internet is less secure?</p>

    • pmeinl

      Premium Member
      01 June, 2019 - 5:18 am

      <blockquote><a href="#432340"><em>In reply to GarethB:</em></a></blockquote><blockquote>Working in an Airbnb or cafe one seems to have to disable the hosts VPN (exposing it to attacks) to be able to get internet access in the Sandbox.</blockquote><p><br></p>

      • anoldamigauser

        Premium Member
        28 May, 2020 - 3:54 pm

        <blockquote><em><a href="#432351">In reply to pmeinl:</a></em></blockquote><p>I have not encountered an AirBnb or Cafe that provides a VPN. A secured (some better than others) wi-fi connection perhaps, but not a VPN. The worst are hotels that require you to go through a portal first, but I do not believe that is a VPN; just a way to log your device and traffic so it can be sold to advertisers.</p>

  • wright_is

    Premium Member
    01 June, 2019 - 4:32 am

    <p>The last thing you want, if you are running something in a sandbox is to give it unfettered access to a secure network! I would say this is in no way a bug, this is sensible secure design at work.</p>

    • zeratul456

      26 May, 2020 - 12:45 pm

      <blockquote><em><a href="#432342">In reply to wright_is:</a></em></blockquote><p>Surely you are trolling? Is it better to give it access to your real network? After all, Windows Sandbox has internet when you're connected to a VPN. It just doesn't use the VPN connection.</p>

      • wright_is

        Premium Member
        29 May, 2020 - 2:01 am

        <blockquote><em><a href="#542340">In reply to zeratul456:</a></em></blockquote><p>It depends. We only use VPN to access the company network, so the last thing I want is something that needs sandboxing being let loose on the company network.</p>

        • zeratul456

          29 May, 2020 - 4:47 am

          <blockquote><em><a href="#543583">In reply to wright_is:</a></em></blockquote><p>Great, then you can disable network access for Windows Sandbox so that those of us that require internet access in it can do that.</p>

    • hrlngrv

      Premium Member
      13 June, 2020 - 6:26 pm

      <p><a href="https://www.thurrott.com/forums/microsoft/windows/thread/windows-sandbox-hast-no-internet-connection-while-host-ist-using-a-vpn#432342&quot; target="_blank"><em>In reply to wright_is:</em></a></p><p>I know much less than I should about networking and VPNs, but shouldn't it be possible for a logical/virtual proxy server to sit between sandbox and underlying OS to give the sandboxed software some but restricted network access?</p>

      • wright_is

        Premium Member
        15 June, 2020 - 12:24 am

        <blockquote><em><a href="#546408">In reply to hrlngrv:</a></em></blockquote><p>If it is a VM, running under Hyper-V, VMware, VirtualBox etc. yes. If it is a direct sandbox in the OS? I'm not sure, I'd have to play with it first. Theoretically, you could set up virtual switches, like Hyper-V and attach them to those switches (E.g. only other sandboxes, only localhost or bridged into the main network), but it depends on how MS implemented it. </p><p>That would also take some know-how from the users.</p>

  • billbeavers

    Premium Member
    28 May, 2020 - 12:21 pm

    <p>I get internet access with edge in sandbox while nord vpn is connected. whatismyip shows me connected to specified nord server. </p>

    • zeratul456

      28 May, 2020 - 1:32 pm

      <blockquote><em><a href="#543303">In reply to billbeavers:</a></em></blockquote><p>Does it also work in Application Guard, by any chance? For me, a VPN 100% kills any attempt at using the internet with Edge in AG.</p>

  • ThemainJP

    Premium Member
    28 May, 2020 - 10:51 pm

    <p>I use the Fortinet "FortiClient" VPN and no modern/store apps have internet access when I'm connected.</p>

  • jimchamplin

    Premium Member
    30 May, 2020 - 3:17 pm

    <p>Have you tried configuring the sandbox for VPN? The VPN client may be seeing it as another system and blocking it. </p>

Windows Intelligence In Your Inbox

Sign up for our new free newsletter to get three time-saving tips each Friday

"*" indicates required fields

This field is for validation purposes and should be left unchanged.

Thurrott © 2024 Thurrott LLC