Enhanced Security Measures in Place:   To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.

Unable to access Windows Store (Windows 10 + GP 3.0.2)

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Unable to access Windows Store (Windows 10 + GP 3.0.2)

L7 Applicator

Hello,

 

Does anyone else also have problems to access the windows store when connected with global protect vpn?

Actually the problem really only is the windows store app. Everything else works perfectly (internet access, accessing corporate ressources, internal websites, fileshares, ...). The store app only displays that I should check my internet connection and the error code 0x80072EFD.

The firewall has 7.0.6 installed and we have configured the vpn with the default route into the vpn tunnel.

 

Regards,

Remo

55 REPLIES 55

If you could take a look at your vpn routes that would help as well. From what I have read this is an issue when you have a default route pointing down the vpn

@welly_59

My conclusion was that it is an issue when you do not have a next hop IP in the route in windows. On the paloalto it does not matter (or probably it only becomes an issue if you have routed everything through the tunnel --> no split tunneling). So it seems like the issue is related to the way GP configures the routes in windows. But hopefully @BPry has a solution. This would be great 🙂

That’s exactly what I meant.

L7 Applicator

@BPry

Did you had a chance to take a short look? 😛

I did..... and I have no idea why mine is working and yours isn't to be honest. 

L7 Applicator

@BPry

And my hope died again 😛 Thank you for checking.

(You route 0.0.0.0/0 into the vpn tunnel right? And you are on 4.1.1 with windows 10?)

@Remo,

Yup. Everything is routed through the VPN and Windows 10 is running. Interestingly I did only test this on a bootcamp PC however, not a native Windows 10 install. I don't think that should matter but possibly

L7 Applicator

Has anybody tried this fix.

we had issues with win 10 and store a while ago, i was playing with various reg settings with some success but not credible as issue would come and go... our win 10 device users, not many, just accept that they need to connect via lan to use the store but our rollout is about to go to 4000 devices, sorry for waffleing on but i now have to look into this again, i found this online which seems to have worked for some... i have yet to try as waiting for test device.

 

Open up gpedit on your local device

Computer Configuration/Administrator Templates/Network/Network Isolation

Enable Subnet Definitions are authoritative

Private Network ranges for Apps Enable

Then add your internal network subnet range IE 10.0.0.0/8

Restart your device and hopefully your windows store is working

 

i will be able to test next week so will keep posted...

 

 

What IP range would I be adding to test? What internal network? These users are on public

@welly_59, hi.

your users will have access to your private network once they have connected via vpn.

 

try adding the subnet that is allocated to your gp users once connected.

 

our users get a 10.32/16 address so im gonna just try 10.0.0.0/8.

 

please note this is not my fix, just something i found last year when trying to resolve the issue....

It was discussed here...

 

 

 

 https://social.technet.microsoft.com/Forums/ie/en-US/cdc9c153-2a74-432d-9e7e-30f7024660c1/windows-st...

 

Micky Big Balls, thank you! that worked on my laptop connected to VPN.

 

Will have to see if i casn get a group policy amendment put in place to push this out to all

Nice one Mr Welly cinq neuf....

 

did you add a subnet to cover just your GP user ip’s or your entire private network.

 

 

just the range of the IP pool that is assigned to GP clients once connected. 

@BPry

 

The following conditions will cause the windows store to fail.

 

  1. Domain-joined machine
  2. Windows firewall is enabled with "Domain" network profile applied
  3. connection is via VPN

perhaps your device does not meet all of this criteria....

 

@Mick_Ball,

That would be why then; I don't have my bootcamp install joined to the domain at all. 

  • 34666 Views
  • 55 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!