Does anyone else also have problems to access the windows store when connected with global protect vpn?
Actually the problem really only is the windows store app. Everything else works perfectly (internet access, accessing corporate ressources, internal websites, fileshares, ...). The store app only displays that I should check my internet connection and the error code 0x80072EFD.
The firewall has 7.0.6 installed and we have configured the vpn with the default route into the vpn tunnel.
Solved! Go to Solution.
Has anybody tried this fix.
we had issues with win 10 and store a while ago, i was playing with various reg settings with some success but not credible as issue would come and go... our win 10 device users, not many, just accept that they need to connect via lan to use the store but our rollout is about to go to 4000 devices, sorry for waffleing on but i now have to look into this again, i found this online which seems to have worked for some... i have yet to try as waiting for test device.
Open up gpedit on your local device
Computer Configuration/Administrator Templates/Network/Network Isolation
Enable Subnet Definitions are authoritative
Private Network ranges for Apps Enable
Then add your internal network subnet range IE 10.0.0.0/8
Restart your device and hopefully your windows store is working
i will be able to test next week so will keep posted...
So when you are not using GP windows store work fine?
Did you try "nslookup" from the client with Wireshark PCAP to get more details?
and I did also capture the traffic with vpn enabled and disabled ... on both captures I can see the dns queries related to the windows store app, but with vpn enabled there are ONLY the dns requests but no store-related https connection attemps
How about Palo logs? Do you see the traffic from the client (GP Zone) going outside (untrust) to the Microsoft store IP as destination. Threat logs?
one of the various fqdn's is storeedgefd.dsx.mp.microsoft.com (when I tried it resolved to 18.104.22.168).
on the firewall I have not one packet towards this ip and also nothing in the threatlog (actually if there was traffic I would be surprised because of the fact that I had no packets in the local packet capture)
Sure you said before no attempts from the client, my bad. This is strange. Did you try to do PCAP when connected through the GP on the local interface, not GP adapter? This is strange that you getting DNS but the client making desition not to initiate a connection after.
Yes, I also captured on that interface. For whatever reason I also see the dns requests there going out directly, but still only the dns requests and no https traffic
When did you notice this first time, any os update GP? All Windows 10 clients or just you unable to access? l cannot think of anything else what could be an issue. Don't have much experience with GP
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!
The Live Community thanks you for your participation!