Solved

How to Ensure NCSI probe is allowed through Windows Firewall with GPO

Posted on 2016-08-17
2
34 Views
Last Modified: 2016-10-12
I need to know what settings need to be configured in our Windows Firewall GPO to ensure the Windows Network Connectivity Status Indicator is allowed through. We've had some issues with programs not working because of issues with this so we need to make sure it is configured to be allowed through the firewall.

Our users get a warning note on their network connection  Warning on Network Connectivity and when they look at the connection it states "No internet connection" even though they do have internet connection. It does impact things like being able to use online resources in things like Microsoft Word. If they try to insert "Online Pictures", for example, they will get an error that they are not connected to the internet.
0
Comment
Question by:TechInTheWoods
  • 2
2 Comments
 
LVL 79

Accepted Solution

by:
David Johnson, CD, MVP earned 500 total points (awarded by participants)
ID: 41812907
NCSI query's a web page and also does a nslookup

A request for http://www.msftncsi.com/ncsi.txt
Page called ncsi.txt containing the following line of text with no terminating new line or other non-printing characters:
Microsoft NCSI
(Page headers disable caching.)

A request for DNS name resolution of dns.msftncsi.com must return 131.107.255.255

https://technet.microsoft.com/en-us/library/cc766017(v=ws.10).aspx

As long as port 80 http is allowed and port 53 dns is allowed then it should work. You will have to investigate WHY the http request fails or the dns lookup fails
More info and how to host your own NCSI server
https://blogs.technet.microsoft.com/networking/2012/12/20/the-network-connection-status-icon/
0
 
LVL 79

Expert Comment

by:David Johnson, CD, MVP
ID: 41839735
Answers the question that the asker abandoned
0

Featured Post

Zoho SalesIQ

Hassle-free live chat software re-imagined for business growth. 2 users, always free.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

This article explains in simple steps how to renew expiring Exchange Server Internal Transport Certificate.
A customer recently asked me about anti-malware and the different deployment options available for his business. Daily news about cyberattacks, zero-day vulnerabilities, and companies that suffered a security breach made him wonder if the endpoint a…
Windows 8 came with a dramatically different user interface known as Metro. Notably missing from that interface was a Start button and Start Menu. Microsoft responded to negative user feedback of the Metro interface, bringing back the Start button a…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now