Microsoft Edge
A Microsoft cross-platform web browser that provides privacy, learning, and accessibility tools.
2,238 questions
Internet Traffic blocked when trying to surf in Edge Sandbox Mode (Windows Defender Application Guard)
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(246.4, 75%, 33%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJZ%3C/text%3E%3C/svg%3E)
john zuh
56
Reputation points
I have successfully activated Windows Defender Application Guard but it seems surfing in Edge Sandbox Mode has been impossible. All required gpos and addition requirements as described on here: https://learn.microsoft.com/en-us/windows/security/application-security/application-isolation/microsoft-defender-application-guard/configure-md-app-guard https://learn.microsoft.com/en-us/windows/security/application-security/application-isolation/microsoft-defender-application-guard/faq-md-app-guard have been configured accordingly.
I had a tip from microsoft support that my firewall could be blocking traffic (NAT)coming from the Host Computer so should allow all IP subnets in the range of 172.x.x.x or 192.x.x.x. I have tested that by allowing this traffic in the Trellix including Remote Ports 49700–65535, as described in Trellix documentation here https://kcm.trellix.com/corporate/index?page=content&id=KB88788 but to no avail.
Could there be any other underlying root causes in a typical Enterprise environment where systems have been hardened using Security policies defined by CIS. What rules can be exempted here in order to allow this kind of traffic. Anybody has experience with this kind of environment or issue. Some tips will be welcomed.
Microsoft Edge
Windows 10
Windows 10
A Microsoft operating system that runs on personal computers and tablets.
11,195 questions
{count} votes
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(163.2, 68%, 25%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EYZ%3C/text%3E%3C/svg%3E)
Yu Zhou-MSFT 12,951 Reputation points Microsoft Vendor2023-10-23T06:01:08.68+00:00 Hi @john zuh
Do you mean it can't load any sites using Edge with WDAG? Is there any error message? Do you use any VPN or proxy?
-
john zuh 56 Reputation points
2023-10-23T09:28:45.3766667+00:00 @Yu Zhou-MSFT Yes i cant load any sites using Edge with WDAG. I use proxy and VPN but i first decided to test it without the VPN. Proxy settings have also been configured via gpo accordingly as stated in the requirements. Below is the error message
-
Yu Zhou-MSFT 12,951 Reputation points Microsoft Vendor
2023-10-25T09:29:01.4433333+00:00 Hi @john zuh
Have you tried to use it without proxy? Do you open a support ticket to Microsoft support? They can help with troubleshooting such complex issue.
Sign in to comment