How to enable login screen VPN connection on non domain joined Windows 10 client

Aspall IT 436 Reputation points
2021-06-11T12:23:01.227+00:00

Hi,

Is there a way that I can set a local policy on a non domain joined Windows 10 client, that allows global VPN connection access from the login screen?

I've tried a number of settings around Interactive Login policies, but it never seems to work on non domain joined machines. Domain joined machines however seem to allow this by default.

Thanks
James

Windows
Windows
A family of Microsoft operating systems that run across personal computers, tablets, laptops, phones, internet of things devices, self-contained mixed reality headsets, large collaboration screens, and other devices.
4,765 questions
Windows 10 Network
Windows 10 Network
Windows 10: A Microsoft operating system that runs on personal computers and tablets.Network: A group of devices that communicate either wirelessly or via a physical connection.
2,273 questions

4 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Sunny Qi 10,901 Reputation points Microsoft Vendor
    2021-06-17T08:49:48.66+00:00

    Hi,

    Thanks for your update.

    My understanding is you want the VPN connection icon appears on login screen when you login a non domain joined Windows 10 client. Please correct me if my understanding is wrong.

    Please try the following steps:

    1. Open Local Security Policy, switch to Security Settings---> Local Policies---> Security Options---> Interactive logon: Do not require CTRL+ALT+DEL.
    2. Set this policy to disabled which will force the use of “Ctrl+Alt+Del”.
    3. Then please create VPN connection and check “Allow other people to use this connection” option.
    4. Sign out for testing to see if the option of "Network Sign-in" was shown in the login screen.

    Best Regards,
    Sunny

    ----------

    If the Answer is helpful, please click "Accept Answer" and upvote it.

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

  2. Brandon Stadthagen 1 Reputation point
    2021-09-15T15:17:18.423+00:00

    This does not work on current windows build - Win10Pro 21H1 - 19043.1165

    0 comments
  3. DanMan32 1 Reputation point
    2021-12-30T14:36:23.563+00:00

    BrandonStadthagen-1231: what part doesn't work on WinPro 21H1?

    A colleague of mine and I have been researching this, as a client was expecting it.
    Because I have AnyConnect installed, I have the Network Sign-On icon, which launches AnyConnect even though I am not joined to a domain.
    Through a powershell script, I have a Windows VPN created in the All Users context, but this does not appear as an option in Network Sign-On. Not sure if that's because of the AnyConnect, not joined to a domain, or both.
    I have 21H1

    My colleague was able to get the Windows VPN to appear in Network Sign-On but his test VM is joined to a domain, just not the domain that the VPN is configured to connect to.
    He removed the Ctrl-Alt-Del requirement and still the Network Sign-On appears on lock and logon screens. Therefore the Ctrl-Alt-Del might not be a requirement.
    Colleague found out he has 1809 right now on his test VM. He'll upgrade and see. Probably will end up with 21H2.

    0 comments
  4. DanMan32 1 Reputation point
    2021-12-30T14:37:58.963+00:00

    By the way, don't get fooled with the articles showing how to enable Network icon on lock/logon screen by REG or policy.
    That's for the other icon, not the VPN one.

    0 comments