Gpupdate fail through AppGate Proxy VPN

Chau Le 96 Reputation points
2022-03-28T05:04:48.817+00:00

Hello

We have a VPN called AppGate ... Clients using this VPN when trying to run gpupdate does not work...nothing happens no error message. On regular Cisco Anyconnect VPn GPUpdate works just fine. Found out from the network team that this AppGate is like a proxy ...so it does not hand out new IP's to the client...it proxy the client request ...so the DC would not see the client IP it see's the AppGate IP...

I believe this is why GPUpdate is not working. DC needs to know the client IP for kerberos to work and would assume same requirements here. Can someone please confirm or negate my suspicions. ?

Thanks
C

Windows
Windows
A family of Microsoft operating systems that run across personal computers, tablets, laptops, phones, internet of things devices, self-contained mixed reality headsets, large collaboration screens, and other devices.
5,604 questions
Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
6,728 questions
0 comments No comments
{count} votes

2 answers

Sort by: Most helpful
  1. Thameur-BOURBITA 33,976 Reputation points
    2022-03-28T07:59:46.227+00:00

    Hi,

    ** DC needs to know the client IP for kerberos to work and would assume same requirements here. Can someone please confirm or negate my suspicions. ?**

    I confirm that the DC needs to know the client IP to identify its subnet and the closest domain controller for authentication and GPO.
    The network flow should be opened between the client and domain controller to apply GPOs.

    Please don't forget to mark helpful reply as answer


  2. Thameur-BOURBITA 33,976 Reputation points
    2022-03-28T15:07:42.803+00:00

    Hi,
    You can refer to the following link to understand the DClocator process used by client machine to identify the closest domain controller:
    How-domain-controllers-are-located-in-windows.aspx

    Please don't forget to mark helpful reply as answer


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.