Networking

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Fix default NPS firewall rules for Server 2019

    Hi all,

    I understand there is an issue with Windows Server 2019/Windows 10 1809 however I was wondering if Microsoft are aware of any problems regarding the Firewall rather than the systems handling of user files.

    Recently I setup a Server 2019 VM (1.5GB Dynamic RAM, 2 Allocated Cores, 36GB Drive space, 3GB NIC Team) and installed the NPS and RDS Gateway role onto it however I noticed that despite the NPS role adding the standard firewall rules for port 1813 and 1812 they do not seem to be working.

    I have confirmed that with an exception allowing port 1812…

    85 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    25 comments  ·  Firewall  ·  Flag idea as inappropriate…  ·  Admin →
  2. Fix DNS management console sorting bug

    Come on, after 8 years you have still not fixed this bug?
    https://social.technet.microsoft.com/Forums/windowsserver/en-US/f1b686ad-824f-4c16-a66c-f9470a2dfa6d/2008-dns-ip-address-sorting-issue
    And NO, this is neither MMC nor regional settings problem, since DHCP management console sorts the same (IP addresses) values CORRECTLY.
    And NO, exporting to Excel is NOT an option!
    Come on grow up and get serious, even in Srv 2K and 2K3 it worked like charm!

    79 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    13 comments  ·  DNS  ·  Flag idea as inappropriate…  ·  Admin →
  3. Bring load balancing to windows server!

    Many modern HTTP applications are deployed in enterprises with 3rd party load balancers running in layer 7 mode. I have yet to find a solution which runs on windows. NLB is often difficult to deploy because of incompatibilities with switches/hypervisors (some improvement with IGMP multicast), and does not operate in layer 7.

    IIS AAR can do layer 7 but does not do high availability without combining with NLB

    35 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Teaming & load balancing  ·  Flag idea as inappropriate…  ·  Admin →
  4. Improve DNS logging options

    Allow us to put a filter in to log for specific lookups. We should be able to specify a list of names, a list of domains. We will at times have a misbehaving client or piece of malware, or we have an old domain or host and we'd like to know what's still using it. Being able to create a targeted log for these types of situations would often come in handy. As it is, we end up needing to run a network capture on all our domain controllers. The ability to use a Powershell or dnscmd command to add…

    19 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  DNS  ·  Flag idea as inappropriate…  ·  Admin →
  5. DNS Manager should sort IP addresses numerically

    In DNS Manager the Data column treats everything as a string so it sorts alphabetically. Instead, it should be smarter and recognize different types of data and sort those numerically. Specifically, it should recognize IPv4 addresses and sort them numerically.

    We could go from:

    To:

    10.0.0.1
    10.0.0.2
    10.0.0.100
    10.0.0.101
    10.0.0.200
    10.0.0.201

    17 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Managment tools  ·  Flag idea as inappropriate…  ·  Admin →
  6. DNS recursion using wrong NS for delegated zone CNAME

    When Server 2016 DNS Server has a delgation within a primary zone, CNAME records in that delegation result in queries to the delgation's name servers, not forwarders / root hints.
    For example:

    Primary zone: one.example
    Delegation: foo.one.example, with nameserver ns.bar.com

    In that delegated zone, there exists a record:

    baz.foo.one.example IN CNAME other.two.example

    two.example's zone, hosted by ns.somethingelse.com, has a record:
    other.two.example IN A 1.2.3.4

    From a client pointed at the DNS server, query baz.foo.one.example.

    I would expect the server to query ns.bar.com for baz, receive a reply of other.two.example, and then query either two.example's nameserver, or use the default forwarders…

    16 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Bug  ·  Flag idea as inappropriate…  ·  Admin →
  7. reengineer the whole DHCP Server

    The MMC console based management of windows server is still unchanged since server 2003. These are the things that bother me:


    • Window size is not saved. have to maximize everytime the window is opened

    • Treemenu on the left is collapsed every time the window is opened

    • Menu window on the left is very narrow, have to extend it every time the window is opened

    • Cant edit IP address range exclutions (you have to delete and recreate every time)

    • Cant edit reservations IP address

    Following features would be great to have:


    • Right click on a client and copy MAC address (for…
    16 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  DHCP  ·  Flag idea as inappropriate…  ·  Admin →
  8. Include SNMPv2/v3 / 64bit counters to Windows Server 2016

    As we all know all Windows Servers from 2000 to 2012 R2 only support 32bit counters for SNMP. Because of this if you run diagnostics on high speed interfaces / virtual interfaces like 1GbE, 10GbE, 40GbE, 100GbE counters will go over it's 32bit value and reset, causing MRTG graphs and other SNMP monitoring utilities to report false values. So my idea is that microsoft implements 64bit counters in SNMP implementation and finally adds support for 64bit SNMP.
    My 7 year old 3com switch supports 64bit SNMP counters but the latest Windows 2012 R2 does not.

    MRTG: http://oss.oetiker.ch/mrtg/

    16 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  9. Give more control for NIC teaming

    In Active/Passive NIC teaming configuration, there could be more control for failback, that when active NIC fails and failover happens, the team did not failback to previously (default) active NIC for specified amount of time.

    12 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Teaming & load balancing  ·  Flag idea as inappropriate…  ·  Admin →
  10. Provide VLAN extension - L2 over L3 tunneling

    A feature (for Windows Server Gateway) that allows tunneling Layer 2 over Layer 3 so to easily extend existing VLANs across Layer 3. This would allow tenants to easily move workloads between clouds without re-IPing.

    11 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Layer 2 & Ethernet  ·  Flag idea as inappropriate…  ·  Admin →
  11. Support for Layer 2 sharing between physical and NVGRE networks

    Not supporting Layer 2 network between physical and NVGRE networks is one of the blockers for Network Virtualization adoption.

    10 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Layer 2 & Ethernet  ·  Flag idea as inappropriate…  ·  Admin →
  12. Expose whether DNS Client Server Address assigned by DHCP or Static

    The Get-DNSClientServerAddress cmdlet does not provide information on whether or not the Server Addresses were assigned via DHCP or have been statically assigned.

    This is presumably because the information is not provided to WMI/CIM.

    This information is available by using NETSH, so it is available in the OS.

    This would allow some problems in the xDNSServerAddress resource in the xNetworking DSC resource module (in the Resource Kit) to be solved.

    For more information about the problem and why it is causing problems, please see this issue in the xNetworking resource module: https://github.com/PowerShell/xNetworking/issues/164

    9 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Managment tools  ·  Flag idea as inappropriate…  ·  Admin →
  13. Automatic Sync DHCP Failover Relationships

    Without the need to deploy IPAM, offer an option to automatically sync DHCP failover relationships to keep the servers databases in sync. Thru the actions of admins, several events are executed and logged. It would be great to somehow trigger off the various events a synchronization rather than a manual effort as it is today.

    9 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  DHCP  ·  Flag idea as inappropriate…  ·  Admin →
  14. 9 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Layer 2 & Ethernet  ·  Flag idea as inappropriate…  ·  Admin →
  15. Broke RRAS

    At the moment PPPoE is broken in Windows Server 2016 over RRAS.
    It would be great if this could be solved.
    Till yet we're using Windows Server 2012. But we would like to upgrade but can't 'cause RRAS is broken.

    8 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    10 comments  ·  Misc  ·  Flag idea as inappropriate…  ·  Admin →
  16. DirectAccess documentation

    Comparing the documentation of DirectAccess for 2012 with other products, even DirectAccess 2008, I see that it lacks some in-depth insights that an Admin needs to be able to deploy and manage the component effectively.
    for example, I could not find a TechNet article describing in details, what happens from start to finish when a resource is being accessed through direct access:
    1. how is the NAT64 working? how does NAT64 translates address and which IPv4 address translates to which IPv6 and vice-versa? how does the component come up with those connection security rules in GPOs based on admin input…

    8 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Misc  ·  Flag idea as inappropriate…  ·  Admin →
  17. Rogue DHCP server detection

    New feature, that allow to check on subnet if any other DHCP server is responsing to client and make event in server manager.

    8 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  DHCP  ·  Flag idea as inappropriate…  ·  Admin →
  18. Hyper-V: Add ICMP to Stateful ACL rules

    Currently you cannot add stateful ACL rules (on a Hyper-V Virtual Switch) on the ICMP protocol.

    This leaves you to either open ICMP to everyone or close ICMP to everyone including the VM itself.

    Neither is secure or practical for such an important and basic functionality (ping).

    Doc: https://docs.microsoft.com/en-us/windows-server/virtualization/hyper-v-virtual-switch/create-security-policies-with-extended-port-access-control-lists#bkmk_stateful

    So the request is simple: Create the functionality to create ICMP stateful rules.

    7 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Firewall  ·  Flag idea as inappropriate…  ·  Admin →
  19. Windows Firewall does not always display the correct default Main Mode IPsec policy

    Bug:

    The Windows Firewall snap-in does not always show the default Main Mode IPsec policy, it shows whatever MM policy was last created or assigned.

    Expected Behavior:

    Even if there are multiple Main Mode policies (called Main Mode Crypto Sets internally), the policy with the name of '{E5A5D32A-4BCE-4e4d-B07F-4AB1BA7E5FE1}' should always be displayed as the default in the GUI because it is the default used by Windows for IPsec.

    Steps to Reproduce:

    *In the Windows Firewall snap-in you can see the current default IPsec Main Mode proposal set by going to Properties of the Windows Firewall > IPsec Settings tab >…

    7 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Firewall  ·  Flag idea as inappropriate…  ·  Admin →
  20. DNS: Application high availability

    Hello,

    On your site "What's new in DNS Server in Windows Server 2016" is written that there will be a new feature called "DNS Policies", which can be used for "Application high availability". But i can't find this feature, which allows me to redirect clients to the healthiest endpoint like a failover-cluster. I'm not looking for a loadbalancer.

    Other People are looking too for this Feature and some documentation, when will it be available?

    This feature would be great for applications like ADFS and so on.

    "What's New" https://technet.microsoft.com/en-us/windows-server-docs/networking/dns/what-s-new-in-dns-server
    Other person: https://social.technet.microsoft.com/Forums/office/en-US/84d3b0de-e427-4987-b498-6b053851e2dc/dns-policies-application-high-availability?forum=WinServerPreview

    7 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  DNS  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4
  • Don't see your idea?

Feedback and Knowledge Base