Update Azure VM configuration to install Windows Roaming Client
Deploy the DNSFilter Windows Roaming Client as part of your Azure VM setup with just a few configuration updates. See our supported operating system's guide for details on virtual machine support for Classic DNS Filtering vs DNS PreCheck connection modes.
We recommend consulting Microsoft's documentation for Azure VM process details.
✍️ Check your Azure VM policies for any automation that could remove a Gateway for any reason. If these configuration steps fail during setup or randomly go offline, our customers have found resolution by examining policy defaults and adjusting as needed.
In order to add the Windows agent to your Azure VM environment you'll need to:
- Add a dedicated network interface (NIC) with internet access for the agent, leaving the pre-existing NIC for Azure/Remote Desktop Protocol (RDP) access
-
Configure the two NIC's priority order to prevent DNS leaks
- Windows Roaming Client NIC as the default gateway (1st priority)
- Rename the RDP NIC to main. While installing the Windows agent you'll add a command to ignore this NIC by using this new name
- Install the Windows Roaming Client and Stop the agent immediately. If you miss stopping the agent before RDP connectivity stops, see the recovery methods below to fix the issue
- Configure the agent to ignore the RDP NIC (main) as a VPN
- From Powershell or the VM's Registry, add main to IgnoreVPNInterfacesNames
You can now restart the Roaming Client service and the VM setup is complete.
🚨 Recovery Methods
If Windows Roaming Client is running and has removed the RDP/Azure VM connection, use Azure Serial Console to stop the agent's Windows service from command prompt.
-
With the new DNSFilter PreCheck, are AVDs now supported for install without these steps since it's transparent proxy?
0 -
Hi Dan Levy , thanks for reaching out! The main issue fixed by this article is the Roaming Client's desire to set DNS on the primary adapter (which VM's don't care for 😉) so in theory DNS PreCheck should work great in this scenario.
As always we recommend testing before a full rollout, and let us know how it goes!
0 -
Hi, checking in to see if this has been officially confirmed as compatible/supported with AVDs.
0 -
Hey Dan, thanks for following up! Our Support Engineers tested PreCheck in this scenario, and unfortunately the behaviors outlined in the OS compatibility guide still apply even in PreCheck mode—so the configuration steps in this article remain necessary for AVD deployments.
Sorry we couldn't bring better news on that one! 🙏
0 -
We recently did some testing with Microsoft Cloud PC and I assumed that with the new DNS Pre-Check, the roaming agent wouldn't be an issue, but the VM went offline shortly after installing. DNS resolution stopped working and then the VM went completely offline. Tried rebooting but was unable to connect to the VM.
We had to reprovision the VM and disable automatic installation of the DNSFilter agent in NinjaRMM.
This isn't AVD but similar. Microsoft Cloud PC doesn't allow for adding additional NICs or making changes to the VM like AVD does.0 -
Thanks so much for taking the time to test this and document what you found, Skyler Kincaid—this aligns with what our internal testing showed as well.
We appreciate you sharing the details—it's genuinely helpful for others who might land here with a similar setup.
0
Please sign in to leave a comment.
Comments
6 comments