HOWTO: Prevent deploying Windows over VPN

Doing Windows deployments over VPN is not a very good idea and it will work really bad. If you are using MDT to do Windows deployments you can easily prevent deploying Windows over VPN.

The easisest way is to modify the customsettings.ini to simply not install anything if the network card’s gateway is what we define as the VPN gateway. So lets look at the default customsettings.ini before we modify it.

[Settings]
Priority=Default

[Default]
OSInstall=Y
SkipCapture=NO
SkipAdminPassword=NO
...

Now let’s look at what we will do to modify it to fit our needs. We will add a check so that the first thing we do is to check if the machine is on a VPN connection and if so not install anything. In the example we have two default gateways defined.

[Settings]
Priority=DefaultGateway,Default

[DefaultGateway]
10.0.0.1=VPN
10.0.1.1=VPN

[VPN]
OSInstall=N

[Default]
OSInstall=Y
SkipCapture=NO
SkipAdminPassword=NO
...

Happy deploying (but not over VPN)!

Add a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.