dyhkwong
commented
3 weeks ago Does #8 help? If you can make permanent changes via powershell it is probably unnecessary? This is also configurable in secpol.msc.
Open Azuriye opened 1 month ago
dyhkwong
commented
3 weeks ago Does #8 help? If you can make permanent changes via powershell it is probably unnecessary? This is also configurable in secpol.msc.
In Windows 11, when starting sing-box with tun adapter it creates tun adapter and gets assigned automatically to Public firewall network making my LAN services (like SSH) unreachable unless I set OpenSSH to Public and Private firewall network. Screenshot below shows tun0 assigned to Public firewall network.
OpenSSH firewall default rule is to open up only for Private network unless I set it to Public network in which I can now access my SSH server
The issue is similar to this reddit thread: https://www.reddit.com/r/WireGuard/comments/y8unbd/permanently_set_wireguard_to_private_network_on/
The fix was to run this powershell command
Set-NetConnectionProfile -InterfaceAlias 'tun0' -NetworkCategory 'Private'(tun0 being the interface name assigned by sing-box)After every reboot it seems to be properly assigned to Private firewall network but I am not sure if it will stay persistent after changing sing-box versions or Windows OS updates.
Could there be an option so that the user can choose between Domain/Private/Public firewall profiles to assign the tun driver to?