We are still tracking an issue from Microsoft, whereby the Routing and Remote Access Service (RRAS) appears to be impacted by the June updates. After the June updates, some firms have reported that, if they are using RRAS and VPN connectivity, clients can no longer connect. One workaround is to temporarily disable the Network Address Translation (NAT) feature on RRAS servers to fix this problem until a proper update is released.
Microsoft fixed this (KB5014665) in the preview release for Windows Server 2022. It notes: “Addresses a known issue that prevents Windows servers that use the Routing and Remote Access Service (RRAS) from correctly directing internet traffic. Devices that connect to the server might not connect to the internet, and servers might lose connection to the internet after a client device connects to them.”
This fix will be included in the July updates.
If you are experiencing problems with Windows Management Instrumentation (WMI), you may need to disable the hardening via registry keys. You’ll then need to carefully evaluate your situation because Microsoft has made clear that, in less than a year (March 2023), disabling the DCOM hardening will no longer be an option.
To disable the hardening, configure this registry entry:
- Path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat
- Value Name: “RequireIntegrityActivationAuthenticationLevel”
- Type: dword
- Value Data: 0x00000000 (means disabled)
Important: We do not recommend uninstalling the updates to deal with this problem. Use the registry keys. Hopefully, the effects of DCOM hardening will ease before next March.
As always, let us know if we can be of assistance in troubleshooting or remediating any issues that may arise.