Policy
Route all traffic through the internal network
Windows 11 25H2
Policy overview
Key metadata and intent for this policy.
Supported OS tags: Windows10, Windows10RT, Windows11, Windows7, Windows8, Windows81, WindowsRT, WindowsRT81, WindowsServer2008, WindowsServer2012, WindowsServer2012R2, WindowsServer2016
This policy setting determines whether a remote client computer routes Internet traffic through the internal network or whether the client accesses the Internet directly. When a remote client computer connects to an internal network using DirectAccess, it can access the Internet in two ways: through the secure tunnel that DirectAccess establishes between the computer and the internal network, or directly through the local default gateway. If you enable this policy setting, all traffic between a remote client computer running DirectAccess and the Internet is routed through the internal network. If you disable this policy setting, traffic between remote client computers running DirectAccess and the Internet is not routed through the internal network. If you do not configure this policy setting, traffic between remote client computers running DirectAccess and the Internet is not routed through the internal network.
Registry values
How enabled and disabled states update the registry.
No explicit registry values are set for enabled or disabled states.
Policy elements
Inputs and configuration options exposed by this policy.
| Element | Type | Registry mapping | Constraints & behavior |
|---|---|---|---|
Select from the following states: ID StateSelect | enum | HKLM\Software\Policies\Microsoft\Windows\TCPIP\v6Transition\Force_Tunneling Type REG_SZ | Options: Enabled State (Enabled), Disabled State (Disabled) |
Other policies in this category
Explore related policies at the same level.
- UserAbility to change properties of an all user remote access connectionAt least Windows 2000 Service Pack 1
- UserAbility to delete all user remote access connectionsWindows Server 2003, Windows XP, and Windows 2000 only
- UserAbility to Enable/Disable a LAN connectionWindows Server 2003, Windows XP, and Windows 2000 only
- UserAbility to rename all user remote access connectionsWindows Server 2003, Windows XP, and Windows 2000 only
- UserAbility to rename LAN connectionsWindows Server 2003, Windows XP, and Windows 2000 only
- UserAbility to rename LAN connections or remote access connections available to all usersMicrosoft Windows Server 2003, Windows XP, and Windows 2000 Service Pack 1 operating systems only
- ComputerDo not show the "local access only" network iconAt least Windows Server 2008 R2 or Windows 7
- UserEnable Windows 2000 Network Connections settings for AdministratorsWindows Server 2003 and Windows XP only
- UserProhibit access to properties of a LAN connectionAt least Windows 2000 Service Pack 1
- UserProhibit access to properties of components of a LAN connectionMicrosoft Windows Server 2003, Windows XP, and Windows 2000 Service Pack 1 operating systems only
- UserProhibit access to properties of components of a remote access connectionMicrosoft Windows Server 2003, Windows XP, and Windows 2000 Service Pack 1 operating systems only
- UserProhibit access to the Advanced Settings item on the Advanced menuMicrosoft Windows Server 2003, Windows XP, and Windows 2000 Service Pack 1 operating systems only