This article describes steps one can take to turn on or off networking from the host into the Sandbox in Windows 11.
When you turn on Sandbox in Windows 11, you enable a lightweight, isolated desktop environment to safely run applications. The sandbox environment is completely isolated and remains “sandboxed” and runs separately from the host machine.
By default, networking is disabled in the Windows sandboxed environment to decrease the attack surface exposed by the sandbox. If you need the sandboxed environment to access external networks, you will need to allow networking to the Windows sandbox.
This is done by creating a virtual switch on the host, and connecting the Windows Sandbox to it via a virtual NIC.
Below is how to do that in Windows 11.
How to turn on or off networking with sandbox in Windows 11
As described above, by default, networking is disabled in the Windows sandboxed environment to decrease the attack surface exposed by the sandbox.
You will not be able to access external networks, including the internet if you don’t allow networking.
Below is how to do that.
First, open Local Group Policy Editor by clicking on the Start Menu and searching for Edit group policy as highlighted below.
Under Best match, select Edit group policy to launch Local Group Policy Editor.
In the left pane of Local Group Policy Editor, expand the tree:
Computer Configuration > Administrative Templates > Windows Components > Windows Sandbox
In the Windows Sandbox details pane on the right, locate and double-click the setting that says “Allow networking in Windows Sandbox“.
On the Allow networking in Windows Sandbox window, set the option to Not Configure, Enabled, or Disabled.
- Not Configured (default)
- Enabled – Virtual switch is created to allow networking to the Windows sandbox.
- Disabled – Networking is disabled in the Windows sandbox
Enable or disable printer sharing with sandbox via Windows Registry
If you can’t open the Local Group Policy Editor, you can use the Windows Registry instead.
Open the Windows Registry, and navigate to the folder key path as listed below.
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Sandbox
If you don’t see the Sandbox folder key, simply right-click on the Windows key, then create a subfolder key called Sandbox.
On the right pane of the Sandbox folder key, right-click and select New -> DWORD (32-bit) Value. Type a new key named AllowNetworking.
Double-click the new key and enter the Value data as 1 to enable networking between the host and the sandbox environment.
A 0-value data or simply deleting the key will disable networking between the host and the sandbox environment.
That should do it!
Reference:
https://learn.microsoft.com/en-us/windows/security/threat-protection/windows-sandbox/windows-sandbox-overview
Conclusion:
This post showed you how to enable networking between the host and sandbox environment in Windows 11. If you find any error above or have something to add, please use the comment form below.