none
Bitlocker - Network Unlock with different subnet RRS feed

  • Question

  • Hey Guys,

    i have a problem with Bitlocker Network Unlock.

    My setup are 2 Server  (1 Domaincontroller (DHCP,DNS,AD,..) and 1 WDS Server) which are on the same subnet.

    Our Clients are on a different subnet...if i boot i get the pin request every time.

    But if i take the Client to the same subnet as the server it works fine.

    I added 66,67 dhcp options so i can boot to my wds server but i cant unlock the disk without PIN.

    Is there any dhcp option i have to add?

    Thanks for you help!

    Regards!


    • Edited by qLn.G Wednesday, September 21, 2016 9:44 AM
    Wednesday, September 21, 2016 9:44 AM

Answers

  • Hi qLn.G,

    According to my knowledge, the "Bitlocker Network unlock" feature is based on the DHCP and WDS PXE boot. This means they will only work in the same subnet. Considering the clients are on a different subnet, we should configure the router to forward the DHCP broadcast.
    Here is a link for reference of "Network Unlock" feature.
    BitLocker: How to enable Network Unlock
    https://technet.microsoft.com/en-us/library/jj574173(v=ws.11).aspx

    Best regards


    Please remember to mark the replies as an answers if they help and unmark them if they provide no help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com

    • Marked as answer by qLn.G Tuesday, September 27, 2016 6:11 AM
    Thursday, September 22, 2016 2:28 AM
    Moderator

All replies

  • Hi qLn.G,

    According to my knowledge, the "Bitlocker Network unlock" feature is based on the DHCP and WDS PXE boot. This means they will only work in the same subnet. Considering the clients are on a different subnet, we should configure the router to forward the DHCP broadcast.
    Here is a link for reference of "Network Unlock" feature.
    BitLocker: How to enable Network Unlock
    https://technet.microsoft.com/en-us/library/jj574173(v=ws.11).aspx

    Best regards


    Please remember to mark the replies as an answers if they help and unmark them if they provide no help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com

    • Marked as answer by qLn.G Tuesday, September 27, 2016 6:11 AM
    Thursday, September 22, 2016 2:28 AM
    Moderator
  • Hey thanks for your help!

    I configured the dhcp relay option.

    Do i need to enable the ip dhcp relay information option on my cisco router?

    Best Regards!

    Friday, September 23, 2016 8:40 AM
  • Hi qLn.G,

    I am not familiar with configuring the router. You could have a try. Ensure the machine could IP address from the domain dhcp and the wds package could be got by the client in another subnet.

    Best regards


    Please remember to mark the replies as an answers if they help and unmark them if they provide no help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com

    Monday, September 26, 2016 9:14 AM
    Moderator
  • Hi,

    thanks for your help!

    Now it works , i had to configure the ip adress helper on the gateway!

    Tuesday, September 27, 2016 6:10 AM