For the longest time, my Ubuntu LTS 24.04 on my (now-forced-to-update-to) Windows 11 (replete with other networking horrors) was not working properly – I could only access the Internet from within the WSL2 container when Windows Firewall was disabled.

Despite shenanigans like attempting to whitelist a whole plethora of executables:

• C:\Windows\System32\vmcompute.exe
• C:\Windows\System32\vmms.exe
• C:\Windows\System32\vmwp.exe
• C:\Windows\System32\wsl.exe
• C:\Program Files\WSL\wsl.exe
• C:\Program Files\WSL\wslservice.exe

Even attempting to whitelist the usual services suspects via C:\Windows\System32\svchost.exe like the following:

• Host Network Service
• Internet Connection Sharing (ICS)

All were to no avail. I could resolve domain names, but no traffic went out unless the host’s Windows Firewall was disabled.

I could not even see any blocked traffic from the logs, despite having the correct set up (tip: just use WFC‘s logging interface).

Searching ChatGPT and Perplexity sent me on various wild-goose chases, from changing WSL networking modes (NAT vs. “mirrored” in %USERPROFILE%/.wslconfig), to setting up dubious firewall rules referencing InterfaceAlias using New-NetFirewallRule (but which actual interface UUIDs change every boot). Continue reading →