Internet access is blocked on 3rd party browsers on windows 10 devices that are applied with windows information protection (WIP) policies using intune

Since few weeks i was working on office 365 stuff including o365 applications teams ,onedrive and managing the mobile devices +windows (MDM/MAM) using intune.

while working on this ,i found that ,windows 10 devices that are applied with WIP policies ,internet is getting blocked (access denied) on 3rd party browsers like Google chrome,Firefox but it works fine on Edge, internet explorer browsers.

If you are trying to access internet on Firefox,chrome or any other browser (except IE or edge) ,you will hit the following error.

Internet Access is blocked


To know more about windows information protection ,read TechNet article

To use 3rd party browsers such as Chrome,Firefox , we need to define a Cloud Resource rule and pass through the /*AppCompat*/ variable. This is because when an unenlightened app like chrome,Firefox tries to connect to a cloud resource through an IP, Windows cant determine if it is a corporate location or a personal location, so the default behaviour for Windows is to block all connections. To resolve this you will need to simply add Cloud Resources like below, which defines the cloud resource locations you want to make as corporate.

To know more about how Unenlightened app, please read


How do you allow 3rd party browsers to access internet  (this is not protecting the data on the application but just to allow internet access )?

Login to

Go to intune app protection, click on App policy (intune app protection – app policy) ,click on the windows 10 compliance policy (you will notice windows on the platform)


On the windows 10 app protection policy ,click on Advanced settings –click on cloud resources


Add |/*AppCompat*/ in the value field and click ok. There is no sequence to add this value ,you can add it anywhere .

Once you add the value, make sure you have tick mark on the right-side to make sure the changes are valid.


Click save for advanced settings .

Now users who are using the windows 10 devices should be able to access internet using 3rd party browses.

Recommended reading

Hope it helps!

6 Responses to "Internet access is blocked on 3rd party browsers on windows 10 devices that are applied with windows information protection (WIP) policies using intune"

  1. Hi,

    I setup the WIP policy and 3rd party web browser are not blocked.
    I setup the Network perimeter according to the Microsoft document.
    And I haven' t setup the /*AppCompat*/ for the cloud resources.
    My experience is that I can still browse through Chrome and Firefox.

    Is the behavior changed or I have missed in my setup?


    1. Hi,
      To access intranet sites using chrome on external networks, you must publish them via app proxy and try to use the external facing URL . You also need to add the extension of the app proxy that you configured into WIP policy.



Leave a Reply