In cases where the VPN causes this issue, we have found an issue in Windows code (113100710844135), the fix is out http://support.microsoft.com/kb/2964643 we have verified that Palo Alto Networks Global Protect Client, and Juniper VPN work with this fix.
Office now does not require internet connection to check out files, this update resolves the issue https://support.microsoft.com/en-us/kb/3101360.
Customers are using third party VPN solutions on Windows 7. If customers migrate to Office 2013 from an older version of Office, they may experience functionality loss in Office when connected via VPN. Office 2013 took a dependency on NLA (Network Location Awareness), and some VPN solutions do not work properly with NLA. Specifically, if the VPN software does not define a default gateway. In this case, NLA will always report that the client is not connected to the internet. This impacts Office2013 since it depends on internet connectivity for some functions. For example, there is no help file on the machine,and all help is on the internet. If a customer presses F1 in an Office 2013 application, they will always get an error that says they are not connected to the internet while connected via VPN.
**I will update this blog post as more information becomes available.
Users without full internet access may not be able to check in files from the Office 2013 client, even though there is good connection between the Office client and the SharePoint server.
There was a design change between Office 2010 and 2013, where 2013 now requires an internet connection for some activities. Some customers have already complained about this issue and the product group has been informed of the design limitations. (but no hotfix is currently in the works, a hotfix may not be possible this looks to be a big change)
The root of the issue seems to be that Office 2013 has a dependency on NLA (Network Location Awareness). NLA uses probes to determine if the network connection has “Internet Access”. The way that is does this is 2 ways.
1. It does a DNS probe for dns.msftncsi.com. It expects a specific response. The response must be 22.214.171.124. If it is, then that is the correct DNS probe.
2. It attempts to connect to http://www.msftncsi.com and attempts to retrieve the file ncsi.txt. Inside the file the text must be “Microsoft NCSI”.
If both of the above conditions are met, then the connection is marked as having internet connectivity, if not the connection is marked has having no internet connectivity and some Office features will not work.
It is possible to setup a local NCIS server (Network Connection Status Indicator) on your LAN that will respond to the Office Clients requests and allow the Office feature to work.
See posts below for related information and directions: