Information
This policy setting specifies whether the local IP address will be exposed by WebRTC.
The recommended state for this setting is Enabled: Allow public interface over http default route. This doesn't expose the local IP address.
Rationale:
Allowing the exposure of IP addresses allows attacker to gather information on the internal network that could potentially be utilized to breach and traverse the network.
Impact:
The local IP address will not be exposed.
Solution
To establish the recommended configuration via GP, set the following UI path to Enabled: Allow public interface over http default route. This doesn't expose the local IP address
Computer Configuration\Policies\Administrative Templates\Microsoft Edge\Restrict exposure of local IP address by WebRTC
Note: This Group Policy path may not exist by default. It is provided by the Group Policy template MSEdge.admx/adml that can be downloaded from Microsoft here.
Default Value:
Disabled - WebRTC exposes the local IP address.