Tip of the Day: The Always ON VPN Deployment Guide is Now Live

Today’s Tip… The Always On VPN Deployment Guide is now live on the web, in the new Virtual Private Networking (VPN) section of the Windows Server 2016 Technical Library: Remote Access Always On VPN Deployment Guide for Windows Server 2016 and Windows 10


Tip of the Day: Configuring VPN Profiles using the SCCM/WMI Bridge – Part 4

Today’s Tip… In today’s tip we will finish the VPN script, considerations include: Providing the Profile name Providing the ParentID for the ProfileXML property Providing the escaped formatted profile XML Making sure all this executes properly at runtime Adding the Profile Name The profile name is set by the value of MDM_VPNv2_01’s InstanceID property.  This…


Tip of the Day: Configure VPN Profiles using the SCCM/WMI Bridge – Part 3

Today’s Tip… Today’s tip continues the series on deploying VPN Connection Profiles using PowerShell with a look the new ProfileXML URI node (./Vendor/MSFT/VPNv2/ProfileName/ProfileXML) added to the VPNv2CSP in the Windows 10 v1607 Anniversary update.  This node allows the configuration of all fields of a connection profile in a single operation by marking an XML configuration…


Tip of the Day: Configure VPN Profiles using the SCCM/WMI Bridge – Part 2

Today’s Tip… This week’s exciting tip series examines what you need to know to successfully configure Windows 10 VPN client settings using PowerShell scripts. Before proceeding, let’s take a moment to reflect. Tip #1 looked at Windows 10’s device configuration architecture, the foundation of which is provided by the ‘MDM stack’ MDM configuration service providers,…


Tip of the Day: Configure VPN Profiles using the SCCM/WMI Bridge – Part 1

Today’s Tip… There are a number of ways to create a VPN profile on Windows 10 Anniversary v1607. In this week’s tips we discuss what you need to know to deploy connection profiles using PowerShell, WMI, and the SCCM/WMI (aka WMI-to-CSP) Bridge.   The VPNv2CSP sits on top of what is known as the MDM stack….


Tip of the Day: Microsoft Intune Windows 10 Desktop VPN Template Updated

Today’s Tip… The Microsoft Intune Policy used for deploying VPN connection profiles received a facelift recently.  The change included support for previously missing Inbox client connection methods. Automatic IKEv2 L2TP PPTP Figure: Intune VPN Policy Connection Types Prior to this update, the policy only offered configuration options for the third-party plugins also shown in the…


Tip of the Day: The VPN CSP – What else is new for the Anniversary Edition 2

Today’s Tip… What?  Did you think named-based triggers and crypto-suite configuration was all? Additional VPNv2 CSP capabilities released just in time for the Anniversary Edition include: Deploy connection profiles using ProfileXML files Configure a pre-shared key for L2TP VPN profiles Enable the VPN Device Compliance option (requires cloud-based Conditional Access Platform services) Provision VPN Profile…


Tip of the Day: The VPN CSP – What else is new for the Anniversary Edition

Today’s Tip… Answer: The ability to specify crypto setting for IPsec VPN tunnel configurations, that’s what! The Details Another of the improvements to the VPNv2 Configuration Service Provider introduced in build 1607 includes the CryptographySuite URI node.  This node can be used to fine tune the crypto settings used by an IPsec VPN connection profile. …


Tip of the Day: Name-Based Connection Triggers for VPN

Today’s Tip… New Windows 10 Anniversary Edition VPN features include the ability to configure a connection profile to connect automatically if an enterprise location is accessed.  To properly detect enterprise locations, admins must set the appropriate Suffixes and FQDN’s which should trigger the VPN. This information is added to the NRPT table, configurable through the…