
close
close
Upcoming FREE Conference on Identity Management and Privileged Access Management
Deploying virtual private network (VPN) profiles to Windows has never been easy. And using Intune wasn’t always a walk in the park either. And while VPN profiles could be easier to implement, what we have in Intune today is relatively simple compared to using Group Policy and the Connection Manager Administration Kit (CMAK).
In this article, I’m going to deploy a PPTP VPN to Windows 10, but you can use the instructions to deploy other types of VPN. Intune supports several different protocols with the built-in Windows 10 VPN client, including IKEv2, L2TP and SSL. L2TP, SSL, and PPTP require the use of the Extensible Authentication Protocol (EAP). IKEv2 VPNs require use of EAP or machine certificates. It’s also worth noting that there’s no support for VPN configurations that use pre-shared keys (PSK) and any client certificates must be deployed independently of the VPN configuration.
Intune also caters for a range of third-party VPN solutions, including Pulse Secure, F5 Access, SonicWall Mobile Connect, Check Point Capsule VPN, Citrix, and Palo Alto Networks GlobalProtect. If using a third-party VPN solution, you need to make sure that the VPN app is installed on devices. Apps can be installed with Intune, but it is out-of-scope for this article.
Intune requires an EAP XML configuration, so you’ll need to set up a VPN connection manually in Windows 10 before you can export its EAP XML configuration. The Windows 10 Settings app lets you manually set up a VPN, but it doesn’t provide access to advance configuration features. Nevertheless, you can start by setting up your VPN manually in the Settings app and then complete the configuration using the legacy Control Panel; or complete the whole process in the Control Panel.
How to Configure a Windows 10 VPN Profile Using Microsoft Intune (Image Credit: Russell Smith)
Once the VPN is set up, you can use PowerShell to export the EAP configuration.
$a = Get-VpnConnection -Name “Petri VPN”
$a.EapConfigXmlStream.InnerXml
How to Configure a Windows 10 VPN Profile Using Microsoft Intune (Image Credit: Russell Smith)
You now have everything you need to configure the VPN profile in Intune.
How to Configure a Windows 10 VPN Profile Using Microsoft Intune (Image Credit: Russell Smith)
Now that you have a VPN profile setup in Intune, you need to assign it to users and/or devices.
How to Configure a Windows 10 VPN Profile Using Microsoft Intune (Image Credit: Russell Smith)
Now all you need to do is log in to a device managed by Intune and that is in scope of the assignment, and you should see the new VPN profile provisioned. You can check the profile was deployed by clicking on the network icon in the system tray at the far right of the taskbar. The VPN profile should appear in the list of networks.
How to Configure a Windows 10 VPN Profile Using Microsoft Intune (Image Credit: Russell Smith)
In an upcoming article, I will show you how to deploy certificates to Windows 10 using Intune.
More in Windows 10
Microsoft Releases PowerShell Scripts to Fix WinRE BitLocker Flaw on Windows 11 and 10
Mar 17, 2023 | Rabia Noureen
March Patch Tuesday Updates Bring New Windows 11 Features and Fixes for 74 Vulnerabilities
Mar 14, 2023 | Laurent Giret
Microsoft Removes Edition Checks for AppLocker Deployment on Windows 10 and 11
Mar 13, 2023 | Rabia Noureen
Windows Update for Business Reports Now Help IT Admins Monitor Bandwidth Usage
Mar 9, 2023 | Rabia Noureen
Microsoft Defender App Starts Force Installing on Windows 10 and 11 PCs
Feb 28, 2023 | Rabia Noureen
Most popular on petri