Intune VPN xml not working for EAP with username/password.

Ben 1 Reputation point
2022-10-01T15:17:19.683+00:00

I'm trying to roll out VPN settings with EAP with username/password.

I have set the following for the EAP XML:- 

<EapHostConfig xmlns="http://www.microsoft.com/provisioning/EapHostConfig">  
    <EapMethod>  
        <Type xmlns="http://www.microsoft.com/provisioning/EapCommon">26</Type>  
        <VendorId xmlns="http://www.microsoft.com/provisioning/EapCommon">0</VendorId>  
        <VendorType xmlns="http://www.microsoft.com/provisioning/EapCommon">0</VendorType>  
        <AuthorId xmlns="http://www.microsoft.com/provisioning/EapCommon">0</AuthorId>  
    </EapMethod>  
    <Config xmlns="http://www.microsoft.com/provisioning/EapHostConfig">  
        <Eap xmlns="http://www.microsoft.com/provisioning/BaseEapConnectionPropertiesV1">  
            <Type>26</Type>  
            <EapType xmlns="http://www.microsoft.com/provisioning/MsChapV2ConnectionPropertiesV1">  
                <UseWinLogonCredentials>true</UseWinLogonCredentials>  
            </EapType>  
        </Eap>  
    </Config>  
</EapHostConfig>

This is the desired config

246647-image.png

But what is deployed is:-

246672-image.png

Which does not work. The question is, why isn't the XML taking effect?

Windows 10 Network
Windows 10 Network
Windows 10: A Microsoft operating system that runs on personal computers and tablets.Network: A group of devices that communicate either wirelessly or via a physical connection.
2,274 questions
Microsoft Intune Configuration
Microsoft Intune Configuration
Microsoft Intune: A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.Configuration: The process of arranging or setting up computer systems, hardware, or software.
1,729 questions
Microsoft Intune
Microsoft Intune
A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.
4,375 questions

3 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Jarvis Sun-MSFT 10,091 Reputation points Microsoft Vendor
    2022-10-03T07:25:52.15+00:00

    Hi @Ben Thanks for posting our Q&A.

    To clarify the issue, please check the profile assignment status in the Overview tab to see if there are any findings. Please refer to:
    https://learn.microsoft.com/en-us/mem/intune/configuration/device-profile-monitor

    I'm not an XML expert, not sure if there's a problem with your XML format. And here is the official documentation detailing how to get the wanted EAP XML, please follow the steps to try it:
    https://learn.microsoft.com/en-us/windows/client-management/mdm/eap-configuration
    Hope my information can help.

    If the response is helpful, please click "Accept Answer" and upvote it.
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    0 comments
  2. Limitless Technology 39,376 Reputation points
    2022-10-04T08:25:09.88+00:00

    Hi,

    Thank you for posting your query.

    Kindly check the details below to answer your query.

    VPN profiles for a device tunnel are supported for Windows 10/11 Enterprise multi-session remote desktops.

    If you use certificate-based authentication for your VPN profile, then deploy the VPN profile, certificate profile, and trusted root profile to the same groups. This step makes sure that each device can recognize the legitimacy of your certificate authority. For more information, see How to configure certificates with Microsoft Intune.

    User enrollment for iOS/iPadOS and macOS only support per-app VPN.

    You can use Intune custom configuration policies to create VPN profiles for the following platforms:

    Android 4 and later
    Enrolled devices that run Windows 8.1 and later
    Enrolled devices that run Windows 10/11
    Windows Holographic for Business

    Go to this link for your reference https://learn.microsoft.com/en-us/mem/intune/configuration/vpn-settings-configure

    --------------------------------------------------------------------------------------------------------------------------------------------------------

    If the answer is helpful kindly click "Accept as Answer" and upvote it. Thanks.

    0 comments
  3. Ben 1 Reputation point
    2022-10-12T07:48:18.023+00:00

    It did not work, so deployed with powershell

    0 comments