Azure VPN Profile -Auto Connect

Veera Ragavan 51 Reputation points
2023-07-24T08:24:27.8366667+00:00

Dear Experts,

We would like to take an Advice from you Please.

Looking for Ideas, Inputs to make the "Uninterrupted VPN Connection" to the End users

Environment Background, as follows

  1. Operating System : Windows 10
  2. Domain Type : AAD Domain Joined
  3. Domain Name : ABC.Local
  4. VPN : Azure VPN Gateway
  5. VPN Profile Deployment: Intune
  6. VPN Application : Microsoft Azure VPN
  7. VPN Profiles - Based on the Region (EMEA, Japan, APAC, etc.,) - Let us assume that name of the VPN as VPN_Profile-1
  8. A New VPN Profile is created with Name as VPN_Profile-2-GLOBAL

Currently we have VPN Profiles per Region based on the Group Tagging for the Devices. With help of Trusted Network Domain, users can do auto connect with VPN if they are not in the Intranet (Local DNS - Which is called ABC.Local)

With help of Intune, the Devices reports to AAD get the Device Configuration Policy and the VPN Profile supports to Connect to Intranet using Azure VPN

Requirement:

  1. We Would like to Off Board the VPN_Profile1 and On Board VPN_Profile2-Global
  2. We would like to perform the Off boarding (Old) and On Boarding new VPN Profile with no user interruptions
  3. Is that Possible that, Off Boarding : Removing the Deployment, & On Boarding: Target the Deployment

We also Validated the Line No:3, by adding or removing the Target - Which is not supporting. Any ideas from you to make it happen with no user interruptions. Thank you in Advance

Azure VPN Gateway
Azure VPN Gateway
An Azure service that enables the connection of on-premises networks to Azure through site-to-site virtual private networks.
1,640 questions
Microsoft Intune
Microsoft Intune
A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.
5,552 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Limitless Technology 44,526 Reputation points
    2023-07-24T14:56:25.9233333+00:00

    Hello Veera,

    Thank you for your question and for reaching out with your question today.

    To achieve a seamless transition from the old VPN profile to the new VPN profile with no user interruptions, you can follow these steps:

    1. Prepare the New VPN Profile: Ensure that the new VPN profile (VPN_Profile2-Global) is properly configured and tested. Make sure it works as expected before proceeding further.
    2. Communication and Schedule: Communicate the upcoming changes to the end-users in advance. Let them know about the transition from the old VPN profile to the new one. Schedule the change during a time when user impact is minimal, such as during non-business hours or when the number of active users is low.
    3. Create a Custom Script: Use PowerShell or any other scripting language to remove the old VPN profile and install the new one. You can also leverage the Intune PowerShell scripts capabilities. This script should be designed to run silently in the background without requiring user interaction.
    4. Device Configuration Policy: Create a new device configuration policy in Intune that includes the custom script you created in Step 3. Assign this policy to the targeted devices that need to switch to the new VPN profile.
    5. Deployment Rings: If you have a large number of devices, consider creating deployment rings. Start with a small pilot group to test the deployment and ensure everything works as expected. Gradually expand the deployment to larger groups until all devices are updated.
    6. Monitoring and Rollback Plan: Monitor the deployment progress to ensure it is successful. Have a rollback plan in place in case any issues arise during the deployment.
    7. Follow-Up and Support: After the deployment, provide support to users who might experience any issues with the new VPN profile. Address their concerns promptly and ensure that the new VPN profile is working as expected for everyone.

    Remember that each organization's environment and requirements may vary, so it's essential to thoroughly test the deployment process and have a comprehensive plan in place to ensure a smooth transition. It's also a good idea to involve your IT support team to assist users and handle any unexpected issues during the transition.

    I used AI provided by ChatGPT to formulate part of this response. I have verified that the information is accurate before sharing it with you.

    If the reply was helpful, please don’t forget to upvote or accept as answer.

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.