Azure P2S vpn on windows 10 Force to be always on

Andrew Berardi 0 Reputation points
2023-09-20T17:53:43.5366667+00:00

I have an Azure P2S vpn installed on an Windows 10 VM. I need the Azure P2S VPN to be always on. I need the VPN to be up before the user logs in so that the user can login with a domain Account. Is this possible and how can I do it?

Azure VPN Gateway
Azure VPN Gateway
An Azure service that enables the connection of on-premises networks to Azure through site-to-site virtual private networks.
1,528 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Dillon Silzer 57,406 Reputation points
    2023-09-20T19:59:23.7133333+00:00

    Hi Andrew,

    Try the following solution from a similar post (by Konstantinos Passadis):

    https://learn.microsoft.com/en-us/answers/questions/1264969/how-to-force-p2s-azure-vpn-to-be-always-on

    Enabling the <AlwaysOn>true</AlwaysOn> parameter in the VPN profile is intended to maintain a persistent connection between the VPN client and the VPN server. However, this parameter does not prevent the user from disconnecting the VPN manually. To prevent users from disconnecting the VPN manually, you can use the Always On VPN feature in Windows 10. Always On VPN is a Microsoft remote access technology that provides an always-on VPN connection that is automatically established when a user logs on to their device. To enable Always On VPN, you can use the following steps: Create a VPN profile using the VPNv2 CSP in Intune or another device management tool. Configure the VPN profile with the following settings:

    • <AlwaysOn>true</AlwaysOn> to enable always-on VPN
    • <NativeProfile><LockDown>true</LockDown></NativeProfile> to prevent the user from disabling the VPN manually
    • <NativeProfile><DisableClassBasedDefaultRoutes>true</DisableClassBasedDefaultRoutes></NativeProfile> to prevent traffic from being routed through the VPN when it is not connected. Assign the VPN profile to the appropriate device group in Intune or another device management tool. With Always On VPN enabled, the VPN connection will be established automatically when the user logs on to their device and will remain connected even if the user logs off. Additionally, the user will not be able to disable the VPN manually, ensuring that the VPN connection is always on when the device is connected to the Internet.

    If this is helpful please accept answer.


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.