Solved

Intune VPN support for Hybrid Azure AD join

  • 3 November 2021
  • 2 replies
  • 19 views

Badge +3

Good afternoon all,

 

I've got a slight issue and I'm wondering if anyone here can help me with this, I'm looking to set up a VPN connection so I can create an online hybrid azure AD join from Microsoft Endpoint. I need direct visibility of our on-prem domain controllers

 

Now I guess the first question is, is this actually possible with the options Netskope has available? I can see the following options available within Endpoint IKEv2, PPTP and L2TP

 

All I'm looking for is a VPN tunnel which will only provide access to domain controllers over the internet during the build process. Can NetSkope facilitate this?

 

Thanks very much

RGE_Master

icon

Best answer by mkoyfman 3 November 2021, 17:48

View original

2 replies

Userlevel 4
Badge +14

@RGE_Master Yes, you can define access to Active Directory using Private Access according to this guide: https://docs.netskope.com/en/netskope-private-access-for-microsoft-active-directory-domain-services.html

 

You will need to setup client installation/distribution as an app - while I don't have we have Intune-specific instructions, you can look at SCCM-based instructions for reference: https://docs.netskope.com/en/deploy-netskope-client-with-sccm.html

 

But in short, Netskope does not use traditional VPN frameworks built into Windows, you have to deploy Netskope client using Intune.  Also, depending on your circumstances, it will require usage of Windows Pre-Login NPA tunnel which is currently under development. 

Badge +3

Good morning mkoyfman,

 

That's fantastic thank you for the documentation, I'll have a read of that today coupled with the SCCM configuration and see if I can make it work with our configuration. 

 

This is a great start to something I had no idea where to begin so thanks very much.

 

Be safe

 

Reply