Always On VPN NPS and PEAP Vulnerabilities
The February 2023 security updates for Windows Server address multiple vulnerabilities that affect Microsoft Always On VPN administrators. This latest update addresses multiple critical and important...
View ArticleAlways On VPN Ask Me Anything (AMA) March 2023
It’s that time again! Have questions about Always On VPN? Are you having a specific issue you can’t figure out? Need information about configuration options? Here’s your chance to get your questions...
View ArticleAlways On VPN Ask Me Anything (AMA) June 2023
It’s that time again! Have questions about Always On VPN? Are you having a specific issue you can’t figure out? Need information about configuration options? Here’s your chance to get your questions...
View ArticleAlways On VPN and the PSPKI PowerShell Module
Certificates are a crucial part of a secure Always On VPN implementation. Certificates are phishing-resistant forms of authentication that, when configured correctly, provide robust and multifactor...
View ArticleAzure Conditional Access Certificates with SID Information Now Available
I recently wrote about changes to certificate-based authentication affecting Always On VPN implementations. These changes were introduced by Microsoft’s security update KB5014754. When the update is...
View ArticleAlways On VPN November 2023 Security Updates
Microsoft has released its security updates for November 2023. For Always On VPN administrators, it’s a light month, with just a single CVE affecting Always On VPN infrastructure. PEAP CVE-2023-36028...
View ArticleConsiderations for Always On VPN with Azure VPN Gateway and Virtual WAN
Organizations migrating on-premises applications, data, and infrastructure to the cloud may also consider terminating Always On VPN connections there. Using one of the native Azure VPN services might...
View ArticleAlways On VPN and NPS AD Registration
Windows Server Network Policy and Access Services (NPAS, more commonly called NPS) is a popular solution used in Always On VPN deployments to support Active Directory authentication for user-based VPN...
View ArticleAlways On VPN Static IP Address Assignment
A question that occasionally arises when I’m conducting an Always On VPN planning and design workshop for a customer is static IP address assignment options for VPN connections. Typically, the use case...
View ArticleMicrosoft Intune Cloud PKI
Recently, Microsoft introduced the general availability of its new PKI-as-a-service solution called Microsoft Intune Cloud PKI. Cloud PKI allows administrators to issue and manage user and device...
View Article
More Pages to Explore .....