Conditional access for vpn

Nbkst7b · December 24, 2018, 7:37am

Hello Team,

I wanted to understand how can we put a conditional access for VPN access in Intune.

Currently in my organisation we can access VPN directly through pulse secure app. User just need to be part of a group and then they install Pulse Secure App. enter the details and then they are able to setup the connection.

What i am looking is to make sure that user has to go through Intune, In order to access VPN.

I have created Profile and Policy for VPN but as the this access is through DL. user is able to skip Intune Enrollment.

How Do i make it mandate to go through Intune. Even user how has this application on phone should be promoted to install Intune.

nicolas · December 24, 2018, 7:59am

Hi,

Install Airwatch or MobileIron
No jokes, is it possible to call an API in Pulse?

I think you should be able to call the Graph API for this but it requires most likely some scripting skills.

Also another way is to deploy a certificate through InTune and trust only this certificate for mobile devices connection. Although this doesn’t offer proper way to validate that the device is registered. Only a way to make sure a certificate is present on the device. Then you have to make sure no one can access to this certificate without being enrolled and compliant.

Nicolas

Nbkst7b · December 24, 2018, 12:19pm

is there any way i can deploy App protection policy or App configuration or protection policy ?

daniil_michine · January 14, 2019, 1:00am

You may need to explain your issue in more detail.

You can deploy app protection policies by creating App Protection Policies in the Intune console for supported application and deploying them to a group of users.

App configuration is only supported for MDM managed devices.