Quantcast
Channel: authentication – Richard M. Hicks Consulting, Inc.
Browsing all 34 articles
Browse latest View live

Always On VPN and Network Policy Server (NPS) Load Balancing

Load balancing Windows Server Network Policy Servers (NPS) is straightforward in most deployment scenarios. Most VPN servers, including Windows Server Routing and Remote Access Service (RRAS) servers...

View Article



Always On VPN and IKEv2 Fragmentation

The IKEv2 protocol is a popular choice when designing an Always On VPN solution. When configured correctly it provides the best security compared to other protocols. The protocol is not without some...

View Article

Denying Access to Always On VPN Users or Computers

Once Windows 10 Always On VPN has been deployed in production, it may be necessary at some point for administrators to deny access to individual users or computers. Commonly this occurs when an...

View Article

Always On VPN and Azure MFA ESTS Token Error

Configuring Multifactor Authentication (MFA) is an excellent way to ensure the highest level of assurance for Always On VPN users. Azure MFA is widely deployed and commonly integrated with Windows...

View Article

Renew DirectAccess Self-Signed Certificates

Important! Updated July 15, 2019 to support all versions of Windows Server including Windows Server 2012 and 2012 R2. Also added functionality to renew self-signed certificates individually. When...

View Article


Always On VPN Clients Prompted for Authentication when Accessing Internal...

When deploying Windows 10 Always On VPN using Protected Extensible Authentication Protocol (PEAP) with client authentication certificates, the administrator may encounter a scenario in which the user...

View Article

Always On VPN Users Prompted for Certificate

When deploying Windows 10 Always On VPN using Protected Extensible Authentication Protocol (PEAP) authentication with client certificates, administrators may find the VPN connection does not establish...

View Article

Always On VPN Device Tunnel and Certificate Revocation

Recently I wrote about denying access to Windows 10 Always On VPN users or computers. In that post I provided specific guidance for denying access to computers configured with the device tunnel. To...

View Article


Microsoft Intune NDES Connector Setup Wizard Ended Prematurely

A Windows Server with the Network Device Enrollment Service (NDES) role can be provisioned on-premises to support certificate deployment for non-domain Windows 10 Always On VPN clients. In addition,...

View Article


Microsoft Intune NDES Connector Error 0x80004003

To support certificate deployment for non-domain Windows 10 Always On VPN clients, a Windows Server with the Network Device Enrollment Service (NDES) role can be provisioned on-premises. In addition,...

View Article

Always On VPN Error Code 858

When configuring Windows 10 Always On VPN using Extensible Authentication Protocol (EAP), the administrator may encounter a scenario in which the client connection fails. The event log will include an...

View Article

Always On VPN Device Tunnel Only Deployment Considerations

Recently I wrote about Windows 10 Always On VPN device tunnel operation and best practices, explaining its common uses cases and requirements, as well as sharing some detailed information about...

View Article

Always On VPN Updates for Windows 10 2004

Microsoft recently made available an update for Windows 10 2004 that includes many important fixes for outstanding issues with Windows 10 Always On VPN. KB4571744 (build 19041.488) addresses many...

View Article


Always On VPN Continue Connecting Prompt

Using the Extensible Authentication Protocol (EAP) with client certificates is the recommended best practice for authentication for Windows 10 Always On VPN deployments. EAP, and especially Protected...

View Article

Always On VPN and Autopilot Hybrid Azure AD Join

Windows Autopilot is a cloud-based technology that administrators can use to configure new devices wherever they may be, whether on-premises or in the field. Devices provisioned with Autopilot are...

View Article


Troubleshooting Always On VPN Error 853

Using Windows Server Network Policy Server (NPS) servers is a common choice for authenticating Microsoft Windows 10 Always On VPN user tunnel connections. The NPS server is joined to the domain and...

View Article

Always On VPN Short Name Access Failure

Using Microsoft Endpoint Manager (Intune), administrators can provision Always On VPN to devices that are Azure AD joined only. Users accessing on-premises resources from these devices can still use...

View Article


Always On VPN Error 853 on Windows 11

Recently I did some validation testing with Always On VPN on Windows 11, and I’m happy to report that everything seems to work without issue. However, a few readers have reported 853 errors when...

View Article

Always On VPN Book Available for Pre-Order

Great news! My new book, Implementing Always On VPN, is now available for pre-order on Amazon.com. This new book, scheduled for release in late 2021, is a comprehensive implementation guide for Windows...

View Article

Always On VPN SSTP with Let’s Encrypt Certificates

When configuring the Windows Server Routing and Remote Access Service (RRAS) to support Secure Socket Tunneling Protocol (SSTP) for Always On VPN user tunnel connections, administrators must install a...

View Article
Browsing all 34 articles
Browse latest View live




Latest Images