it was a simple and informative walk-through until it was cut for the client and testing phase also there are no links for the resources you mentioned in the description so it's not enough unfortunate.
10:45 - Won't the user need to perform the first log-on on site to get their user tunnel certificate? I've never seen an AOVPN set up where the user is able to perform a first time login and have the user tunnel certificate deployed through the device tunnel. How would that even be possible?
Late to the party. But the device tunnel can connect pre-login. Which will allow the user to do their first login from home and pull down the user certificate for the user tunnel.
@@GamersHive1 That is how it is supposed to work and those were the promises that MS made, and this was previously possible with specific DA setups - so everyone was expecting this to be the case, but every time I've seen it being used the device tunnel could not allow the user to authenticate so that the user tunnel could be provisioned and the user's corporate profile couldn't be downloaded. The one time I did see it work was a weird bug where users and devices where both connected through two device tunnels, because it was double authenticating through the machine certificate - but it wasn't the user's true profile. I've been out of the loop with AOVPN for over a year, so I'm hoping that it's improved to the point of being able to now deliver these promises, but I'm definitely not holding my breath.
where to download the slides? excellent video! thx
Is there a part 2 of this?
Thanks for a good guide. But is there a part 2 of this guide :)
Video is cut off in client settings
it was a simple and informative walk-through until it was cut for the client and testing phase also there are no links for the resources you mentioned in the description so it's not enough unfortunate.
How do I setup always on vpn for an environment where public domain name is different from internal domain name ?
Seems to cut short of the client config part, but appreciate the other parts and commentary.
10:45 - Won't the user need to perform the first log-on on site to get their user tunnel certificate? I've never seen an AOVPN set up where the user is able to perform a first time login and have the user tunnel certificate deployed through the device tunnel. How would that even be possible?
Late to the party. But the device tunnel can connect pre-login. Which will allow the user to do their first login from home and pull down the user certificate for the user tunnel.
@@GamersHive1 That is how it is supposed to work and those were the promises that MS made, and this was previously possible with specific DA setups - so everyone was expecting this to be the case, but every time I've seen it being used the device tunnel could not allow the user to authenticate so that the user tunnel could be provisioned and the user's corporate profile couldn't be downloaded. The one time I did see it work was a weird bug where users and devices where both connected through two device tunnels, because it was double authenticating through the machine certificate - but it wasn't the user's true profile. I've been out of the loop with AOVPN for over a year, so I'm hoping that it's improved to the point of being able to now deliver these promises, but I'm definitely not holding my breath.
Where is your slide Deck ??
I see no relation between Windows Update for Business and MFA