Microsoft Intune allows you to deploy several VPN connection profiles to Windows Phone 8.1 devices. The available options are:
- Juniper Pulse
- F5 Edge Client
- Dell SonicWALL Mobile Connect
- CheckPoint Mobile VPN
If you want to deploy another type, e.g. IKEv2 based – it’s possible to use custom URI’s. In order to create one, select “Policy” on the left side of the management portal, navigate to “Configuration Policies” and select “Windows Phone OMA-URI Policy”.
After creating a new policy, add the custom URI’s like shown in the screenshot below.
Below is a set of example settings. Be careful with the data types and formatting (e.g. XML).
Type | OMA-URI | Value |
string | ./Vendor/MSFT/VPN/MYVPNTEST/Server | vpn.contoso.com |
string | ./Vendor/MSFT/VPN/MYVPNTEST/SecuredResources/DNSSuffix | dns.contoso.com |
string | ./Vendor/MSFT/VPN/MYVPNTEST/TunnelType | IKEv2 |
string | ./Vendor/MSFT/VPN/MYVPNTEST/Authentication/Method | EAP |
string | ./Vendor/MSFT/VPN/MYVPNTEST/Proxy/Manual/Server | proxy.contoso.com |
int | ./Vendor/MSFT/VPN/MYVPNTEST/Proxy/Manual/Port | 8080 |
bool | ./Vendor/MSFT/VPN/MYVPNTEST/Proxy/Manual/BypassProxyForLocal | True |
bool | ./Vendor/MSFT/VPN/MYVPNTEST/Policies/SplitTunnel | false |
bool | ./Vendor/MSFT/VPN/MYVPNTEST/Policies/BypassForLocal | false |
bool | ./Vendor/MSFT/VPN/MYVPNTEST/Policies/TrustedNetworkDetection | false |
string | ./Vendor/MSFT/VPN/MYVPNTEST/Policies/ConnectionType | manual |
string - XML | ./Vendor/MSFT/VPN/MYVPNTEST/Authentication/EAP | (see below for contents – doesn’t fit this table) |
This should go into the “Value” field of “EAP” mentioned above:
<EapHostConfig xmlns="http://www.microsoft.com/provisioning/EapHostConfig"> |
Special thanks goes out to James Lieurance (MSFT) who supplied the OMA-URI’s.