Posted  by 

Microsoft Vpn On Mac

PATENTED VPN TECHNOLOGY Get the VPN with over 30 patents that optimize your server connection for faster speeds. BROWSE SECURELY Stay secure with military-grade encrypted traffic between your device and our servers while connected with Hotspot Shield VPN. 對於Windows 7用戶來說,VPN的使用可能就比較陌生了。那麼,下面編者將指出在Windows 7下,如何建立一個VPN連接,又如何自己建立一個VPN服務器呢。本篇文章將為您分別闡述。 對於希望建立一個VPN連接的用戶,可以通過以下步驟來實現。. 2017-8-17  Windows 10 S硬件的竞争对手是谷歌Chromebook,希望蚕食Chromebook在教育市场上的销售,但它存在的诸多不便之处,给用户带来很大麻烦。 据PCWorld 网站报道,Windows 10 S是一款锁定版Windows 10,预装在微软Surface Laptop和少数几.

This article shows you how to download and install the Cisco AnyConnect Secure Mobility Client version 4.3 on a Mac Computer. Prior to installing click here to review the Guidelines and Limitations section of the release notes. Add or create a virtual private network (VPN) configuration profile, including the connection details, split tunneling, custom VPN settings with the identifier, key and value pairs, proxy settings with a configuration script, IP or FQDN address, and TCP port in Microsoft Intune on devices running macOS. VPN Tracker is the leading Apple Mac VPN client and compatible with almost all IPSec VPN, L2TP VPN and PPTP VPN gateways ( Try VPN Tracker for free ). Please refer to the following table to find out if the VPN Tracker team has already successfully tested VPN Tracker with your Microsoft VPN gateway. Enter VPN settings manually On your Mac, choose Apple menu System Preferences, then click Network. Click the Add button in the list at the left, click the Interface pop-up menu, then choose VPN. Click the VPN Type pop-up menu, then choose what kind of VPN connection you want to set up.

-->

This article shows you the Intune settings you can use to configure VPN connections on devices running macOS.

Depending on the settings you choose, not all values in the following list are configurable.

Before you begin

Create a device configuration profile.

Note

These settings are available for all enrollment types. For more information on the enrollment types, see macOS enrollment.

Base VPN settings

Connection name: Enter a name for this connection. End users see this name when they browse their device for the list of available VPN connections.

Microsoft Vpn On Mac Computer

  • IP address or FQDN: Provide the IP address or fully qualified domain name of the VPN server that devices connect to. Examples: 192.168.1.1, vpn.contoso.com.
  • Authentication method: Choose how devices authenticate to the VPN server from:
    • Certificates: Under Authentication certificate, Choose a SCEP or PKCS certificate profile you previously created to authenticate the connection. For more information about certificate profiles, see How to configure certificates.
    • Username and password: End users must supply a username and password to log into the VPN server.
  • Connection type: Select the VPN connection type from the following list of vendors:
    • Check Point Capsule VPN
    • Cisco AnyConnect
    • SonicWall Mobile Connect
    • F5 Edge Client
    • Pulse Secure
    • Custom VPN
  • Split tunneling: Enable or Disable this option that lets devices decide which connection to use depending on the traffic. For example, a user in a hotel uses the VPN connection to access work files, but use the hotel's standard network for regular web browsing.

Custom VPN settings

If you selected Custom VPN, configure these further settings:

  • VPN identifier: Enter an identifier for the VPN app you're using. This identifier is supplied by your VPN provider.
  • Enter key and value pairs for the custom VPN attributes: Add or import Keys and Values that customize your VPN connection. These values are typically supplied by your VPN provider.

Proxy settings

  • Automatic configuration script: Use a file to configure the proxy server. Enter the Proxy server URL that contains the configuration file. For example, enter http://proxy.contoso.com.
  • Address: Enter the proxy server address (as an IP address).
  • Port number: Enter the port number associated with the proxy server.

Next steps

The profile is created, but it's not doing anything yet. Next, assign the profile and monitor its status.

Configure VPN settings on Android, Android Enterprise, iOS/iPadOS, and Windows 10 devices.

-->

VPN client configuration files are contained in a zip file. Configuration files provide the settings required for a native Windows, Mac IKEv2 VPN, or Linux clients to connect to a virtual network over Point-to-Site connections that use native Azure certificate authentication.

Client configuration files are specific to the VPN configuration for the virtual network. If there are any changes to the Point-to-Site VPN configuration after you generate the VPN client configuration files, such as the VPN protocol type or authentication type, be sure to generate new VPN client configuration files for your user devices.

  • For more information about Point-to-Site connections, see About Point-to-Site VPN.
  • For OpenVPN instructions, see Configure OpenVPN for P2S and Configure OpenVPN clients.

Important

Starting July 1, 2018, support is being removed for TLS 1.0 and 1.1 from Azure VPN Gateway. VPN Gateway will support only TLS 1.2. Only point-to-site connections are impacted; site-to-site connections will not be affected. If you’re using TLS for point-to-site VPNs on Windows 10 clients, you don’t need to take any action. If you are using TLS for point-to-site connections on Windows 7 and Windows 8 clients, see the VPN Gateway FAQ for update instructions.

Generate VPN client configuration files

Before you begin, make sure that all connecting users have a valid certificate installed on the user's device. For more information about installing a client certificate, see Install a client certificate.

You can generate client configuration files using PowerShell, or by using the Azure portal. Either method returns the same zip file. Unzip the file to view the following folders:

  • WindowsAmd64 and WindowsX86, which contain the Windows 32-bit and 64-bit installer packages, respectively. The WindowsAmd64 installer package is for all supported 64-bit Windows clients, not just Amd.
  • Generic, which contains general information used to create your own VPN client configuration. The Generic folder is provided if IKEv2 or SSTP+IKEv2 was configured on the gateway. If only SSTP is configured, then the Generic folder is not present.

Generate files using the Azure portal

  1. In the Azure portal, navigate to the virtual network gateway for the virtual network that you want to connect to.

  2. On the virtual network gateway page, click Point-to-site configuration.

  3. At the top of the Point-to-site configuration page, click Download VPN client. It takes a few minutes for the client configuration package to generate.

  4. Your browser indicates that a client configuration zip file is available. It is named the same name as your gateway. Unzip the file to view the folders.

Generate files using PowerShell

  1. When generating VPN client configuration files, the value for '-AuthenticationMethod' is 'EapTls'. Generate the VPN client configuration files using the following command:

  2. Copy the URL to your browser to download the zip file, then unzip the file to view the folders.

Windows

You can use the same VPN client configuration package on each Windows client computer, as long as the version matches the architecture for the client. For the list of client operating systems that are supported, see the Point-to-Site section of the VPN Gateway FAQ.

Note

You must have Administrator rights on the Windows client computer from which you want to connect.

Use the following steps to configure the native Windows VPN client for certificate authentication:

  1. Select the VPN client configuration files that correspond to the architecture of the Windows computer. For a 64-bit processor architecture, choose the 'VpnClientSetupAmd64' installer package. For a 32-bit processor architecture, choose the 'VpnClientSetupX86' installer package.
  2. Double-click the package to install it. If you see a SmartScreen popup, click More info, then Run anyway.
  3. On the client computer, navigate to Network Settings and click VPN. The VPN connection shows the name of the virtual network that it connects to.
  4. Before you attempt to connect, verify that you have installed a client certificate on the client computer. A client certificate is required for authentication when using the native Azure certificate authentication type. For more information about generating certificates, see Generate Certificates. For information about how to install a client certificate, see Install a client certificate.

Mac (OS X)

You have to manually configure the native IKEv2 VPN client on every Mac that will connect to Azure. Azure does not provide mobileconfig file for native Azure certificate authentication. The Generic contains all of the information that you need for configuration. If you don't see the Generic folder in your download, it's likely that IKEv2 was not selected as a tunnel type. Note that the VPN gateway Basic SKU does not support IKEv2. Once IKEv2 is selected, generate the zip file again to retrieve the Generic folder.
The Generic folder contains the following files:

Free Vpn

  • VpnSettings.xml, which contains important settings like server address and tunnel type.
  • VpnServerRoot.cer, which contains the root certificate required to validate the Azure VPN Gateway during P2S connection setup.

Use the following steps to configure the native VPN client on Mac for certificate authentication. You have to complete these steps on every Mac that will connect to Azure:

  1. Import the VpnServerRoot root certificate to your Mac. This can be done by copying the file over to your Mac and double-clicking on it. Click Add to import.

    Note

    Double-clicking on the certificate may not display the Add dialog, but the certificate is installed in the correct store. You can check for the certificate in the login keychain under the certificates category.

  2. Verify that you have installed a client certificate that was issued by the root certificate that you uploaded to Azure when you configured you P2S settings. This is different from the VPNServerRoot that you installed in the previous step. The client certificate is used for authentication and is required. For more information about generating certificates, see Generate Certificates. For information about how to install a client certificate, see Install a client certificate.

  3. Open the Network dialog under Network Preferences and click '+' to create a new VPN client connection profile for a P2S connection to the Azure virtual network.

    The Interface value is 'VPN' and VPN Type value is 'IKEv2'. Specify a name for the profile in the Service Name field, then click Create to create the VPN client connection profile.

    Aug 12, 2014  Download this app from Microsoft Store for Windows 10, Windows 10 Mobile, Windows 10 Team (Surface Hub), HoloLens. See screenshots, read the latest customer reviews, and compare ratings for Excel Mobile. Jan 24, 2019  Data provided through the use of this store and this app may be accessible to Microsoft or the third-party app publisher, as applicable, and transferred to, stored, and processed in the United States or any other country where Microsoft or the app publisher and their affiliates or service providers maintain facilities. Free microsoft excel for mac. Get the Excel at Microsoft Store and compare products with the latest customer reviews and ratings. Download or ship for free. Free returns. Mar 26, 2014  ‎Microsoft Excel, the spreadsheet app, lets you create, view, edit, and share your files quickly and easily. Manage spreadsheets, tables and workbooks attached to email messages from your phone with this powerful productivity app.

  4. In the Generic folder, from the VpnSettings.xml file, copy the VpnServer tag value. Paste this value in the Server Address and Remote ID fields of the profile.

  5. Click Authentication Settings and select Certificate. For Catalina, click None and then certificate

    • For Catalina, select None and then Certificate. Select the correct certificate:
  6. Click Select… to choose the client certificate that you want to use for authentication. This is the certificate that you installed in Step 2.

  7. Choose An Identity displays a list of certificates for you to choose from. Select the proper certificate, then click Continue.

  8. In the Local ID field, specify the name of the certificate (from Step 6). In this example, it is 'ikev2Client.com'. Then, click Apply button to save the changes.

  9. On the Network dialog, click Apply to save all changes. Then, click Connect to start the P2S connection to the Azure virtual network.

Linux (strongSwan GUI)

Install strongSwan

Mac

The following configuration was used for the steps below:

ComputerUbuntu Server 18.04
DependenciesstrongSwan

Use the following commands to install the required strongSwan configuration:

Use the following command to install the Azure command-line interface:

Generate certificates

If you have not already generated certificates, use the following steps:

Generate the CA certificate.

Print the CA certificate in base64 format. This is the format that is supported by Azure. You upload this certificate to Azure as part of the P2S configuration steps.

Generate the user certificate.

Generate a p12 bundle containing the user certificate. This bundle will be used in the next steps when working with the client configuration files.

Install and configure

The following instructions were created on Ubuntu 18.0.4. Ubuntu 16.0.10 does not support strongSwan GUI. If you want to use Ubuntu 16.0.10, you will have to use the command line. The examples below may not match screens that you see, depending on your version of Linux and strongSwan.

  1. Open the Terminal to install strongSwan and its Network Manager by running the command in the example.

  2. Select Settings, then select Network.

  3. Click the + button to create a new connection.

  4. Select IPsec/IKEv2 (strongSwan) from the menu, and double-click. You can name your connection in this step.

  5. Open the VpnSettings.xml file from the Generic folder contained in the downloaded client configuration files. Find the tag called VpnServer and copy the name, beginning with 'azuregateway' and ending with '.cloudapp.net'.

  6. Paste this name into the Address field of your new VPN connection in the Gateway section. Next, select the folder icon at the end of the Certificate field, browse to the Generic folder, and select the VpnServerRoot file.

  7. In the Client section of the connection, for Authentication, select Certificate/private key. For Certificate and Private key, choose the certificate and the private key that were created earlier. In Options, select Request an inner IP address. Then, click Add.

  8. Turn the connection On.

Linux (strongSwan CLI)

Install strongSwan

The following configuration was used for the steps below:

ComputerUbuntu Server 18.04
DependenciesstrongSwan

Use the following commands to install the required strongSwan configuration:

Use the following command to install the Azure command-line interface:

Generate certificates

If you have not already generated certificates, use the following steps:

Generate the CA certificate.

Print the CA certificate in base64 format. This is the format that is supported by Azure. You upload this certificate to Azure as part of the P2S configuration steps.

Generate the user certificate.

Generate a p12 bundle containing the user certificate. This bundle will be used in the next steps when working with the client configuration files.

Install and configure

  1. Download the VPNClient package from Azure portal.

  2. Extract the File.

  3. From the Generic folder, copy or move the VpnServerRoot.cer to /etc/ipsec.d/cacerts.

  4. Copy or move cp client.p12 to /etc/ipsec.d/private/. This file is client certificate for Azure VPN Gateway.

  5. Open VpnSettings.xml file and copy the <VpnServer> value. You will use this value in the next step.

  6. Adjust the values in the example below, then add the example to the /etc/ipsec.conf configuration.

  7. Add the following to /etc/ipsec.secrets.

  8. Run the following commands:

Next steps

Return to the article to complete your P2S configuration.

To troubleshoot P2S connections, see the following articles: