Meraki VPN L2TP with Preshared key via Intune
Hey everyone, I'm trying to deploy Meraki VPN L2TP with Preshared key via Intune. I have previously tried to deploy the rasphone.pbk file using PS Script to "$env:APPDATA\Microsoft\Network\Connections\Pbk\rasphone.pbk". The file was deployed successfully but Preshared key is not being copied. The next method I used was to create a VPN profile using PS script. I used the script below but EncryptionLevel Optional is being returned as error. # Add the VPN connection Add-VpnConnection ` -Name "MY VPN" ` -ServerAddress "myvpn.com" ` -TunnelType L2tp ` -L2tpPsk "myPSK" ` -AuthenticationMethod Pap ` -EncryptionLevel Optional ` -Force ` -AllUserConnection $True # Path to the rasphone.pbk file for all user connections $pbkPath = "C:\ProgramData\Microsoft\Network\Connections\Pbk\rasphone.pbk" # Ensure the file exists if (Test-Path -Path $pbkPath) { # Read the contents of the file $pbkContent = Get-Content -Path $pbkPath -Raw # Modify the contents to enforce PAP (128) and require username and password $pbkContent = $pbkContent -replace "(?msi)^(\[$([regex]::Escape("MY VPN"))\].*?^Authentication=).*$", '${1}128' # Write the modified contents back to the file $pbkContent | Set-Content -Path $pbkPath } else { Write-Error "The rasphone.pbk file does not exist at the specified path: $pbkPath" } Error: WARNING: The currently selected encryption level requires EAP or MS-CHAPv2 logon security methods. Data encryption will not occur for Pap or Chap. The requirements are to use PAP and rasphone.pbk should be created under "$env:APPDATA\Microsoft\Network\Connections\Pbk\rasphone.pbk" and preshared key should be copied. So that I can connect to VPN settings via taskbar bottom right by entering username and password. Can someone assist to modify the script or provide any alternate solution?
Device Configuration Policy showing false information
Hi, I noticed every client applied successfully our device policy and shows "Encrypt devices" as "Succeeded" but when I take a closer look at some clients I found out that many of them are not encrypted at all. Those clients also don't have a decrypt key in Azure. If I trigger Bitlocker manually on those clients the key is sent to Azure as configured. Anyone with similar issues? Thanks, JoschIntune device encryption - not applicable
Hi all, We have created an Intune Device configuartion profile te enable/ enforce the encryption of the drives with Bitlocker. The deviecs all run Windows 10 1709 and encryption is enforce on all devices exept one. This device has the same image as all other devices, but gives the deployment status "not applicable" How can we troubleshoot this behavior? Thanks, Peter
