@joseph-moody
Joseph Moody commented on Always On VPN Remote Access and Network Policy Server 3 years, 1 month ago
Thank you! I am not 100% (and I may not understand your question). On your firewall/router, you can use ACLs to allow clients to only talk with approved addresses.
-
Joseph Moody commented on Configuring and deploying Always On VPN device tunnels 3 years, 1 month ago
That output looks right. The device profile should appear if you run Get-VPNConnection -AllUserConnection . You should also see it as a network adapter in Control Panel.
-
Joseph Moody commented on Configuring and deploying Always On VPN device tunnels 3 years, 1 month ago
This should be the default behavior. In the XML, do you have <AlwaysOn>true</AlwaysOn> ?
-
Joseph Moody commented on Configuring and deploying Always On VPN device tunnels 3 years, 1 month ago
Change this line in the XML: <RoutingPolicyType>SplitTunnel</RoutingPolicyType>
-
Joseph Moody liked the comment of TheWizard1002 on Configuring and deploying Always On VPN device tunnels. (So far, TheWizard1002 has 1 likes for this comment) 3 years, 1 month ago
-
Joseph Moody wrote a new post 3 years, 1 month ago
SmartDeploy: Rethinking software deployment to remote workers in times of a pandemic
This is the last phase of our upgrade process. In our last two articles, we successfully upgraded our vCenter Server from 6.7 to v7.0, and we then used vSphere Lifecycle Manager to upgrade our ESXi cluster from ESXi 6.7 to v7.0. Today’s post will discuss the upgrade of virtual machine hardware and VMware Tools.
-
Joseph Moody replied to the topic Continued AD lockouts via OWA even after disabling OWA access in IT Administration Forum 3 years, 4 months ago
What is your Azure Sign-in risk policy set to? It sounds like it is set to block user when MFA is not available.
https://portal.azure.com/#blade/Microsoft_AAD_IAM/IdentityProtectionMenuBlade/SignInPolicy
-
Joseph Moody commented on Analyzing SMSPXE.log and other methods to troubleshoot SCCM 2012 OS deployments 3 years, 4 months ago
Will it image if you remove the NIC from the VM and add another one? If so, you might need to clear the PXE flag on the device going forward or change your deployment from mandatory.
-
Joseph Moody commented on Always On VPN Remote Access and Network Policy Server 3 years, 4 months ago
You can let your external load balancer handle everything. Setup a second VPN (Routing and Remote Access) server. Copy your VPN cert from the first machine to the second – be sure to include the private key.
-
The public cert should be on your Routing and Remote Access (VPN) server.
-
Joseph Moody wrote a new post 3 years, 10 months ago
Outlook attachments now blocked in Office 365
Sometimes you need to create your own template for requesting certificates from a Windows CA, e.g., for encrypting or signing documents. When you request a certificate based on the new template for the first time, this task might fail.
-
Joseph Moody wrote a new post 3 years, 11 months ago
PolicyPak MDM Edition: Group Policy and more for BYOD
VMware vMotion allows live migrating of virtual machines (VMs) from one host to another without downtime. It was a revolutionary technology back in its day. This post gives tips on how to improve the speed of VMware vMotion.
-
Joseph Moody wrote a new post 3 years, 12 months ago
SmartDeploy: Easy software and OS deployment
Previously, we have covered security options related to accounts, interactive logon, and the UAC feature. Today, we will focus on options affecting network security: Microsoft’s network clients, network access, and network security.
-
Joseph Moody wrote a new post 4 years agoComplete network visibility with SolarWinds Log and Network Performance Pack
If you are not taking advantage of Automatic Certificate Management, you are officially a dinosaur, desperately clinging to the good old days, when certificate issuance required blood tests, DNA samples, and voice identification.
-
-
Joseph Moody replied to the topic Always On VPN – How to select Sub CA in IT Administration Forum 4 years, 1 month ago
You should be able to use any CA that is issuing your certificates and that is configured as trusted in Group Policy. Did you sort out your certificates?
-
Joseph Moody commented on Configuring and deploying Always On VPN device tunnels 4 years, 1 month ago
Hi Patrick, what did you find out about your problem? Was it due to an older client version of Windows 10?
-
Joseph Moody commented on Install 32-bit and 64-bit applications with Group Policy and SCCM 4 years, 1 month ago
You should only need to run these once per machine.
-
Joseph Moody replied to the topic Always on VPN on Windows Server 2008 R2 in IT Administration Forum 4 years, 3 months ago
Posting here in case you don’t see my other answer. You can use a 2008R2 CA but make sure your RSA key is 2048 or higher. If you can introduce a 2012R2 or higher CA, that would be the better route due to the longer support date.
-
Joseph Moody commented on Active Directory, Group Policy, and certificates for Always On VPN 4 years, 3 months ago
A 2008R2 CA is fine – just make to set the cert strength to a higher value than the default one chosen. With 2008R2 approaching end of support, it might not be a bad time to upgrade though.
- Load More
