Skip to main content

Check out Interactive Visual Stories to gain hands-on experience with the SSE product features. Click here.

Skyhigh Security

Configure Microsoft Intune MDM

  1. Last updated
  2. Save as PDF

 

Create an Always On-VPN Profile

You must first create an Always On-VPN Profile in Intune to configure an Always-On VPN connection for Android devices.

To create an Always On-VPN Profile:

  1. Log in to the Intune MDM admin portal. 
  2. In the Intune admin portal, go to Devices > Android > Configuration profiles.
  3. Under Policies, click Create and select New Policy
    clipboard_e6ef42c89d061d9e46f70b887b4e8141b.png
  4. On the Create a profile panel, configure the following:
    • Platform. Select Android Enterprise as the platform for the profile. 
    • Profile type. Select Device restrictions as the profile type.
  5. Click Create.
    clipboard_e2b189f431686a15b2e07f5cb4da949ce.png

Configure VPN Profile Settings

You can now configure the settings of the newly created Always On-VPN profile.

To configure the VPN profile settings:

  1. In Basics, configure the following setting:
    1. Name. Enter a descriptive name for the VPN profile.
  2. Click Next.
    clipboard_ec1a9eae30b3e44e370e5af77bd3767bb.png
  3. In Configuration settings > Connectivity, configure the following VPN settings:
    1. For Fully managed, dedicated, and corporate-owned work profile devices:
      1. Always-on VPN (work profile-level). Select Enable to activate the Always-on VPN connection for your SMCS app.
      2. VPN client. Select Custom as the VPN client. 
      3. Package ID. Enter com.skyhigh.mcs as the package ID of your SMCS app.
  4. Click Next.
    clipboard_e82bfd9fc71e4db3e5d32457cc76598a7.png

Assign the VPN Profile

After configuring the settings of the newly created Always On-VPN profile, you can assign the VPN profile to users in your organization. 

To assign the VPN profile:

  1. In Assignments, configure the following setting:
    1. Add groups. Click Add groups to assign the device restriction profile to Azure AD groups.
      clipboard_e88c697334b9b6be42c4541ea29ee5e56.png
      1.  Select groups to include. Select the Azure AD groups from the list. These groups must include the Android devices where you want to enable the Always-On VPN connection.
  2. Click Select.
    clipboard_ea314823a6c886b4c926a75e983649eaa.png
  3. In Review + create, review the configured settings of the VPN profile.

NOTE: Make sure that Always-on VPN (work profile-level) is enabled under the Configuration settings

  1. Click Create.
    clipboard_e7cd0f52aa0873660af3267bf767c2fe3.png

Once the VPN profile is created and assigned, the Always-On VPN connection is deployed and enabled on Android devices for users in the assigned groups.

  1. Back to top
  • Was this article helpful?

Recommended articles

  1. Article type
    Topic
  2. Tags
    1. Topic ID 196