cancel
Showing results for 
Search instead for 
Did you mean: 

Microsoft InTune Configuration steps for iOS

This document provides the configuration flow of pushing VPN profile to mobile device from Intune MDM(Mobile Device Management).

Prerequisite : Device already managed with Intune. [Not going to discuss about how to manage the mobile with Intune]

 

Creation of custom VPN Profile

  1. Login to the Intune MDM account using below URL.
    URL : https://devicemanagement.microsoft.com/
    Screenshot (111).png

  2. Once logged into the account, click on Device Configuration.
    Screenshot (112)_LI.jpg

  3. In the Device Configuration, click on Profiles to create the new VPN profile.
    Screenshot (99)_LI.jpg

  4. In the Profiles, click on Create Profile. Create the profile by giving the required information in the fields.
    Screenshot (101)_LI.jpg

  5. Once Profile Type is selected as Custom, a window will be opened to upload the Apple Configurator profile file.
    Provide the Custom configuration profile name and upload the apple configurator(.mobileconfig) file.
    [Refer Step#4 to how to create the apple configurator VPN profile]
    Screenshot (102)_LI.jpg

  6. File content looks like in below image. click on OK.
    Screenshot (103)_LI.jpg

  7. Click on Create button. Saved profile looks like belowScreenshot (105)_LI.jpg


Assigning the profile to a managed device

  1. In the saved profile page, click on Assignments.
    Screenshot (106)_LI.jpg

  2. In the Assign to drop down list, select the specific groups to distribute the profile.
    Screenshot (107)_LI.jpg

  3. Click on Save. In the profile, click on Device status in Monitor section. Click on the device in which profile got pushed.
    Screenshot (108)_LI.jpg

  4. Once the device page is opened, click on Sync button to activate the profile distribution action immediately.
    Screenshot (109)_LI.jpg

  5. In the profile, now device’s deployment status is Succeeded.Screenshot (110)_LI.jpg



Inside the device after publishing the profile

  1. In the device, in Settings->General->Profiles & Device Management-><MDM Profile>->More Details->VPN SETTINGS,
    our distributed profile will be visible.1D143CC7-A950-455C-A53D-BEE5E7D64EC5.png
  2. Goto Settings->VPN, tick mark the profile which got pushed from intunes. Now, click on status button to enable VPN connection.7B3A0A5B-A43B-4914-B801-055F4AFDBA04.png

 

Creation of VPN profile using Apple configurator application.

  1. Install Apple Configurator 2 application in MAC machine. and click on New Profile
    Screen Shot 2019-08-12 at 5.27.38 PM.png

  2. Give specific name in the General->Name field.
    Screen Shot 2019-08-12 at 5.30.07 PM.png

  3. Click on Certificates and upload the device certificate(.p12 file).
    Screen Shot 2019-08-12 at 5.31.35 PM.png

  4. Click on VPN and configure it with the required fields. Please refer the table at the end of the page to configure VPN profile fields.
    Save the file. It will be saved with .mobileconfig extension.
    Screen Shot 2019-08-12 at 5.33.43 PM.png


    VPN Profile Info:

    Fields

    Values

    Connection Name
    IOSTestProfile
    Connection Type
    IKEv2
    Server vpn.mcafee-cloud.com(Host Machine IP or Host Name)
    Remote Identifier

    vpn.mcafee-cloud.com

    (This string is SAN-(Subject Alternate Name) of server certificate)

    Local Identifier

    XXXXX

    (This string is SAN-(Subject Alternate Name) of client certificate)

    Machine Authentication Certificate
    Certificate Type RSA
    Server Certificate Issuer Common Name

    XXXX [OPTIONAL]

    (This string is CN-Common Name of server root certificate)

    Server Certificate Common Name

    vpn.mcafee-cloud.com

    (This string is CN-Common Name of server certificate)

    Enable EAP true
    Disconnect on Idle Never
    EAP Authentication Certificate
    Identity Certificate Select the identity certificate
    Dead Peer Detection Rate Medium
    Enable Perfect Forward Secrecy (PFS) true

    IKE SA Params

    &

    Child SA Params

    Encryption Algorithm: AES-256
    Encryption Algorithm: SHA2-256
    Diffie Hellman Group: 2
    Lifetime In Minutes: 1440

    Proxy Setup None



 
Labels (1)
Contributors
Version history
Revision #:
2 of 2
Last update:
4 weeks ago
Updated by:
 

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community