Last year I wrote a couple of blogposts about the Windows 10 AlwaysOn VPN solution with AzureAD Conditional Access. You can find the blogposts here:
- Windows 10 AlwaysOn VPN with Conditional Access – Part 1
- Windows 10 AlwaysOn VPN with Conditional Access – Part 2
- Windows 10 AlwaysOn VPN with Conditional Access – Part 3
After testing this solution more and more I had a strange issue where the user was able to set-up a AlwaysOn VPN connection even when the conditional access conditions were not met. So if my conditional access policy was requiring a compliant device I was able to connect with a non compliant device. I could do this by clicking on the X (Close) icon when I was in the Conditional Access flow. Together with Microsoft I’ve investigated this and a solution has been found.