1 00:00:02,040 --> 00:00:03,770 Hello, and welcome to Pluralsight. 2 00:00:03,770 --> 00:00:06,610 This is Implementing Microsoft Always On VPN. 3 00:00:06,610 --> 00:00:13,340 And in this module, we're going to cover some advanced configuration. 4 00:00:13,340 --> 00:00:15,300 So, in the previous module, 5 00:00:15,300 --> 00:00:21,240 we covered some installation techniques using Intune and PowerShell, 6 00:00:21,240 --> 00:00:23,220 but bottom line was is when we implemented the 7 00:00:23,220 --> 00:00:26,730 settings using either of those methods, we used kind of the basic settings. 8 00:00:26,730 --> 00:00:31,900 We use the defaults to pretty much just get us connected, 9 00:00:31,900 --> 00:00:32,670 authenticated, 10 00:00:32,670 --> 00:00:37,230 authorized and so that we could route traffic and get to resources and so forth. 11 00:00:37,230 --> 00:00:40,510 And that works by and large most of the time, 12 00:00:40,510 --> 00:00:44,770 but there are some scenarios in which you may need to make some adjustment 13 00:00:44,770 --> 00:00:47,660 to the configuration to accommodate different scenarios. 14 00:00:47,660 --> 00:00:51,160 The most predominant and most common of those is name resolution. 15 00:00:51,160 --> 00:00:54,770 And we're going to talk about how name resolution works in Windows Always On 16 00:00:54,770 --> 00:00:57,870 VPN and and how DNS servers are assigned and so forth, 17 00:00:57,870 --> 00:01:01,350 and we'll talk about when and how that breaks and then, 18 00:01:01,350 --> 00:01:02,440 importantly, 19 00:01:02,440 --> 00:01:04,700 how to resolve those issues and how to get name 20 00:01:04,700 --> 00:01:08,050 resolution working correctly and as expected. 21 00:01:08,050 --> 00:01:11,810 We'll talk a little bit about proxy server configuration. 22 00:01:11,810 --> 00:01:14,490 Again, proxy servers are not super common today, 23 00:01:14,490 --> 00:01:16,780 but they're still in in use in a lot of enterprise 24 00:01:16,780 --> 00:01:19,290 organizations for a variety of reasons, 25 00:01:19,290 --> 00:01:22,910 perhaps traffic inspection or translation and so forth, 26 00:01:22,910 --> 00:01:26,260 and so you may be required as the administrator to support 27 00:01:26,260 --> 00:01:29,610 proxy servers in your environment for your Always On VPN 28 00:01:29,610 --> 00:01:31,190 clients when they're in the field, 29 00:01:31,190 --> 00:01:34,640 and we'll certainly talk through that in detail. 30 00:01:34,640 --> 00:01:38,830 And then finally, I want to talk a little bit about zero trust network access, 31 00:01:38,830 --> 00:01:39,940 or ZTNA. 32 00:01:39,940 --> 00:01:43,990 This is a popular term certainly from a marketing perspective. 33 00:01:43,990 --> 00:01:49,330 It seems like every security and vendor in the world now has support for ZTNA, 34 00:01:49,330 --> 00:01:50,830 or zero trust network access. 35 00:01:50,830 --> 00:01:55,840 Zero trust network access is supported in Windows Always On VPN, 36 00:01:55,840 --> 00:01:59,710 and there are a variety of ways in which to implement it. 37 00:01:59,710 --> 00:02:03,400 There are a couple of techniques that we can use to enforce 38 00:02:03,400 --> 00:02:07,090 limited or zero trust network access, or limited network access, 39 00:02:07,090 --> 00:02:12,180 and we'll talk through those and what and how those are configured and 40 00:02:12,180 --> 00:02:22,000 specifically how they work and how they function to enforce your zero trust network access policies in your organization.