Hey there,
since Ivanti Secure Access still has not patched the current Security issues I was planning to test a new VPN solution.
Since I saw my chance to get rid of the current VPN Agent I tried to play around with the Windows integrated VPN. So I set myself a requirement NOT to use any vpn client in that case …
I setup a sophos with a 30 day eval licence and got it working with MSchapv2 over a Windows Server 2016 NPS in a short time. It works smooth and I get around 60Mbit Download / Upload.
Since mschapv2 is pretty unsecure, i wanted to change the auth method to peap.
For now, I found alot posts in the internet which says it is not supported by sophos.
OK - so I started searching for a solution with another vendor like palo alto which seems to end in the same fight …
Does any1 figured out a solution for sophos or even palo alto?
Or is my requirement NOT to use any vpn client not really a good one?
Always my favourite if you have a PKI available and are an Intune shop. Helps with the transition away from ADDS to Entra-Joined too (well, until Private Access goes GA…).