VPN articles

windows/security/operating-system-security/network-security/vpn/how-to-configure-diffie-hellman-protocol-over-ikev2-vpn-connections.md

@@ -1,7 +1,7 @@
 ---
 title: How to configure cryptographic settings for IKEv2 VPN connections
 description: Learn how to update the IKEv2 cryptographic settings of VPN servers and clients by running VPN cmdlets to secure connections.
-ms.date: 06/28/2023
+ms.date: 08/03/2023
 ms.topic: how-to
 ---
 
@@ -9,8 +9,8 @@ ms.topic: how-to
 
 In IKEv2 VPN connections, the default setting for IKEv2 cryptographic settings are:
 
-- Encryption Algorithm           : DES3  
-- Integrity, Hash Algorithm      : SHA1  
+- Encryption Algorithm: DES3  
+- Integrity, Hash Algorithm: SHA1  
 - Diffie Hellman Group (Key Size): DH2
 
 These settings aren't secure for IKE exchanges.  
@@ -31,9 +31,9 @@ On an earlier version of Windows Server, run [Set-VpnServerIPsecConfiguration](/
 Set-VpnServerIPsecConfiguration -CustomPolicy
 ```
 
-## VPN client 
+## VPN client
 
-For VPN client, you need to configure each VPN connection. 
+For VPN client, you need to configure each VPN connection.
 For example, run [Set-VpnConnectionIPsecConfiguration (version 4.0)](/powershell/module/vpnclient/set-vpnconnectionipsecconfiguration?view=win10-ps&preserve-view=true) and specify the name of the connection:
 
 ```powershell
@@ -44,8 +44,8 @@ Set-VpnConnectionIPsecConfiguration -ConnectionName <String>
 
 The following commands configure the IKEv2 cryptographic settings to:  
 
-- Encryption Algorithm           : AES128  
-- Integrity, Hash Algorithm      : SHA256  
+- Encryption Algorithm: AES128  
+- Integrity, Hash Algorithm: SHA256  
 - Diffie Hellman Group (Key Size): DH14  
 
 ### IKEv2 VPN Server  

windows/security/operating-system-security/network-security/vpn/how-to-use-single-sign-on-sso-over-vpn-and-wi-fi-connections.md

@@ -1,13 +1,13 @@
 ---
 title: How to use Single Sign-On (SSO) over VPN and Wi-Fi connections
 description: Explains requirements to enable Single Sign-On (SSO) to on-premises domain resources over WiFi or VPN connections.
-ms.date: 12/28/2022
+ms.date: 08/03/2023
 ms.topic: how-to
 ---
 
 # How to use Single Sign-On (SSO) over VPN and Wi-Fi connections
 
-This article explains requirements to enable Single Sign-On (SSO) to on-premises domain resources over WiFi or VPN connections. The following scenarios are typically used:
+This article explains requirements to enable Single Sign-On (SSO) to on-premises domain resources over Wi-Fi or VPN connections. The following scenarios are typically used:
 
 - Connecting to a network using Wi-Fi or VPN
 - Use credentials for Wi-Fi or VPN authentication to also authenticate requests to access domain resources, without being prompted for domain credentials
@@ -17,15 +17,15 @@ For example, you want to connect to a corporate network and access an internal w
 The credentials that are used for the connection authentication are placed in *Credential Manager* as the default credentials for the **logon session**. Credential Manager stores credentials that can be used for specific domain resources. These are based on the target name of the resource:
 
 - For VPN, the VPN stack saves its credential as the **session default**
-- For WiFi, Extensible Authentication Protocol (EAP) provides support
+- For Wi-Fi, Extensible Authentication Protocol (EAP) provides support
 
 The credentials are placed in Credential Manager as a *session credential*:
 
 - A *session credential* implies that it is valid for the current user session
-- The credentials are cleaned up when the WiFi or VPN connection is disconnected
+- The credentials are cleaned up when the Wi-Fi or VPN connection is disconnected
 
 > [!NOTE]
-> In Windows 10, version 21H2 and later, the *session credential* is not visible in Credential Manager.
+> In Windows 10, version 21H2 and later, the *session credential* isn't visible in Credential Manager.
 
 For example, if someone using Microsoft Edge tries to access a domain resource, Microsoft Edge has the right Enterprise Authentication capability. This allows [WinInet](/windows/win32/wininet/wininet-reference) to release the credentials that it gets from Credential Manager to the SSP that is requesting it.
 For more information about the Enterprise Authentication capability, see [App capability declarations](/windows/uwp/packaging/app-capability-declarations).

windows/security/operating-system-security/network-security/vpn/vpn-authentication.md

@@ -1,7 +1,7 @@
 ---
 title: VPN authentication options 
 description: Learn about the EAP authentication methods that Windows supports in VPNs to provide secure authentication using username/password and certificate-based methods.
-ms.date: 06/20/2023
+ms.date: 08/03/2023
 ms.topic: conceptual
 ---
 

windows/security/operating-system-security/network-security/vpn/vpn-auto-trigger-profile.md

@@ -1,7 +1,7 @@
 ---
 title: VPN auto-triggered profile options
 description: With auto-triggered VPN profile options, Windows can automatically establish a VPN connection based on IT admin-defined rules. Learn about the types of auto-trigger rules that you can create for VPN connections.
-ms.date: 05/24/2023
+ms.date: 08/03/2023
 ms.topic: conceptual
 ---
 

windows/security/operating-system-security/network-security/vpn/vpn-conditional-access.md

@@ -1,7 +1,7 @@
 ---
 title: VPN and conditional access
 description: Learn how to integrate the VPN client with the Conditional Access platform, and how to create access rules for Azure Active Directory (Azure AD) connected apps.
-ms.date: 05/23/2023
+ms.date: 08/03/2023
 ms.topic: conceptual
 ---
 

windows/security/operating-system-security/network-security/vpn/vpn-connection-type.md

@@ -1,7 +1,7 @@
 ---
-title: VPN connection types (Windows 10 and Windows 11)
+title: VPN connection types
 description: Learn about Windows VPN platform clients and the VPN connection-type features that can be configured.
-ms.date: 05/24/2022
+ms.date: 08/03/2023
 ms.topic: conceptual
 ---
 
@@ -16,6 +16,7 @@ There are many options for VPN clients. In Windows, the built-in plug-in and the
 ## Built-in VPN client
 
 Tunneling protocols:
+
 - [Internet Key Exchange version 2 (IKEv2)](/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/ff687731(v=ws.10)): configure the IPsec/IKE tunnel cryptographic properties using the **Cryptography Suite** setting in the [VPNv2 Configuration Service Provider (CSP)](/windows/client-management/mdm/vpnv2-csp).
 - [L2TP](/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/ff687761(v=ws.10)): L2TP with pre-shared key (PSK) authentication can be configured using the **L2tpPsk** setting in the [VPNv2 CSP](/windows/client-management/mdm/vpnv2-csp).
 - [PPTP](/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/ff687676(v=ws.10))

windows/security/operating-system-security/network-security/vpn/vpn-guide.md

@@ -1,7 +1,7 @@
 ---
 title: Windows VPN technical guide
 description: Learn how to plan and configure Windows devices for your organization's VPN solution.
-ms.date: 05/24/2023
+ms.date: 08/03/2023
 ms.topic: conceptual
 ---
 

windows/security/operating-system-security/network-security/vpn/vpn-name-resolution.md

@@ -1,7 +1,7 @@
 ---
 title: VPN name resolution
 description: Learn how name resolution works when using a VPN connection.
-ms.date: 05/24/2023
+ms.date: 08/03/2023
 ms.topic: conceptual
 ---
 

windows/security/operating-system-security/network-security/vpn/vpn-office-365-optimization.md

@@ -2,7 +2,7 @@
 title: Optimize Microsoft 365 traffic for remote workers with the Windows VPN client
 description: Learn how to optimize Microsoft 365 traffic for remote workers with the Windows VPN client
 ms.topic: article
-ms.date: 05/24/2023
+ms.date: 08/03/2023
 ---
 # Optimize Microsoft 365 traffic for remote workers with the Windows VPN client
 

windows/security/operating-system-security/network-security/vpn/vpn-profile-options.md

@@ -1,22 +1,22 @@
 ---
 title: VPN profile options 
 description: Windows adds Virtual Private Network (VPN) profile options to help manage how users connect. VPNs give users secure remote access to the company network.
-ms.date: 05/17/2018
+ms.date: 08/03/2023
 ms.topic: conceptual
 ---
 
 # VPN profile options
 
-Most of the VPN settings in Windows 10 and Windows 11 can be configured in VPN profiles using Microsoft Intune or Microsoft Configuration Manager. All VPN settings in Windows 10 and Windows 11 can be configured using the **ProfileXML** node in the [VPNv2 configuration service provider (CSP)](/windows/client-management/mdm/vpnv2-csp). 
+Most of the VPN settings in Windows can be configured in VPN profiles using Microsoft Intune or Microsoft Configuration Manager. VPN settings can be configured using the **ProfileXML** node in the [VPNv2 configuration service provider (CSP)](/windows/client-management/mdm/vpnv2-csp).
 
 >[!NOTE]
 >If you're not familiar with CSPs, read [Introduction to configuration service providers (CSPs)](/windows/configuration/provisioning-packages/how-it-pros-can-use-configuration-service-providers) first.
 
 The following table lists the VPN settings and whether the setting can be configured in Intune and Configuration Manager, or can only be configured using **ProfileXML**.
 
-| Profile setting | Can be configured in Intune and Configuration Manager | 
-| --- | --- | 
-| Connection type | Yes | 
+| Profile setting | Can be configured in Intune and Configuration Manager |
+| --- | --- |
+| Connection type | Yes |
 | Routing: split-tunnel routes | Yes, except exclusion routes |
 | Routing: forced-tunnel | Yes |
 | Authentication (EAP) | Yes, if connection type is built in |
@@ -33,15 +33,14 @@ The following table lists the VPN settings and whether the setting can be config
 | Traffic filters | Yes |
 | Proxy settings | Yes, by PAC/WPAD file or server and port |
 
-> [!NOTE] 
+> [!NOTE]
 > VPN proxy settings are only used on Force Tunnel Connections. On Split Tunnel Connections, the general proxy settings are used.
 
 The ProfileXML node was added to the VPNv2 CSP to allow users to deploy VPN profile as a single blob. This node is useful for deploying profiles with features that aren't yet supported by MDMs. You can get more examples in the [ProfileXML XSD](/windows/client-management/mdm/vpnv2-profile-xsd) article.
 
-
 ## Sample Native VPN profile
 
-The following sample is a sample Native VPN profile. This blob would fall under the ProfileXML node. 
+The following sample is a sample Native VPN profile. This blob would fall under the ProfileXML node.
 
 ```xml
 <VPNProfile>  

windows/security/operating-system-security/network-security/vpn/vpn-routing.md

@@ -1,5 +1,5 @@
 ---
-ms.date: 05/24/2023
+ms.date: 08/03/2023
 title: VPN routing decisions
 description: Learn about approaches that either send all data through a VPN or only selected data. The one you choose impacts capacity planning and security expectations.
 ms.topic: conceptual

windows/security/operating-system-security/network-security/vpn/vpn-security-features.md

@@ -1,7 +1,7 @@
 ---
 title: VPN security features
 description: Learn about security features for VPN, including LockDown VPN and traffic filters.
-ms.date: 05/24/2023
+ms.date: 08/03/2023
 ms.topic: conceptual
 ---