From 7abd1737e8a6f78fcbad0480369066fba71eafa4 Mon Sep 17 00:00:00 2001
From: jdeckerMS <jdecker@microsoft.com>
Date: Thu, 15 Sep 2016 12:20:26 -0700
Subject: [PATCH] need to swsitch forks

---
 .../keep-secure/images/vpn-intune-policy.png  | Bin 0 -> 8722 bytes
 windows/keep-secure/vpn-authentication.md     |  20 +++++++++++++++++-
 windows/keep-secure/vpn-connection-type.md    |  16 +++++++-------
 windows/keep-secure/vpn-guide.md              |   8 +++++--
 windows/keep-secure/vpn-routing.md            |   4 +++-
 5 files changed, 36 insertions(+), 12 deletions(-)
 create mode 100644 windows/keep-secure/images/vpn-intune-policy.png

diff --git a/windows/keep-secure/images/vpn-intune-policy.png b/windows/keep-secure/images/vpn-intune-policy.png
new file mode 100644
index 0000000000000000000000000000000000000000..4224979bbd48e3b957b09d12f3b5198640b02e34
GIT binary patch
literal 8722
zcmd6NRahKBw=E<P+=B-a2*KSYKyYW!!6CRaI3ZXF5`w!!a37q(Gq}4u!F|vf94`Mo
zkN3Ox>7MU9552nfLv{DwRlREM+VxvaRSpM}0uu=d2}eO*S_26Q`Q)XYfd1+QS%1%!
zzTA-AG~^_aD#zX(ycj6f5-Ji%NHsB752mOuHiomjo*NPpZufsK<bF_z1ricXv4XUO
z);HsmtW}Ufe_CG*f@5KovWk^V!ZwVQZ~}8cpDX-B=c^)#VjKBx(m*Ua@W!hKm43CJ
zypxcKrZDyvnG&*SM$ivB$<~hVegvt!6Y2PVrfAL1J8#uE3a~J(2*_#$0zwdJ-h0@4
zzGq6bmef19oz>(0nYZ7pchkJq+~{INznyh_491VwO^ntl*LIUdr=hd0pFKY~g_=d9
z(*#FyX1PCz8;e+}{>NZ8a)0>qykjydL=zkvxBX`X8jLR)kKvK|f;j(I^qslA03H-W
z*&CwQZ)e4~U;6OAo;lwIt$E)UgT)79Gh+O~cK4RknH1@G=IpREg9xbW@g)L8^4!1j
zAvji)lZ<NKfAbz>cz-JXH25$$_6>km5cK@*M!egYSnR$>u&vw5cQ+A~x9)v(eV24G
zKSuI=Q!MT~o=G4XW`-n;oAr3S);RxkwO&;?LhS7Mga<od<Z(Nkxw(YLIEnJ^-Af;m
z?g2ziOsr#r@oVMY<ZLBDS2Bd)`JSqqa!`LtLZ*!f1H4`tFIrCjZJpeF^4z0Fk^qmB
zI-l(8hx8Vh&yMO4f*nk`cW^ug_@Xg?>bFD_OAGg^lk8o|i|Y{5mhr+F_B|ayS+ewE
z`wlQyw4G-Z0ODS$_Es%aDNRNxF^bY`f2p;m0*M(0z}g>%j&^x*<+q2SYMsG#Roybb
z`r4m^E}=XdDN^eYy4DN6%<s)&Ti}S~&MK(qQ{rCKk%4dl5&;x(;4L2Nw!eI{-;>e^
zTMz_z_O;HbkNv&A1Jv?to#e4h*noET;%9F)e^uIoKR;b44`<BDRu{j7a=%%?zhK#O
z`#qp>l3gKGTLQtWfk`o|9gsVzyHP=9g_}#<-`~C$Gh$YHvwU|qG6KyYk{m#`{BVBG
zp3W!cHq@v4p=xb}iETf;?)JUJbB~9ph)KQb<1i1;IMmNc_2)|2gZJ*txMS$8z-B&C
zRTkS4?}Xv$ZQ~>_yY(JNkF3tW?Mfe>(=0x$S$k_h1TfqtT;OrX1WNrUt)>|8N3`EI
zh0*hpMr+~NJRQ&eXnfqn9`*0~eeXC}Z)xITxE+3cyS~W(SHR?|ZHBVg>glObZZ}@v
zsPEE$6oUpWDRBQAiy;1R?m33rw)b-E9^40P)6oDJ#ff^%+p6<9+SLet)+G0}bDL04
z`Q}iNCq;oqTpcZ|^I<4f%U}ht?!9hetno4q&`0e9F$#E43gG#xm7(ee>hr&yEn$^Z
z;Bu88CUNqPgwXC5PvAU8>3j{VgBPd$C6nRP)|0D^_eoMfV|jW7yHPTcr2NHVU377D
zq||^gmN)*lX+q5EfW+W~*z5In@@ChknMegHw6_yt<<HXM8)^iH<8z`4IUjjeZApz>
z#JITvEW`s<y6^7h8IMknsOgA}p~ADq&RV9Z0xYde<aBn(oVmoT44~}*+LRa1Q`_&i
zm~L_#petO~tEpt-1q~e7nQ~z(r+ckOV^AszPzdhQ2ZBTUXFc9MQS&^OfYrWDx_3g6
zSm!259k=l8fcu?pxol4#?E=(dK;u39=PcH^+FKd46$atp@|g>A^bms!P^Jb#0@rw=
zpCS02+8cZwA(7`_<RH<j!X9w1NpGlE1ESe<e^>5~?bCKGahH>r`xbNVsqht6pU+b<
z2eS)r36*cbtpdP>SR#+*+QGqi^WPuADh+Y{D=N>E2Y<w(sCan1Z~<UdPy<k4taJav
zp6#{&)nGA9DMV0<u??|!KQ{mYmQ*+X^*^dIxx`_hStocy`2KqB9&j7m{U%O3n9ev<
zqw4v5X*>(*`kv#c9U5)>js6$lFK&-^<j6*{hHycf=hIudk!|ObajvQhjjE4mkLXVi
z^OWtq+9<y(Q;B2_ukWlqm0eET9zh&`_`Te1dfhf>?&^o<MQXmXIq*GG!M&B|!GreJ
z5vr8yh(55L`LFF+nBTBKX0Wf^zvm-Qq)sdJBO4A0=9j<bE9a9S`KR;%lYli?5V_<)
zXOOV}#LdNA*4`G6)Gb*kK6kuYKOX+wvI^WS_c5SE3SEJH=KQtvp~s`8Z~zT0%{p7j
z)(dGn{1>+PdfEIJKfjRm!}uCE!wbdA68CApkolroKgRzTr2EpZL&E;|b~od?afIn$
z1dDgRtM^^_+Mg+PAZ+ue5DmM*^&~1ODR2`oC}Hu(-S_AzJo_IT2@sayv;76h)bE(8
zwOokHmYq-%5%@UaGIF*VC8DFq-A`P|QasxJXr<KZ@*1IHk)*G%n~eM<qFmcw*8R$U
zS>%>S>MjH>b<l8%nZUrg<zy^st@`qYePRCqOJtsRw6Hsy1cosqQLnDdV+MnDhtuQK
zt<Lk&X-BujFObGRY58%Mg6*;cfu{SyPwqZG4i1~2oa!-XECjJ1pFO%E?H3F8)!*yt
z;=3K8F4ij1{q$Dl0#!p?UvRzVAX3ziFHWxb3T2D>eL7ri#i)+WdDWQ3(sjU6=;o5U
z0={SIrSuw6C=f%2z@U0<rqO&F$%DM#<{f{&4a9us{e78#g}29>*$$IySKu*qm=CoY
z?CHp^JdzEebe=~Klnn{f?<fTf#OG$mW9F1`_~pm<CKHx@j=kHuGe0H6bS07&sh<bh
zAX1CJKP;LyqAQR)z~_2bINHr`Q@{Lz6sSHBPA#y>*T0JYt%6VeNB9p=CsfsMg+Gs2
z!0BQ4TBq`}NJTmaDUKsGLq4keL%X1u(d~Mc#6(HJ)7Javn^COysh5Ic&;MRc%}~0|
zHRY@Y8FN~1w0>bY<4Jtr@I7nJ{JEbrE`HN7-b&p<Jd8%V=AdK93Lh8$0{J5{j#S!*
z_Gf-aOW$;QVAbX)7HMYR;ZlptN1QU(jaQY6^zK}wn6Ar|;Ig49Z$tD?QWOH?j8mDh
zs9jW~w$X_iRpm#AzygZUCgV%C^CC803)2Y@i$gZQiivmnuHfzPmQ#W`j%BP>%j=Hu
zX<R~l3Y`xtm9fpVa|!QOShyv+9t(f-hev*piYZsl7WCS=Ivzt%%+MmVi8HxxVw{D2
z|CnFw{yK#nJFGihN(^`PnuuNE2JHLb#6KgJsGixj<~IA2V(*<{hqJNb(`n@b<<YNs
zz3Bt6;isp3yK{bmW+kB>J!3}gLLywi+f7I&=2<}|$|aGx`SNl!6Fng8U?tv^9MlEh
zZAryKxTv^nt{5<W(u%@AqurqI=Bju4H=FT(vy{W>`n-s13S7qQrKB^FIZ>==;(Lx7
zzuNB8xHPF3U0c^KdJp>ri8t$LkTV%Pfa%kCF9}~K?fuq?**cXoY0z(Me{?W2>+*p(
zikxK>GmqTZ4Ktc@BCWK~{C3j;jH`aG^xcSooi)88t0dEZ&w;ohwpzxxI6T*T*9u3A
znWHvOgj8{mV<5JCh$DMjy_CpcY6d0VHWb5OFpl3b0KOWE8T(kM8bM&@Jl|LY`lxhZ
z56w_l%KK3s5RNO}%~TwQ+YHY&R3iybd+Vk`AJ0%-jKACt#v|mSd*ZyRz%C>HNM9Ws
zY%t$x$W@{td^wxXr?tf<$8<JxT+=;HU4?o$8JFsWTB99Be-st=p{z)Bng2A?Yd&0b
zhukiUy4-p!vy=HgY5j;Z!s}a}lznbBjrkX2N8Fk%OzB@h5n*L~*4vG>xC0WhLW{SH
zcvSPsYZbta=nb2bv8XwK^M0T!nV3>6hNw?ow?^N2Ph86O4CigUJ{{!Grt^;~ZJjH;
z86=EQC-Fzw%IlvRHS&CUdGDOi_XP(f9FCUK%6pUVOz|aTWJEr#>H9?D0GcS|=;?Fl
zJ5dWo9b1TV%4mAiM4!rp4pVdu(uz(X#6H8*C+LydJA>J3n=rg=@QHP9ugFMG4}se@
z&ux4Qtx!)i%LgfzZN>g6@1MbQuV;hLT4ZG7{H9%^o)WdqP@N)W9^6SC21nZkVJnR3
z?xA^pd-;F!BC^8$a{dBki;_+-;NW{FsAvBQ?);SZRwHP|L@&1XlPB^AmR)0?35k{=
zHc61Q4-K;dQkiwMZ*)CTk|<9sFnB++_((*`O{SIxwz=)J`i%J+epBv~(A%`ZroWDr
z#URhf8%+OBj9;VzMiXQn;9>ZYM%>Fs#OE$tK2qtIO=*=p@*B9ApQS0mN2*W3CM(w%
zzFeAhA6g@5j^n}igyScThR3i%2o1vc`tbqRgABZ%xwrjWXLe5Qc5Dcq{FqGWb+TRd
z@5b3|)L^}2)Mf-xX|ggAyQX#G-zbfUBhA@D&Wx4k=;@0v%3DVGlLyPaUogQ-ZmRyV
zblQKX(we>&7<R@!xk?coWdFu&jhalFrRyrbSTQKH8!jvIX@-4_`wiF?v}LBkKH2=C
zM*4hn83%N$P;czXZ^STQV0{t)bq7Jp1ri*P=XR$u(ffV-xg%}lkT34CL4mYq{ot&*
zx4Cib-zj9B&c=_cU)1eBB3#H$>Pn{MxC(@~=QR-Al~ZeQItf~u68{2H<+U5cpp}?v
ze@qYLe}8)nYhSGV?uZXYpH|A2e_aE8v;jBN+A(;YOgcv1Rj$7E!znl0{7bs-^sUua
zc-r#kjpp&B4vRDHO(+i&wo!lMJTvG`0P@;UmyGhR*PhCZq}WM|I(D%wj~@Nry7rUg
znb)eLQGM~9fha4s)5FUsbdD>xYEeOTW1H>7%i@-XTts>{YE6m*2Z{Dn$5ks<n>YM3
zU*k{>fY99PWU?=4^efgalG|fQReaz&_O3Q@^X`ZsOy|uN?ftPVN*SGM_f?Tpw#d-}
zc<eLLCzya+`(*ok9(DmS&G*5}p7MUv@rDLRom#FE=fUs$R2_9tcmLI>hx+I&R?ly(
zuLmC<)MHFL*ojaW=j~3$vXFx>2K~9*sZwGLR!I{so+il04>d_jvNNnk?T-w<(4MZb
zQTZbl=(OKjXRS{J4|+Db_xgG1FCrYQbU^;-DzSMh2iBciWcw3}S<<rw_da8TMDia$
zEv*ZAzz$Um>u-OU__sl>b)L=5i3(f2+8bg%0roGB4_HptaXKJi1T8#C<3^NW32SS(
z++3t_(w_6D;af4|%ez%GC3^7ZtJb;I_P+fk`<nka*s@pJ4th9}6&i^K|N24r{j%H3
z+7X6t<KCFjjt%lMbOdbQ-(CH^L_xlwxs8>)wIIWO+`AY=>fFsqF>(Du_<ODDOaJ|P
z6*k%8w&|p$^Jk{E{p-x&SOO{kl~Q~3ut?k)7s;@Qy9cJLkJA=CxzR+D`UB&DGi$*F
z)R(L{Pj}+Eo!O*=j^OVeU2v?0RKWi$Uml(C@U3eRv=VH#tqhS!Pe>sh9b8+ih|X$r
zh&Fi}RN0-a96VGn;2%7i&`u8%wfsEWJDfsl{x^x@O+<<*)Q>p=JAA>oySLX4u;nC<
zwm^Nhryg+0+Y$TnSmCTH$AN%@HuVy?)#F&bdcCNv;^{~84~AkwbDFlTy4Ys#(}qrt
zD^$}GNJn#Yn($#W9>0bjrVgikRip9V)C75Uuun$xA@tvef8Ivsmqu^`ewA-!7y!6K
zDoPi%oWul}%_Pxj&_Xv3Z?xEtk|HKU-r|<xdocd99AKL-k7v=fa`~LaF*hueDHPL1
z{-@FhZo9|C`tKrEg=AE(18&xAJOa2M7IftqsN2LEm=>&tb0y6mLD|@+@_<en>=#V)
zqDJW#87p%KS7HO6!l$#tP3D(Z8DBlAA!=@)U<4tjxnXrALnu84eQ^6sbA$bz-gHCc
zN#Kp1tQ}!#u1OZ~a_f(FaI37PjoPTh>P4?>b87zqDB#|}t0X5Xo|3x?II0P0hdfos
zDCY3Q@I@#tmX(#o&_O&Pu<B6;_X_9Z-x?1O0)WE^h+&4TD0KzT6bc&nl?T>nv<;BW
zok|&0*4hVgdJOpzL0c3-AHi2N`W{6&x3aOXPBXbB3~QgS(cn?8QL=&Winn8FR$3f3
zV(Bw)9Jg5jJPf7q2M?iz+H;oAvBAS=VyXA#9=hj(CF#Ld!k^xJJNwt^<Ko+L0VTv;
z6bXrBF45vTC(gY4MM=&P)E%YBq{+C^rZo_p;HdREtIv!GjZ5!93ch~*R+0D}FxI>^
zlPa^d)0Z3dAwoGe_is#VQxUf`-*%-zrr2D}{kU+wD}>m2`KN|5JqZJmb|y$_wdl*x
zTpiaAguTzoOl5m(etMKSHpn)FKSDSf($!AbHwfJOs*Ic=-<#LnJ!Mz)&%#p4eY$D3
z+9>j2RP);kWTq<ADM!qc8;{^b%&;azzgrjw<DI?3G(R_{`Eu-}@a$sq5ushJXsDiK
z+EImagUj?dFzQUL5^_;9Tb*iA)92pGZKlf*5TfcdwZPx9y3`DDdUAPPp{X*H6y_cr
zE=!LHS4^;ltLM<G0`C?;I^|uE3;!esKZoy9<zr5khA)CAsZjfEz4|cV2yR`M+pZqv
zn%9`wTevvE9{NW0C;>cb2R3FTzQgUez$63?Tk^nViO?o9JzCH+3^wOkX1dm5-K(>r
zF;oh<%sEEO^9S?qqWd^-De)sSC+v{|RB#1I97JuyuTlQF@TLPsq69h1=s1%`Eglp5
z>h|v{KBX(P1CvSMub2(X3{zkOqb6NnP$q#Lf=!z(H792{N0zlAy9wa2Zu1KpOw}~F
z8GmDT*j{0L7v3z@Dpt~w(&3*{Lz?`H`AKNJmN~OPm6jxxiq+vxb!)MN_7UG~y?*-}
zo-$#dC#18sTcr?JFnj+=+R&lP&-1J?lBsM8E6)5eoLlk~9O_2MZ(6NAV;laqBc&qi
zNj>9c692LHjdGf{0m-EV?7ArvSsasg!STJ6b))r!k)i_SQSSU1hypoGJt(!yO%T4-
zNPX6D`We!ZE|HA1a5gXHcb1%3>Q1(U&F^4!MvKuVIHrbLL>Oy{=PkTbd%^IHMp)Q>
z+T_oVBXi1gk-RA{`QGRZToGf-_<gI=sA|bMEd5PyAc3YF+NF|@q)<k=`YWX?V-q~d
zp5f8NZOcA)d@m0pxU~`JOHVOYi~8oxG3LINRqdW^p2&!LtTW3DWkyz{PX7cRh`M#!
z^V=6v=ic&h8iPUY&-C48$*E6)KZ-QR${bRE-n)oy<yK7mL{V`lv2D|{FYtOCLW_?&
z_>srO#<R$4#UxD=vGQSa+Oh^IlOy5#dY~{MC8LF8^SO^mWv(wZt0-xJmKT@5^SwMJ
zD^WQxDEAoy2J=beH7CCuinZj(8r`WS!~QM`t3SJv(YpHgj`3VeDNFC86!xvCwa28Y
zxqI~!DVD!qb5wD%qV>=)G9LP){>V7I97R1(s6W5G`fp)zwCXHc#;n<*X5A#3ky$9*
ziWpZ3{p4%1*P`%_9vKFLbigPl`L0>8N>iEUq^oBt#oa40Wv8j7iB)I0fmQ$-j9N6_
z;z2>(^)SVZf?H?Q_T+!h96m(=eIl!I5-3eF&nG;uDy}`~+sw;q(X_2{Xz+JwX8lVS
znt2Y{Y%y*Zw&Oig!3#nqE=k(^7nR3DV{J^&_8NUG<;g3hU<#ZqW9^NI2%=WQQWh@6
z6R@9Lx|dFPnJAa_8np|$l>%HYUz26Qk*KbXN9F=|fBr30EO3F;eZqEj5|_kFJ2`ct
z4ZhLV{vg1bU*qs43Jo`^G?NA~r#Q`!*n6x@?SWG;yQ<gS#sr3~h!U#2H$m)RC*B9Y
z@TeoK)Vzbx#at!9_d;5Vwh1Astf#6jB*$2Va`JOd9PdXLWhhmR$yLBkS`H}mo(5D>
zMLB-b4VvW+D8O$G!^wSPvtWZDi5w*Z?0WXYmP1SN-Ig2y`wNF@rR9h$>fhZB$`jx1
z))|t2tfVS6-)gkvPDjtSC&tytvv3CPd=oaQGw_jWr0^u8Mt}+W;+tf286N&}C(R3+
z8HY8HGZPfKLY~|_#_>>ZPV*;<36-7IUKi=M(zWh>&9XNJdQR6Eo#yO9xoE6Pt&12V
znGndvEeYZ<>?IPXgw^bZx+*#Mce2@8N{!e3=JCB0b<6c#(I}7!A~dVO3`+LNlR0*G
z@~?gX=cbRIBd-UwXNxPY0WBX7jaRyel0rJdvc`b?W+~+*`^c#!x|d5Q&o@5y*VyzA
zhJN!I-?_~?rqf#299yG8FllG4-yMs{1NuIvV(XLq>-qZZ_zFgVU=vf7f3?r`RBgx}
zey=P%0pk2sU+jo4n-fiBCU%c(w1r2=eNmfa1l{<&e`TsXg(aN1z>ofsv+`wm9}ImG
zqzR^@Jp7-I88v8l)LJi9ja|;iM;-s0Zk-W~m%@d5VM6qu=S73vmtC@flCCDq|5j%*
z)Mw6nhZ#uAGj^rjZnw$UwMaQ)ZViojpRZ8~W3t*<`@41$7+&M~oZ}&0UA)n$GVX=8
z$YwCICVI1G%*xC#&){#*39nW}A5^>|6`_?SV=c?>B+)aF!P!YCxYABD)%t5Pp?mdP
zh$~0RTt9rtlZ?UTHkCRhXn$1#p9k^AY<5lV1G%28dVgJ-1K5~{;cJ~f0<)RPLzhw8
zlh>FHgl5ub@2<VKfF=@zu_&K%Hqh18bvPESl_Qrt+&cs>{310G-ZJl7YdHqVw!qZ0
zXs&PJS=X5hdQJ4L5=P9u`!;9rHof?yev)xF-?P?gWwB(t_?q`QzZ@PxlVCe@xT~9g
zM`d0HD000NDOcLHK<UU^&L6IIZ`WYu$RLVWe)+OuSG_93I?Xoya?;uj@1#MJ3VJK7
z5ZRiQe7Yt)+=x+T5~Q%pneEB%`AqX#ESMp+9OM&TC2jAZjMc#v?4ub(ICk31hEu;Z
zLo{-Y?Kx01h2(D~QlC9IvYeV&!VlArv0&+bmdrY5L;2MO@kTu9=jWvko#nS5%Z*vA
zYlVcIx-D`Ovya?(${`665$5KbT4j$7AB?dxYY%*DjM<~3vQ`!r!kld5IzHn^9wNzm
z3VUc#3Gr+z)WtQ|TL3bm?j{v>LYKic!X>~@N=FKd8m|mIh!eQNkQ#gq#0_8niwjAo
zR}lVck4hg?L@~<X`YvX=rG#(dU1ySfPUTUUW{n|7SE0Z`Hv+9vVsnd341z0PwCNBI
z3|LH`S*oWeTHz<AJjl=1^9v+W!Hh(P=6pH0Q^m@lKcraJUo3Y1B#e~FnNlYe^%aZI
zXS39|#*ls2G3&(d0Jjv}QZn7$d{A$d5N9pD?gpVHR8{LWtuw?9^KtTLT4fBS`xxC3
z)KC;oGqTr~U_QM#6pDgPclOiqLbfoGDbdptSX|ss*N!^<wUYh(SC--&)~JTO=iz?A
zyW%NwQ7L|VOFYcq(+ma~jubmP!yZXnvZzUki=hoKd)1;_NxezGGyr>#Lryan(>7O=
zTKfFtx{}=Fbtq<!L5w=2DbxO(7V_sAC49~@k{TUR6cR#h4l*aNl7UJg${3?+HRxgA
z7M|kQ$SkZGmYSKPb0q|lQlj3Pt-`tIU23$>l0AxZqzw|Rz>I^E%DcO9Pz$`*cOrx#
zgwjMdk`jxy0ZFx}xmORF&18~%z+z+@t?D~F9=e4*2^*x2$Xhe1<M{LRz<mJzf@bj&
z(?L6GkyN49ghaKr?)&d2Iw-HLR28L&W@M<a4*yyuOj=2Mtb_t3C5TVVkoZod%4UQ{
zNbkRH#78qbIC+P}CuJywXbg+kch4mhdCn3$`wEXBv&tV<GE2&ITl#5qp1ThfIF}gC
zBLi=m(^@p{!3?S48XN=3D7C8*O{|kKhWsB1GXA%kYA6EnUugs~g+qQxJ3Cuc3(A0V
zUn%aG*?6;zXE_vMD(Uh|)i*-9<TF$W-fKE$Jp3b`GaBqqH9FyJJMuq9PaBYUyH3-~
zy*_ZqhpZd#NTo%3bB|{b>%)b@FJRZ5+euL|2ST%PzXHC5p}KI$qg2J|NuxNm9V*k!
z&Ope&;xHo$rJeQw>|jrz6z9?{MwUdIvntu3cDWCx-6BLYj&{h4T%Bd}D0OqEgIc?+
z&?VKaNcCb#9_1sXM`#q<QTn-}M%8tc!_23ZtlgR&@`39Wb5q|RiJ-IP<EDgO#BOy)
z6FKfgRCccuOO6YB(@pJ_cbsF-4;g2SB;V{`N%Ux<o|HLhjTDk42E$)z)vB}VnAU5U
z{@C0-<$4S22s$VlR%wp*``t`|TplKL7`c>}RLI!0v1|4tQZvrfad-gB!otI_wQ{Ff
zR=>GMlpE?!RaetkbIQqw;k7z6>e{@ZZPAdhj2JD8a<wVavM8M6?0omBDJq>P6!zny
z_E96z#!jJ25$SoU%7I0>;PcRnm?^u};$KZ=nO|ulLae547@6nTG(n5ivrAilhN>wh
z>a1`7Ys%uQZe1^_f7tJW&sOL}yonQ8SO*GDF)8NshAz|$778W`d_X4op}hS8H;MZX
zM~m$1eML(C$)n`op|g+IXRuy;-M5Y%3@CH*0a6e>p7UC=OxRgj#PG?KX~eGO$WQ&M
zBsi4a4n_ZC&y>d~{l~HW!=?+1BY0&zg+-Z~;=GSr=er`H0JA67u_cR<pQm7RlE%_!
zeD5UEaDL_x_!R%J)>3(6+O6q}cuAZ?`>82JoB(ee<X0|`hB}zN;!J0o{L45z-=?N4
zwMn@1-N?GgI4sv_VY-ATscvzy^=6~A=D-(+J^L*|!<!kE=(v$kKBQzK`R2qz>7lkg
z2helT#eO#_F>?+bU`E7A|7yzVFmnhJRsQ28J+Uc4R*D1RuUb40cPZ0=`2{;8XeJii
zyMr^1?`4r;;>x8}<AuxjTdH1>v+Y`~?((6lsdSf9eedU0e|V2K*O&dJO+vXa<B`Vu
zLl_%pb=(<*HfuMcFZ!~wk3Ao=xk=thud#+m2VS8%HUS)f8}tKMfOs|8`S$?c6ii2P
z^A8pUO`lV|#3yMKf`!H2R?ij&NfCBpJ^VJ~W-QsVkPiH-W{iG-`hSQT^6~qCtUX1f
VMMd1pmvbCQ3NotFm6Bh7{x2$sTQvXx

literal 0
HcmV?d00001

diff --git a/windows/keep-secure/vpn-authentication.md b/windows/keep-secure/vpn-authentication.md
index 03ce74ee7d..c9f9f2b9a7 100644
--- a/windows/keep-secure/vpn-authentication.md
+++ b/windows/keep-secure/vpn-authentication.md
@@ -15,7 +15,25 @@ localizationpriority: high
 -   Windows 10
 -   Windows 10 Mobile
 
-In addition to older and less-secure password-based authentication methods (which should be avoided), the Inbox solution utilizes EAP to provide secure authentication using both username/password and certificate-based methods.  
+In addition to older and less-secure password-based authentication methods (which should be avoided), the built-in VPN solution uses Extensible Authentication Protocol (EAP) to provide secure authentication using both user name and password, and certificate-based methods. You can only configure EAP-based authentication if you select a built-in VPN type (IKEv2, L2TP, PPTP or Automatic).
+
+Windows supports a number of EAP authentication methods. 
+
+<table>
+<thead><tr><th>Method</th><th>Details</th></thead>
+<tbody>
+<tr><td>EAP-Microsoft Challenge Handshake Authentication Protocol version 2 (EAP-MSCHAPv2)</td><td><ul><li>User name and password authentication</li><li>Winlogon credentials - can specify authentication with computer sign-in credentials</li></ul></td></tr>
+<tr><td>EAP-Transport Layer Security (EAP-TLS) </td><td><ul><li>Supports the following types of certificate authentication<ul><li>Certificate with keys in the software Key Storage Provider (KSP)</li><li>Certificate with keys in Trusted Platform Module (TPM) KSP</li><li>Smart card certficates</li><li>Windows Hello for Business certificate</li></ul></li><li>Certificate filtering<ul><li>Certificate filtering can be enabled to search for a particular certificate to use to authenticate with</li><li>Filtering can be Issuer-based or Enhanced Key Usage (EKU)-based</li></ul></li><li>Server validation - with TLS, server validation can be toggled on or off<ul><li>Server name - specify the server to validate</li><li>Server certificate - trusted root certificate to validate the server</li><li>Notification - specify if the user should get a notification asking whether to trust the server or not</li></ul></li></ul></td></tr>
+<tr><td>Protected Extensible Authentication Protocol (PEAP)</td><td></td></tr>
+<tr><td>Tunneled Transport Layer Security (TTLS)</td><td></td></tr></tbody>
+</table>
+</br>
+
+
+## Configure authentication
+
+See [VPN profile options](vpn-profile-options.md) and [VPNv2 CSP](https://msdn.microsoft.com/library/windows/hardware/dn914776.aspx) for XML configuration. 
+
 
 
 
diff --git a/windows/keep-secure/vpn-connection-type.md b/windows/keep-secure/vpn-connection-type.md
index 33017b38a8..9347844294 100644
--- a/windows/keep-secure/vpn-connection-type.md
+++ b/windows/keep-secure/vpn-connection-type.md
@@ -25,21 +25,21 @@ There are many options for VPN clients. In Windows 10, the built-in plug-in and
 
 - Tunneling protocols
 
-    - [Internet Key Exchange version 2 (IKEv2)](https://technet.microsoft.com/en-us/library/ff687731.aspx)
+    - [Internet Key Exchange version 2 (IKEv2)](https://technet.microsoft.com/library/ff687731.aspx)
 
         Currently, this can only be configured in [custom XML in the ProfileXML node](vpn-profile-options.md).
     
-        Configure the IPsec/IKE tunnel cryptographic properties using the **Cryptography Suite** setting in the [VPNv2 Configuration Service Provider (CSP)](https://msdn.microsoft.com/en-us/library/windows/hardware/dn914776.aspx).
+        Configure the IPsec/IKE tunnel cryptographic properties using the **Cryptography Suite** setting in the [VPNv2 Configuration Service Provider (CSP)](https://msdn.microsoft.com/library/windows/hardware/dn914776.aspx).
            
-    - [L2TP](https://technet.microsoft.com/en-us/library/ff687761.aspx)
+    - [L2TP](https://technet.microsoft.com/library/ff687761.aspx)
 
         Currently, this can only be configured in [custom XML in the ProfileXML node](vpn-profile-options.md).
     
-        L2TP with pre-shared key (PSK) authentication can be configured using the **L2tpPsk** setting in the [VPNv2 CSP](https://msdn.microsoft.com/en-us/library/windows/hardware/dn914776.aspx).
+        L2TP with pre-shared key (PSK) authentication can be configured using the **L2tpPsk** setting in the [VPNv2 CSP](https://msdn.microsoft.com/library/windows/hardware/dn914776.aspx).
     
-    - [PPTP](https://technet.microsoft.com/en-us/library/ff687676.aspx)
+    - [PPTP](https://technet.microsoft.com/library/ff687676.aspx)
 
-    - [SSTP](https://technet.microsoft.com/en-us/library/ff687819.aspx)
+    - [SSTP](https://technet.microsoft.com/library/ff687819.aspx)
 
         SSTP is supported for Windows desktop editions only. SSTP cannot be configured using mobile device management (MDM), but it is one of the protocols attempted in the **Automatic** option.
         
@@ -47,7 +47,7 @@ There are many options for VPN clients. In Windows 10, the built-in plug-in and
 
     The **Automatic** option means that the device will try each of the built-in tunneling protocols until one succeeds. It will attempt from most secure to least secure. 
 
-    Configure **Automatic** for the **NativeProtocolType** setting in the [VPNv2 CSP](https://msdn.microsoft.com/en-us/library/windows/hardware/dn914776.aspx).
+    Configure **Automatic** for the **NativeProtocolType** setting in the [VPNv2 CSP](https://msdn.microsoft.com/library/windows/hardware/dn914776.aspx).
     
   
  
@@ -59,7 +59,7 @@ There are a number of Universal Windows Platform VPN applications, such as Pulse
 
 ## Configure connection type
 
-See [VPN profile options](vpn-profile-options.md) and [VPNv2 CSP](https://msdn.microsoft.com/en-us/library/windows/hardware/dn914776.aspx) for XML configuration. 
+See [VPN profile options](vpn-profile-options.md) and [VPNv2 CSP](https://msdn.microsoft.com/library/windows/hardware/dn914776.aspx) for XML configuration. 
 
 The following image shows connection options in a VPN Profile configuration policy using Microsoft Intune.
 
diff --git a/windows/keep-secure/vpn-guide.md b/windows/keep-secure/vpn-guide.md
index 81bb28f39e..7914168eeb 100644
--- a/windows/keep-secure/vpn-guide.md
+++ b/windows/keep-secure/vpn-guide.md
@@ -16,7 +16,9 @@ localizationpriority: high
 - Windows 10
 - Windows 10 Mobile
 
-This guide will walk you through the decisions you will make for Windows 10 clients in your enterprise VPN solution and how to configure your deployment. This guide references the [VPNv2 Configuration Service Provider (CSP)](https://msdn.microsoft.com/en-us/library/windows/hardware/dn914776.aspx). 
+This guide will walk you through the decisions you will make for Windows 10 clients in your enterprise VPN solution and how to configure your deployment. This guide references the [VPNv2 Configuration Service Provider (CSP)](https://msdn.microsoft.com/en-us/library/windows/hardware/dn914776.aspx) and provides mobile device management (MDM) configuration instructions using Microsoft Intune and the VPN Profile template for Windows 10.
+
+![Intune VPN policy template](images/vpn-intune-policy.png)
 
 >[!NOTE]
 >This guide does not explain server deployment. It lists server dependencies, when relevant. 
@@ -36,7 +38,9 @@ This guide will walk you through the decisions you will make for Windows 10 clie
 | [VPN profile options](vpn-profile-options.md)  | combine settings into single profile using XML |
 
 
-
+## Learn more
+
+- [VPN connections in Microsoft Intune](https://docs.microsoft.com/intune/deploy-use/vpn-connections-in-microsoft-intune)
 
 
 
diff --git a/windows/keep-secure/vpn-routing.md b/windows/keep-secure/vpn-routing.md
index 9995b93d37..46e89c359e 100644
--- a/windows/keep-secure/vpn-routing.md
+++ b/windows/keep-secure/vpn-routing.md
@@ -21,7 +21,7 @@ Network routes are required to forward traffic across the VPN interface. One of
 
 In a split tunnel configuration, routes can be specified to go over VPN and all other traffic will go over the physical interface. 
 
-Routes can be configured using the VPNv2//*ProfileName*/RouteList setting in the [VPNv2 Configuration Service Provider (CSP)](https://msdn.microsoft.com/en-us/library/windows/hardware/dn914776.aspx).
+Routes can be configured using the VPNv2//*ProfileName*/RouteList setting in the [VPNv2 Configuration Service Provider (CSP)](https://msdn.microsoft.com/library/windows/hardware/dn914776.aspx).
  
 For each route item in the list the following can be specified: 
 
@@ -44,6 +44,8 @@ For a UWP VPN plug-in, this property is directly controlled by the app. If the V
 
 ## Configure routing
 
+See [VPN profile options](vpn-profile-options.md) and [VPNv2 CSP](https://msdn.microsoft.com/library/windows/hardware/dn914776.aspx) for XML configuration. 
+
 When you configure a VPN profile in Microsoft Intune, you select a checkbox to enable split tunnel configuration.
 
 ![split tunnel](images/vpn-split.png)