Tumgik
richardmhicks
Richard Hicks
Richard Hicks is the founder and principal consultant at Richard M. Hicks Consulting, Inc. With more than 25 years of experience implementing secure remote access and public key infrastructure (PKI) solutions, he is a widely recognized enterprise mobility and security infrastructure expert sought after by organizations worldwide. His mission is to help companies provide visibility, control, and assurance for their field-based devices, ensuring the highest level of security and productivity for today's highly mobile workforce.
374 posts
Don't wanna be here? Send us removal request.
Last Seen Blogs
lostcap
such is the fate of heroes
qatos
ㅤㅤㅤㅤㅤ
krisnorth
Fox_kingdom
just-tourettic
Just_Tourettic
wunnabarbie
Barbie
richardmhicks · 2 days
Text
Always On VPN Device Tunnel Issues with April 2024 Security Update
Always On VPN administrators may find that their device tunnel connections no longer connect automatically after applying the April 2024 security updates. The device tunnel connection is optional and only required under specific conditions, so end users may not be immediately impacted. However, administrators should be aware of this issue. Error Messages When manually establishing an Always On…
Tumblr media
View On WordPress
#0x80070057#Always On VPN#AOVPN#device tunnel#error#hotfix#KIR#known issue rollback#Microsoft#PowerShell#rapshone#rasdial#security#security update#update#VPN#warning#Windows#workaround
0 notes
richardmhicks · 16 days
Text
Always On VPN April 2024 Security Updates
Microsoft has released its security updates for April 2024. This month, a few vulnerabilities are potentially impacting Always On VPN administrators. Specifically, three updates address issues with the Windows Server Routing and Remote Access Service (RRAS). In addition, vulnerabilities affect the Remote Access Connection Manager (RasMan) service, affecting both VPN servers and…
Tumblr media
View On WordPress
#hotfix#rasman#Remote#Remote Access Connection Manager#routing and remote access service#RRAS#security#update#vulnerability
0 notes
richardmhicks · 1 month
Text
Microsoft Intune Cloud PKI and Certificate Templates
Microsoft recently announced the general availability of its new PKI-as-a-Service platform called Microsoft Intune Cloud PKI. With Intune Cloud PKI, administrators create certification authorities (CAs) to issue and manage user and device authentication certificates for Intune-managed endpoints. Cloud PKI also provides hosted Authority Information Access (AIA) and Certificate Revocation List…
Tumblr media
View On WordPress
#Active Directory#Active Directory Certificate Services#AD#AD CS#ADCS#AIA#authentication#CDP#certificate#certificate authority#certificate template#certificates#Certification Authority#Cloud PKI#CRL#encryption#endpoint manager#InTune#Intune Cloud PKI#MEM#Microsoft#Microsoft Endpoint Manager#Microsoft Intune Cloud PKI#NDES#Network Device Enrollment Service#PKI#public key infrastructure#SCEP#security#Simple Certificate Enrollment Protocol
0 notes
richardmhicks · 1 month
Text
Microsoft Intune Learning Resources for Always On VPN Administrators
Note: This post has been updated and republished to reflect the return to the Microsoft Intune product name and to include updated learning resources for Always On VPN administrators. Microsoft Intune is the recommended solution for deploying and managing Windows Always On VPN client configuration settings. Always On VPN is designed for Mobile Device Management (MDM), with configuration settings…
Tumblr media
View On WordPress
#Always On VPN#book#books#education#enterprise mobility#learning#MEM#MEMCM#Microsoft#Microsoft Endpoint Manager#Mobility#security#systems management#video training#VPN#Windows#Windows 10#Windows 11
0 notes
richardmhicks · 1 month
Text
Microsoft Intune Cloud PKI
Recently, Microsoft introduced the general availability of its new PKI-as-a-service solution called Microsoft Intune Cloud PKI. Cloud PKI allows administrators to issue and manage user and device authentication certificates for Intune-managed endpoints without deploying Active Directory Certificate Services (AD CS) on-premises. Cloud PKI frees administrators from the burdens of deploying and…
Tumblr media
View On WordPress
#authentication#Azure#BYOCA#certificate#certificates#Certification Authority#cloud#Cloud PKI#device authentication certificate#InTune#Intune Cloud PKI#issuing CA#issuing certification authority#Microsoft#Microsoft Intune#Microsoft Intune Cloud PKI#PKI#PKI-as-a-Service#public cloud#root CA#root certification authority#SCEP#Simple Certificate Enrollment Protocol#user authentication certificate
0 notes
richardmhicks · 1 month
Text
Absolute Secure Access and IPv6
Absolute Secure Access (formerly NetMotion Mobility) is a premium enterprise secure remote access solution with deep user and application insight supporting Windows, Mac, iOS (iPhone and iPad), and Android devices. Although Absolute Secure Access supports IPv6 for remote network connections and client IP address assignment, the latter is not enabled by default. Administrators must make additional…
Tumblr media
View On WordPress
#Absolute#Absolute Secure Access#DHCPv6#enterprise mobility#IP#IP address#IP Address Assignment#IPv6#IPv6 prefix#Mobility#NetMotion#NetMotion Mobility#Remote Access#security#SLAAC#split tunnel#split tunneling#VPN#Zero Trust#Zero Trust Network Access#ZTNA
0 notes
richardmhicks · 1 month
Text
Always On VPN Ask Me Anything (AMA) March 2024
Do you have questions about Always On VPN? Are you having a specific issue you can’t figure out? Would you like more information about configuration options? Here’s your chance to get your questions answered! Join me on Tuesday, March 26, at 10:00 AM PDT (UTC -7) for an opportunity to ask me anything (AMA!) about Microsoft Windows Always On VPN and related technologies. The AMA will be an open…
Tumblr media
View On WordPress
#Always On VPN#AMA#AOVPN#Ask Me Anything#enterprise mobility#meeting#Microsoft#Mobility#Remote Access#secure remote access#security#VPN#webinar#Windows#Windows 10#Windows 11#Windows Server
0 notes
richardmhicks · 2 months
Text
Microsoft Intune Cloud PKI and Active Directory
Recently, Microsoft introduced a new PKI-as-a-Service offering called Cloud PKI. This cloud-based PKI can issue and manage certificates to Intune-managed endpoints. Administrators can now deploy user and device authentication certificates using Intune Cloud PKI without deploying Active Directory Certificate Services (AD CS) on-premises. Numerous blog posts and YouTube videos show how to configure…
Tumblr media
View On WordPress
#Active Directory#AD#AD CS#authentication#CA#certificate#certificates#Certification Authority#Cloud PKI#InTune#Intune Cloud PKI#issuing CA#MDM#MEM#NDES#NPS#PKCS#PKI#PKI-as-a-Service#RADIUS#root CA#SCEP#WIFI
0 notes
richardmhicks · 2 months
Text
Mastering Certificates with Intune Training Course
I’m excited to announce I’ll present a three-day LIVE online training event covering all things Microsoft Intune and certificates. This training event takes place on the ViaMonstra online academy May 14-16, 2024. Course Material This training course comprehensively examines all aspects of delivering certificates using Microsoft Intune, including common deployment scenarios, PKCS and SCEP…
Tumblr media
View On WordPress
#Active Directory Certificate Services#AD CS#ADCS#BYOCA#certificate authority#Certification Authority#cloud#Cloud PKI#CloudPKI#education#InTune#learning#MDM#Microsoft Intune#PKI#PKI-as-a-Service#public cloud#training#ViaMonstra
0 notes
richardmhicks · 2 months
Text
Always On VPN Static IP Address Assignment
A question that occasionally arises when I’m conducting an Always On VPN planning and design workshop for a customer is static IP address assignment options for VPN connections. Typically, the use case is a specific user that requires special access to a sensitive system internally. Assigning a static IP address to the user allows administrators to create firewall rules restricting access to this…
Tumblr media
View On WordPress
#Active Directory#AD#Always On VPN#AOVPN#firewall#IP#IP address#IP Address Assignment#multisite#NPS#security#VPN
0 notes
richardmhicks · 2 months
Text
Always On VPN Client IP Address Assignment Methods
When Always On VPN clients connect to the VPN server, they must be assigned an IP address to facilitate network communication. When using Windows Server and Routing and Remote Access Service (RRAS) for VPN services, administrators must choose between Dynamic Host Configuration Protocol (DHCP) and static address pool assignment methods. DHCP DHCP is a quick and easy way to handle VPN client IP…
Tumblr media
View On WordPress
#Always On VPN#AOVPN#devivce tunnel#DHCP#IP#IP address#IP addressing#IPv4#IPv6#Microsoft#Mobility#RAS#routing#Routing and Remote Access#routing and remote access service#RRAS#security#user tunnel#VPN#Windows#Windows Server
0 notes
richardmhicks · 3 months
Text
Always On VPN and NPS AD Registration
Windows Server Network Policy and Access Services (NPAS, more commonly called NPS) is a popular solution used in Always On VPN deployments to support Active Directory authentication for user-based VPN connections. NPS is integrated with Active Directory to perform certificate-based authentication. With additional configuration, NPS can apply specific settings to an individual connection by…
Tumblr media
View On WordPress
#Active Directory#AD#Always On VPN#AOVPN#authentication#authorization#dial-in#network policy and access services#network policy server#NPAS#NPS#RADIUS#RAS#Remote Access#VPN
0 notes
richardmhicks · 3 months
Text
Considerations for Always On VPN with Azure VPN Gateway and Virtual WAN
Organizations migrating on-premises applications, data, and infrastructure to the cloud may also consider terminating Always On VPN connections there. Using one of the native Azure VPN services might be compelling at first glance. After all, having an Azure-managed VPN gateway service sounds intuitive. However, some severe limitations exist for using Azure VPN services for Always On VPN…
Tumblr media
View On WordPress
#authenticaiton#authentication#Azure#Azure Virtual WAN#Azure VPN Gateway#cloud#device tunnel#EAP#Entra#Entra ID#Entra ID Join#ExpressRoute#gateway#geographic redundancy#IKEv2#IPv6#Microsoft#Microsoft Azure#PEAP#public cloud#RADIUS#routing#SSTP#user tunnel#Virtual WAN#vnet#VPN#Windows
0 notes
richardmhicks · 3 months
Text
Always On VPN and IPv6
Internet Protocol version 6 (IPv6) has been with us for nearly 30 years. IPv6 adoption on the public Internet has steadily increased over the last decade, and today is approaching 50%. However, enterprise adoption of IPv6 has been surprisingly sluggish despite its numerous benefits. IPv6 includes an expanded address space that removes complex subnetting requirements and globally unique addressing…
Tumblr media
View On WordPress
#Always On VPN#AOVPN#DHCP#DHCPv6#enterprise mobility#IP#IP addressing#IPv6#IPv6 prefix#Microsoft#Microsoft Always On VPN#Microsoft Windows#Mobility#Networking#RAS#Remote Access#routing#Routing and Remote Access#RRAS#VPN#Windows#Windows 10#Windows 11
0 notes
richardmhicks · 3 months
Text
When Always On VPN Isn’t
Microsoft Always On VPN is a beautiful thing. VPN profiles are assigned to the user (and, optionally, their device). When users power up their device and log on, they are automatically connected to the corporate network and can access all the applications and data they need on-premises. Until recently, though, end users could disconnect the VPN. Why they would do this is beyond comprehension, but…
Tumblr media
View On WordPress
#Always On VPN#AOVPN#Compliance#configuration#Connect Automatically#detection script#disconnect#endpoint#endpoint manager#InTune#Intune remediation#Microsoft#Mobility#PowerShell#remediation#remediation script#Remote Access#SCCM#script#security#System Center Configuration Manager#VPN#Windows#Windows 10#Windows 11#workaround
0 notes
richardmhicks · 4 months
Text
Always On VPN RRAS Centralized Monitoring and Reporting
A while back, I wrote about the monitoring and reporting options for Windows Server Routing and Remote Access (RRAS) servers supporting Microsoft Always On VPN. In that article, I outlined how administrators can use the Routing and Remote Access Management console (rrasmgmt.msc) or the Remote Access Management console (ramgmtui.exe) to perform configuration tasks and review current user and…
Tumblr media
View On WordPress
#Always On VPN#AOVPN#capacity planning#centralized reporting#configuration#consolidated reporting#DPC#enterprise mobility#health status#Microsoft#Mobility#monitoring#PowerON#Remote Access#remote management#reporting#Routing and Remote Access#RRAS#security#visibility#VPN#webinar#Windows#Windows Server
0 notes
richardmhicks · 5 months
Text
Microsoft Intune Certificate Connector Failure
The Microsoft Intune Certificate Connector enables the provisioning and de-provisioning of on-premises PKI certificates for Intune-managed devices. Always On VPN administrators using Intune to deploy certificates with the Intune Certificate Connector using either PKCS or SCEP may encounter a scenario where certificates are no longer being provisioned to users or devices after working reliably…
Tumblr media
View On WordPress
#authentication#certificate#certificate connector#certificates#connector#EAP#error#event log#expired certificate#extensible authentication protocol#InTune#Intune certificate connector#MDM#Microsof t#Microsoft#Microsoft Intune#Mobile Device Management#Mobility#PEAP#PKCS#PKI#protected extensible authentication protocol#redundancy#renew certificate#SCEP#security#warning#Windows
1 note · View note
Statistics
We looked inside some of the posts by richardmhicks and here's what we found interesting.
Average Info
Notes Per Post
1
Likes Per Post
1
Reblog Per Post
0
Reply Per Post
0
Time Between Posts
9 days
Number of Posts By Type
Text
17
Explore Tagged Posts
Fun Fact
Celebrities use Tumblr as well.