Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
John_Creighton
Participant

Intune AutoPilot Azure Hybrid Join

Hi,

We are looking at Autopilot to setup remote users new laptops and are wondering if CheckPoint has a solution to be able to connect to our network via VPN in order to domain join our laptops via AutoPilot. 

I have not found any documentation to point us in the right direction.

Thanks

John

0 Kudos
5 Replies
PhoneBoy
Admin
Admin

Yes, see: https://sc1.checkpoint.com/documents/HarmonyEndpoint/Harmony_Endpoint_Security_for_Windows_MDM_Deplo... 
I believe most of this also applies to standalone VPN clients as well.

0 Kudos
John_Creighton
Participant

Hi,

Thanks for the reply, but i am not wanting to deploy an app via intune. I am wanting to connect to our domain network as part of the AutoPilot setup so that our new laptops can be domain joined when they are setup from out of the box.

0 Kudos
PhoneBoy
Admin
Admin

So, as part of an Intune deployment, you want to open a VPN with the Check Point client?
If not, please explain the precise flow you're looking for.

The VPN client does have a CLI, which means it could be called as part of a script.
See: https://sc1.checkpoint.com/documents/RemoteAccessClients_forWindows_AdminGuide/Content/Topics-RA-VPN...

0 Kudos
Cosmo
Explorer

Hi PhoneBoy

- I have the same issue. In part of the Microsoft AutoPilot deployment, we deploy already the CheckPoint Mobile to the machine

- The machine is a Fresh windows machine that didn't join the domain yet

- Our VPN Client (CheckPoint), use Azure MFA to authenticate

- One of the step in the AutoPilot, is to join the machine to the AD Hybrid Domain

- We can successfully call the CheckPoint Mobile. However, when it try to access the MFA page, it keep trying

- My suggestion, is that, it doesn't know where to reach the AzureMFA because the machine is not yet joined the domain.

 

Any solution would be appreciated 

0 Kudos
PhoneBoy
Admin
Admin

I'm not clear what is generating the MFA page here.
If it is the Remote Access client, then the URLs used for SAML must be externally resolvable and reachable without a VPN.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events