Microsoft Ignite 2024

The Microsoft Ignite conference will be held November 19-22, 2024, at the McCormick Place Conference Center in Chicago, IL. Ignite is the premier Microsoft event of the year and will be packed with many announcements about new products and technologies. Ignite is also a fantastic learning event with experts worldwide in attendance.

Meet Up

I’m excited to announce that Microsoft has invited me to participate in the event as part of their Expert Meet-Up program. I will spend time at the Windows Server station in the Azure Infrastructure section of the Hub. Below are the days and times I’ll be available.

  • Tuesday, November 19 – 3:30 PM to 7:30 PM CST
  • Wednesday, November 20 – 2:30 PM to 6:00 PM CST
  • Thursday, November 21 – 2:30 PM to 6:00 PM CST

Let’s Connect

Be sure to drop by and say hello! We can chat about Windows Server and Azure Infrastructure. Of course, we can also discuss all the technologies I usually work with, including Entra Private Access, Always On VPN, Intune and Cloud PKI, and certificates in general. I will also attend many social gatherings during the week, so look for me at those as well.

I look forward to seeing you at the event!

Additional Information

Microsoft Ignite 2024

PowerON Platforms are No More

If you’re a follower of this website, you are undoubtedly familiar with PowerON Platforms as I have promoted their products extensively over the years. Dynamic Profile Configurator (DPC) is a clever solution that enables Always On VPN client configuration provisioning and management using Active Directory group policy. They recently introduced a cloud-based centralized reporting solution for organizations with multiple VPN servers. I worked closely with PowerON and influenced many of the features of these great technologies.

Out of Business

Sadly, I learned recently that PowerON Platforms has entered insolvency. Effective October 16, 2024, PowerON Platforms now cease to exist. If you are a current customer of theirs, you likely have received a notification email already.

The Future

Many of my customers have asked what will become of DPC and their cloud-based reporting solution. Here is some additional information.

DPC

Fortunately, DPC will live on through open source. My good friend and primary developer of DPC, Leo D’Arcy, is currently working on refactoring the software to meet open-source specifications. Although I don’t have a timeline for when the software will be available for download, I hope it will be soon.

You can follow the GitHub repository for the open-source DPC here.

If you have a current DPC license, the product should continue to work without issue. You can upgrade to the open-source version of DPC in the future if you choose to. You will likely encounter problems if you use DPC with a trial license. If this happens, contact me directly, and I’ll assist you.

Reporting

The PowerON Platforms Always On VPN reporting solution is dead and will not continue. If you were using this product, I would suggest deleting the resource group you created in Azure for this and the PowerBI application installed for it.

In addition, Always On VPN administrators should remove the reporting agent software from their VPN servers. You can do this on GUI installations using the Add or Remove Programs control panel app.

If you’ve installed the reporting agent on Server Core systems, you can remove it by running the following PowerShell command.

Get-WmiObject -Class Win32_Product | Where-Object {$_.IdentifyingNumber -Match ‘{FFFC6424-82BB-49C5-9112-2C1436717C9C}’ } |  Invoke-WmiMethod -Name Uninstall

Support

With PowerON Platforms out of business, their products are no longer supported. However, if you have issues with DPC or have any questions, please don’t hesitate to contact me. I’ll provide as much support as I can.

Additional Information

Always On VPN Dynamic Profile Configurator (DPC) Open Source on GitHub

Microsoft Deprecates Legacy VPN Protocols

It’s long overdue, but Microsoft has finally announced the formal deprecation of the Point-to-Point Tunnel Protocol (PPTP) and the Layer 2 Tunneling Protocol (L2TP) in Windows Server Routing and Remote Access (RRAS) Servers. Both protocols have long since been replaced with more secure alternatives such as the Secure Socket Tunneling Protocol (SSTP) and Internet Key Exchange version 2 (IKEV2). However, many organizations have RRAS servers configured using these legacy protocols to support ad-hoc, on-demand access for non-managed users and devices.

Deprecated Protocols

There are a few reasons why Microsoft has deprecated these legacy protocols. Consider the following.

PPTP

It’s been widely known for many years that PPTP is broken and terribly insecure. Using this VPN protocol today is tremendously risky.

L2TP

L2TP is still considered secure, for the most part. However, it has been replaced with IKEv2, which is more secure and efficient.

Future Support

Although Microsoft made the announcement recently, the protocols will still be included in Windows Server 2025 when released later this year. However, Microsoft may remove these protocols from future Windows Server releases.

Always On VPN

Those who have deployed Microsoft Always On VPN are likely already using modern, secure VPN protocols, so this deprecation announcement won’t impact them. Although PPTP and L2TP are technically supported with Always On VPN, they are not commonly configured.

Recommendations

Administrators using Windows Server RRAS for VPN access using PPTP are encouraged to migrate to another protocol immediately. Those continuing to use L2TP should consider migrating soon.

Additional Information

Always On VPN Protocol Recommendations for Windows Server RRAS