Microsoft Tunnel is a VPN gateway solution for Microsoft Intune that runs in a container on Linux and allows access to on-premises resources from iOS/iPadOS and Android Enterprise devices using modern authentication and Conditional Access.
Prerequisites
- An Azure subscription.
- An Intune subscription e.g. M365 with Intune Plan 1
- A Linux server that runs containers. This server can be on-premises or in the cloud:
- Podman (RHEL)
- Docker (Ubuntu/Debian)
Please note the following Linux distributions and corresponding container engines are supported:
| Linux Distribution | Container Engine |
| CentOS 7.4+(CentOS 8+ isn’t supported) | Docker-CE |
| Red Hat (RHEL) 7.4+ thru RHEL 8.3 | Docker-CE |
| Red Hat (RHEL) 8.4+ | Podman v3.0 minimum supported version |
| Ubuntu 18.04 | Docker-CE |
| Ubuntu 20.04 | Docker-CE |
NOTE: RedHat does not supply support for Docker-CE. Docker community support is available for Docker-CE.
- A Transport Layer Security (TLS) certificate for the Linux server to secure connections from devices to the Tunnel Gateway server.
- Public DNS for the Linux instance that supports the on-premises tunnel
- Devices that run Android or iOS/iPadOS.
- To complete the Microsoft Tunnel configuration, organisations should raise a Service Request with the Intune Live Support Team only when Linux OnPremises Tunnel prerequisites are met.
More details on Microsoft Tunnel pre-requisites and configuration can be found here.
After setup installs the certificate and creates the Tunnel Gateway services, you will be prompted to sign in and authenticate with Intune. NHSmail Live Support team would be required to Sign-In to complete authentication between the Tunnel Gateway and Microsoft Entra. Please raise a Service request in order to complete the set-up
| Last Reviewed Date | 09/08/2024 |
