設定 Microsoft Intune 中執行 Windows Phone 8.1 之裝置的 VPN 設定Configure VPN settings in Microsoft Intune for devices running Windows Phone 8.1

本文說明可用於設定執行 Windows Phone 8.1 之裝置上 VPN 連線的 Intune 設定。This article shows you the Intune settings you can use to configure VPN connections on devices running Windows Phone 8.1.

下列清單中的值並非全部都能設定,須取決於您選擇的設定。Depending on the settings you choose, not all values in the following list are configurable.

基本 VPN 設定Base VPN settings

  • 將所有設定只套用至 Windows Phone 8.1:此設定可以在 Intune 傳統入口網站中設定。Apply all settings to Windows Phone 8.1 only - This is a setting you can configure in the Intune classic portal. 在 Azure 入口網站中,此設定無法變更。In the Azure portal, this setting cannot be changed. 若此值設定為 [已設定],則所有設定只會套用到 Windows Phone 8.1 裝置。If this is set to Configured, any settings are only applied to Windows Phone 8.1 devices. 若設定為 [未設定],則這些設定也會套用於 Windows 10 行動裝置。If set to Not Configured, these settings also apply to Windows 10 Mobile devices.

  • 連線名稱 - 輸入此連線的名稱。Connection name - Enter a name for this connection. 使用者瀏覽其裝置的可用 VPN 連線清單時,會看到此名稱。Users see this name when they browse their device for the list of available VPN connections.

  • 驗證方法 - 從下列方式中選擇裝置對 VPN 伺服器的驗證方式︰Authentication method - Choose how devices authenticate to the VPN server from:

    • 憑證 - 從 [驗證憑證] 下選擇先前建立用於驗證連線的 SCEP 或 PKCS 憑證設定檔。Certificates - Under Authentication certificate, Choose a SCEP or PKCS certificate profile you previously created to authenticate the connection. 如需憑證設定檔的詳細資訊,請參閱如何設定憑證For more details about certificate profiles, see How to configure certificates.
    • 使用者名稱與密碼 - 使用者必須提供使用者名稱及密碼才能登入 VPN 伺服器。Username and password - End users must supply a username and password to log into the VPN server.
  • 伺服器 - 新增裝置要連線的一或多部 VPN 伺服器。Servers - Add one or more VPN servers that devices connect to.

    • 新增- 開啟 [加入資料列] 刀鋒視窗指定下列資訊︰Add - Opens the Add Row blade where you can specify the following information:
      • 描述 - 為伺服器指定描述性名稱,例如 Contoso VPN 伺服器Description - Specify a descriptive name for the server like Contoso VPN server.
      • IP 位址或 FQDN - 提供裝置所連線之 VPN 伺服器的 IP 位址或完整網域名稱。IP address or FQDN - Provide the IP address or fully qualified domain name of the VPN server that devices connect to. 範例:192.168.1.1vpn.contoso.comExamples: 192.168.1.1, vpn.contoso.com.
      • 預設伺服器 - 啟用此伺服器作為裝置所要連線的預設伺服器。Default server - Enables this server as the default server that devices use to establish the connection. 您只可設定一部預設伺服器。Make sure to set only one server as the default.
    • 匯入 - 瀏覽至內含以逗點分隔之伺服器清單 (格式為:描述、IP 位址或 FQDN、預設伺服器) 的檔案。Import - Browse to a file containing a comma-separated list of servers in the format description, IP address or FQDN, Default server. 選擇 [確定],以匯入這些項目成為伺服器清單。Choose OK to import these into the Servers list.
    • 匯出 - 將伺服器清單匯出成逗點分隔值 (csv) 檔案。Export - Exports the list of servers to a comma-separated-values (csv) file.
  • 使用公司 Wi-Fi 網路時不要使用 VPN - 啟用此選項可指定當裝置連線到公司 Wi-Fi 網路時不要使用 VPN 連線。Bypass VPN on company Wi-Fi network - Enable this option to specify that the VPN connections are not used when the device is connected to the company Wi-Fi network.

  • 使用家用 Wi-Fi 網路時不要使用 VPN - 啟用此選項可指定當裝置連線到家用 Wi-Fi 網路時不要使用 VPN 連線。Bypass VPN on home Wi-Fi network - Enable this option to specify that the VPN connection is not used when the device is connected to a home Wi-Fi network.

  • 連線類型 - 從下列廠商清單中選取 VPN 連線類型︰Connection type - Select the VPN connection type from the following list of vendors:

    • Check Point Capsule VPNCheck Point Capsule VPN
    • SonicWall Mobile ConnectSonicWall Mobile Connect
    • F5 Edge ClientF5 Edge Client
    • Pulse SecurePulse Secure
  • 登入群組或網域 (僅限 SonicWall Mobile Connect) - 指定登入群組或您要連線之網域的名稱。Login group or domain (SonicWall Mobile Connect only) - Specify the name of the login group or domain that you want to connect to.

  • 角色 僅限 Pulse Secure - 指定有權存取此連線之使用者角色的名稱。Role (Pulse Secure only) - Specify the name of the user role that has access to this connection. 使用者角色定義個人設定和選項,以及啟用或停用某些存取功能。A user role defines personal settings and options, and it enables or disables certain access features.

  • 領域 (僅限 Pulse Secure) - 指定您要使用的驗證領域名稱。Realm (Pulse Secure only) - Specify the name of the authentication realm that you want to use. 驗證領域就是 Pulse Secure 連線類型使用的驗證資源群組。An authentication realm is a grouping of authentication resources that the Pulse Secure connection type uses.

  • DNS 尾碼搜尋清單 - 新增一或多個 DNS 尾碼。DNS suffix search list - Add one or more DNS suffices. 使用簡短名稱連線到網站時,會搜尋您指定的每個 DNS 尾碼。Each DNS suffix that you specify is searched when connecting to a website by using a short name. 例如,指定 DNS 尾碼 domain1.contoso.comdomain2.contoso.com,然後瀏覽 URL http://mywebsite,就會搜尋 URL http://mywebsite.domain1.contoso.comhttp://mywebsite.domain2.contoso.comFor example, specify the DNS suffixes domain1.contoso.com and domain2.contoso.com, visit the URL http://mywebsite, and the URLs http://mywebsite.domain1.contoso.com and http://mywebsite.domain2.contoso.com is searched.

  • 自訂 XML - 指定任何可用於設定 VPN 連線的自訂 XML 命令。Custom XML - Specify any custom XML commands that configure the VPN connection.

    Pulse Secure 的範例:Example for Pulse Secure:

    <pulse-schema><isSingleSignOnCredential>true</isSingleSignOnCredential></pulse-schema>

CheckPoint Mobile VPN 的範例:Example for CheckPoint Mobile VPN:

    <CheckPointVPN port="443" name="CheckPointSelfhost" sso="true" debug="3" />

SonicWall Mobile Connect 的範例:Example for SonicWall Mobile Connect:

<MobileConnect><Compression>false</Compression><debugLogging>True</debugLogging><packetCapture>False</packetCapture></MobileConnect>

F5 Edge 用戶端的範例︰Example for F5 Edge Client:

    <f5-vpn-conf><single-sign-on-credential /></f5-vpn-conf>

如需如何撰寫自訂 XML 命令的詳細資訊,請參閱相關製造商的 VPN 文件。Refer to each manufacturer's VPN documentation for more information about how to write custom XML commands.

  • 分割通道 - 啟用停用此選項可讓裝置依據流量決定所要使用的連線。Split tunneling - Enable or Disable this option that lets devices decide which connection to use depending on the traffic. 例如,旅館中的使用者使用 VPN 連線存取工作檔案,但使用旅館的標準網路進行一般的網頁瀏覽。For example, a user in a hotel uses the VPN connection to access work files, but use the hotel's standard network for regular web browsing.

Proxy 設定Proxy settings

  • 自動偵測 Proxy 設定 - 若您的 VPN 伺服器需要 Proxy 伺服器才能連線,請指定您的裝置是否需要自動偵測連線設定。Automatically detect proxy settings - If your VPN server requires a proxy server for the connection, specify whether you want devices to automatically detect the connection settings. 如需詳細資訊,請參閱 Windows Server 文件。For more information, see your Windows Server documentation.
  • 自動設定指令碼 - 使用檔案設定 Proxy 伺服器。Automatic configuration script - Use a file to configure the proxy server. 輸入包含設定檔的 [Proxy 伺服器 URL] (例如 http://proxy.contoso.com)。Enter the Proxy server URL (for example http://proxy.contoso.com) which contains the configuration file.
  • 使用 proxy 伺服器 - 若要手動輸入 Proxy 伺服器設定,可啟用此選項。Use proxy server - Enable this option if you want to manually enter the proxy server settings.
    • 位址 - 輸入 proxy 伺服器位址 (例如 IP 位址)。Address - Enter the proxy server address (as an IP address).
    • 連接埠號碼 - 輸入與 Proxy 伺服器相關聯的連接埠號碼。Port number - Enter the port number associated with the proxy server.
  • 本機位址不要使用 Proxy - 若您的 VPN 伺服器需要 Proxy 伺服器才能連線,但您希望您指定的本機位置不要使用 Proxy 伺服器,可選取此選項。Bypass proxy for local addresses - If your VPN server requires a proxy server for the connection, select this option if you do not want to use the proxy server for local addresses that you specify. 如需詳細資訊,請參閱 Windows Server 文件。For more information, see your Windows Server documentation.