Welcome to our new blog post about How to Allow or Block VPN Over Cellular with Microsoft Intune. When managing mobile devices with Microsoft Intune, it’s important to control how and when VPN connections are used—especially over cellular networks. VPN over cellular can be a vital tool for securing remote access, but it may also increase data consumption and impact performance. In this post, we’ll cover how to allow or block VPN connections over cellular data using Microsoft Intune, and why this setting should be carefully considered in your mobility strategy.
Table of Contents
What is VPN Over Cellular and Why It Matters
A VPN (Virtual Private Network) over cellular allows a device to securely connect to an organization’s network while using mobile data instead of Wi-Fi. This ensures encrypted access to corporate resources even when the user is on the move. However, VPN traffic can be data-intensive and may lead to higher cellular costs, especially for users without unlimited data plans. Additionally, some organizations may want to limit VPN usage to secure Wi-Fi networks for performance or compliance reasons. By managing this setting through Intune, IT administrators can decide when and where VPNs can be used—balancing security, performance, and cost.
How to Allow or Block VPN Over Cellular with Microsoft Intune
In this section we will first need to create a new configuration profile in the Microsoft Intune Portal. Make sure you have your Microsoft Administrator Account ready and follow the steps below.
- Go to intune.microsoft.com
- Click on Devices
- Click on Windows
- Click on Configuration profiles
- Click on Create
- Click on New Policy
- Platform: Windows 10 and later
- Profile type: Settings catalog
- Click on Create
On the Basics tab give it a meaningful name and description. Click on Next.
On the Configuration settings tab do the following:
- Click on Add settings
- Search for Connectivity
- Choose Connectivity
- Click on Allow VPN Over Cellular
- On the left site choose if you want to Allow or Block VPN Over Cellular
- Define your Scope if applicable and click on Next
- On the Assignments tab assign the Policy to a Group or to All Users / All Devices
- And Review + Create the Policy
Congratulations! You have successfully deployed the policy.
Conclusion
In this blog post we Learn about How to Allow or Block VPN Over Cellular with Microsoft Intune. We created a new Configuration Profile in Microsoft Intune and enabled or disable the Cellular Data Roaming. Did you enjoy this article? Dont forget to follow us and share this article. If you have any questions or need further assistance, feel free to reach out or leave a comment below.
