Forum Discussion
How Do I Target the Azure VPN Client in a Conditional Access Policy?
I am using the Azure VPN Client to connect users to an Azure VPN Gateway using their Entra ID credentials to authenticate. I want to target this application with a CA policy that requires MFA every ...
The Azure VPN Client application is pre-registered by Microsoft and, as a result, does not appear in the Enterprise Applications list. To enforce Conditional Access (CA) policies, you must either reference the appropriate Audience GUID (for example, c632b3df-fb67-4d84-bdcf-b95ad541b5c8) or migrate to the Microsoft-registered Azure VPN Client, which provides its own supported Audience values. This behavior is documented by Microsoft, along with guidance on how to configure or migrate the Audience to ensure proper targeting with Conditional Access.