Hello Everyone. 

We have a configured Azure P2S VPN with radius authentication which we have been using for a long time. It works very well and we  are happy with it. 

Recently we have decided to built laptops using Intune Autopilot. The idea is to ship devices straight to users and let him run through a user driven autopilot. The Enrollment profile is for Azure AD join. We would also like to enable users to connect to on-premise network drives and printer. My plan is to deploy a device tunnel using Azure VPN during autopilot. Established the tunnel before login and this will allow network drives/printers to map. I want to use intune configuration profile to deploy the always on VPN but can’t seem to find any good instructions anywhere.