Adding route to existing AlwaysOn VPN

Occasional Contributor



We deployed a AlwaysOn VPN via a custom Intune Policy. This is working great, now we are facing a problem with a new route which has to go through the VPN tunnel. So we have to add a route to the VPN.

I found the VPNv2 CSP page from MS but cannot figure out how to add a route to the existing AlwaysOn VPN.


Anyone who have experience with adding a route to an existing AlwaysOn VPN?



1 Reply

Found the solution for adding a route.

Add two custom OMA-URI rules to the existing AlwaysOn policy, one for the address and one for the subnet prefix size.


First we add the address:

OMA-URI: ./User/Vendor/MSFT/VPNv2/VPN-ProfileName/RouteList/3/Address

Data type: String



By default there are already two routes in our AO profile, so this is gonna be the third route. the routeRowId will be 3 in my case. 


Now were gonna set the subnet prefix size, this has to be a new rule in the same policy

OMA-URI: ./User/Vendor/MSFT/VPNv2/VPN-ProfileName/RouteList/3/PrefixSize

Data type: Integer

Value: 24


When the policy has been pushed to the clients, the route has been added to the AO profile.