From b6780ae532740def0fc73677af9853133d587731 Mon Sep 17 00:00:00 2001 From: Juan Ferrer Date: Tue, 12 Nov 2024 16:27:57 +0000 Subject: [PATCH] Update windows-vpn.ps1 --- windows-vpn.ps1 | 81 +++++++++++++++++++++++++++++++------------------ 1 file changed, 51 insertions(+), 30 deletions(-) diff --git a/windows-vpn.ps1 b/windows-vpn.ps1 index 6cb8a90..28d14c8 100644 --- a/windows-vpn.ps1 +++ b/windows-vpn.ps1 @@ -5,7 +5,7 @@ param ( # Advanced configuration -$vpnHost = "vpn.verdnatura.es", +$vpnHost = "vpn.verdnatura.es" $vpnSuffix = "verdnatura.es" $vpnSplit = $true $vpnNetworks = @("10.0.0.0/8", "172.16.0.0/12", "192.168.0.0/16") @@ -44,29 +44,46 @@ if (!$hasCa) { Echo "Creating the VPN connection." -Try { - Remove-VpnConnection ` - -Name $vpnName ` - -AllUserConnection $allUsers ` - -Force ` - -ErrorAction Stop -} Catch { - If ($_.Exception.StatusCode -eq 1) { - Throw "Connection '$vpnName' is open, close it before running the script." - } else { - Throw +try { + $args = @{ + Name = $vpnName + Force = $true + ErrorAction = "Stop" + AllUserConnection = $allUsers + } + Remove-VpnConnection @args +} catch { + if ($_.Exception.StatusCode -eq 1) { + throw "Connection '$vpnName' is open, close it before running the script." + } elseif ($_.Exception.StatusCode -ne 6) { + throw } } -Add-VpnConnection ` - -Name $vpnName ` - -AllUserConnection $allUsers ` - -ServerAddress $vpnHost ` - -TunnelType Ikev2 ` - -EncryptionLevel Required ` - -AuthenticationMethod Eap ` - -DnsSuffix $vpnSuffix ` - -RememberCredential +$args = @{ + Name = $vpnName + ServerAddress = $vpnHost + TunnelType = "Ikev2" + EncryptionLevel = "Required" + AuthenticationMethod = "Eap" + DnsSuffix = $vpnSuffix + RememberCredential = $true + AllUserConnection = $allUsers +} +Add-VpnConnection @args + +$rasphoneRelPath = "Microsoft\Network\Connections\Pbk\rasphone.pbk" +if ($allUsers) { + $rasphonePath = "$env:ProgramData\$rasphoneRelPath" +} else { + $rasphonePath = "$env:AppData\$rasphoneRelPath" +} + +$rasphone = Get-Content $rasphonePath -Raw +$regex = "^([\s\S]*\[${vpnName}\][\s\S]*IpInterfaceMetric=)(\d+)([\s\S]*)$" +$match = [Regex]::Match($rasphone, $regex) +$rasphone = $match.Groups[1].Value + '1' + $match.Groups[3].Value +$rasphone | Set-Content $rasphonePath New-ItemProperty ` -Path "HKLM:\SYSTEM\CurrentControlSet\Services\RasMan\Parameters" ` @@ -79,20 +96,24 @@ New-ItemProperty ` if ($vpnSplit) { Echo "Enabling split tunneling." - Set-VpnConnection ` - -Name $vpnName ` - -AllUserConnection ` - -SplitTunneling $true + $args = @{ + Name = $vpnName + SplitTunneling = $true + AllUserConnection = $allUsers + } + Set-VpnConnection @args Echo "Adding routes for VPN networks." foreach ($vnNetwork in $vpnNetworks) { Echo " - $vnNetwork" - Add-VpnConnectionRoute ` - -ConnectionName $vpnName ` - -AllUserConnection ` - -DestinationPrefix $vnNetwork ` - -RouteMetric 5 + $args = @{ + ConnectionName = $vpnName + DestinationPrefix = $vnNetwork + RouteMetric = 5 + AllUserConnection = $allUsers + } + Add-VpnConnectionRoute @args } }