refs #8159 User connection, metric via script, MSCHAPv2 #1
|
@ -5,7 +5,7 @@ param (
|
|||
|
||||
# Advanced configuration
|
||||
|
||||
$vpnHost = "vpn.verdnatura.es",
|
||||
$vpnHost = "vpn.verdnatura.es"
|
||||
$vpnSuffix = "verdnatura.es"
|
||||
$vpnSplit = $true
|
||||
$vpnNetworks = @("10.0.0.0/8", "172.16.0.0/12", "192.168.0.0/16")
|
||||
|
@ -44,29 +44,46 @@ if (!$hasCa) {
|
|||
|
||||
Echo "Creating the VPN connection."
|
||||
|
||||
Try {
|
||||
Remove-VpnConnection `
|
||||
-Name $vpnName `
|
||||
-AllUserConnection $allUsers `
|
||||
-Force `
|
||||
-ErrorAction Stop
|
||||
} Catch {
|
||||
If ($_.Exception.StatusCode -eq 1) {
|
||||
Throw "Connection '$vpnName' is open, close it before running the script."
|
||||
} else {
|
||||
Throw
|
||||
try {
|
||||
$args = @{
|
||||
Name = $vpnName
|
||||
Force = $true
|
||||
ErrorAction = "Stop"
|
||||
AllUserConnection = $allUsers
|
||||
}
|
||||
Remove-VpnConnection @args
|
||||
} catch {
|
||||
if ($_.Exception.StatusCode -eq 1) {
|
||||
throw "Connection '$vpnName' is open, close it before running the script."
|
||||
} elseif ($_.Exception.StatusCode -ne 6) {
|
||||
throw
|
||||
}
|
||||
}
|
||||
|
||||
Add-VpnConnection `
|
||||
-Name $vpnName `
|
||||
-AllUserConnection $allUsers `
|
||||
-ServerAddress $vpnHost `
|
||||
-TunnelType Ikev2 `
|
||||
-EncryptionLevel Required `
|
||||
-AuthenticationMethod Eap `
|
||||
-DnsSuffix $vpnSuffix `
|
||||
-RememberCredential
|
||||
$args = @{
|
||||
Name = $vpnName
|
||||
ServerAddress = $vpnHost
|
||||
TunnelType = "Ikev2"
|
||||
EncryptionLevel = "Required"
|
||||
AuthenticationMethod = "Eap"
|
||||
DnsSuffix = $vpnSuffix
|
||||
RememberCredential = $true
|
||||
AllUserConnection = $allUsers
|
||||
}
|
||||
Add-VpnConnection @args
|
||||
|
||||
$rasphoneRelPath = "Microsoft\Network\Connections\Pbk\rasphone.pbk"
|
||||
if ($allUsers) {
|
||||
$rasphonePath = "$env:ProgramData\$rasphoneRelPath"
|
||||
} else {
|
||||
$rasphonePath = "$env:AppData\$rasphoneRelPath"
|
||||
}
|
||||
|
||||
$rasphone = Get-Content $rasphonePath -Raw
|
||||
$regex = "^([\s\S]*\[${vpnName}\][\s\S]*IpInterfaceMetric=)(\d+)([\s\S]*)$"
|
||||
$match = [Regex]::Match($rasphone, $regex)
|
||||
$rasphone = $match.Groups[1].Value + '1' + $match.Groups[3].Value
|
||||
$rasphone | Set-Content $rasphonePath
|
||||
|
||||
New-ItemProperty `
|
||||
-Path "HKLM:\SYSTEM\CurrentControlSet\Services\RasMan\Parameters" `
|
||||
|
@ -79,20 +96,24 @@ New-ItemProperty `
|
|||
if ($vpnSplit) {
|
||||
Echo "Enabling split tunneling."
|
||||
|
||||
Set-VpnConnection `
|
||||
-Name $vpnName `
|
||||
-AllUserConnection `
|
||||
-SplitTunneling $true
|
||||
$args = @{
|
||||
Name = $vpnName
|
||||
SplitTunneling = $true
|
||||
AllUserConnection = $allUsers
|
||||
}
|
||||
Set-VpnConnection @args
|
||||
|
||||
Echo "Adding routes for VPN networks."
|
||||
|
||||
foreach ($vnNetwork in $vpnNetworks) {
|
||||
Echo " - $vnNetwork"
|
||||
Add-VpnConnectionRoute `
|
||||
-ConnectionName $vpnName `
|
||||
-AllUserConnection `
|
||||
-DestinationPrefix $vnNetwork `
|
||||
-RouteMetric 5
|
||||
$args = @{
|
||||
ConnectionName = $vpnName
|
||||
DestinationPrefix = $vnNetwork
|
||||
RouteMetric = 5
|
||||
AllUserConnection = $allUsers
|
||||
}
|
||||
Add-VpnConnectionRoute @args
|
||||
}
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in New Issue