refs #8159 User connection, metric via script, MSCHAPv2 #1
|
@ -5,7 +5,7 @@ param (
|
||||||
|
|
||||||
# Advanced configuration
|
# Advanced configuration
|
||||||
|
|
||||||
$vpnHost = "vpn.verdnatura.es",
|
$vpnHost = "vpn.verdnatura.es"
|
||||||
$vpnSuffix = "verdnatura.es"
|
$vpnSuffix = "verdnatura.es"
|
||||||
$vpnSplit = $true
|
$vpnSplit = $true
|
||||||
$vpnNetworks = @("10.0.0.0/8", "172.16.0.0/12", "192.168.0.0/16")
|
$vpnNetworks = @("10.0.0.0/8", "172.16.0.0/12", "192.168.0.0/16")
|
||||||
|
@ -44,29 +44,46 @@ if (!$hasCa) {
|
||||||
|
|
||||||
Echo "Creating the VPN connection."
|
Echo "Creating the VPN connection."
|
||||||
|
|
||||||
Try {
|
try {
|
||||||
Remove-VpnConnection `
|
$args = @{
|
||||||
-Name $vpnName `
|
Name = $vpnName
|
||||||
-AllUserConnection $allUsers `
|
Force = $true
|
||||||
-Force `
|
ErrorAction = "Stop"
|
||||||
-ErrorAction Stop
|
AllUserConnection = $allUsers
|
||||||
} Catch {
|
}
|
||||||
If ($_.Exception.StatusCode -eq 1) {
|
Remove-VpnConnection @args
|
||||||
Throw "Connection '$vpnName' is open, close it before running the script."
|
} catch {
|
||||||
} else {
|
if ($_.Exception.StatusCode -eq 1) {
|
||||||
Throw
|
throw "Connection '$vpnName' is open, close it before running the script."
|
||||||
|
} elseif ($_.Exception.StatusCode -ne 6) {
|
||||||
|
throw
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
Add-VpnConnection `
|
$args = @{
|
||||||
-Name $vpnName `
|
Name = $vpnName
|
||||||
-AllUserConnection $allUsers `
|
ServerAddress = $vpnHost
|
||||||
-ServerAddress $vpnHost `
|
TunnelType = "Ikev2"
|
||||||
-TunnelType Ikev2 `
|
EncryptionLevel = "Required"
|
||||||
-EncryptionLevel Required `
|
AuthenticationMethod = "Eap"
|
||||||
-AuthenticationMethod Eap `
|
DnsSuffix = $vpnSuffix
|
||||||
-DnsSuffix $vpnSuffix `
|
RememberCredential = $true
|
||||||
-RememberCredential
|
AllUserConnection = $allUsers
|
||||||
|
}
|
||||||
|
Add-VpnConnection @args
|
||||||
|
|
||||||
|
$rasphoneRelPath = "Microsoft\Network\Connections\Pbk\rasphone.pbk"
|
||||||
|
if ($allUsers) {
|
||||||
|
$rasphonePath = "$env:ProgramData\$rasphoneRelPath"
|
||||||
|
} else {
|
||||||
|
$rasphonePath = "$env:AppData\$rasphoneRelPath"
|
||||||
|
}
|
||||||
|
|
||||||
|
$rasphone = Get-Content $rasphonePath -Raw
|
||||||
|
$regex = "^([\s\S]*\[${vpnName}\][\s\S]*IpInterfaceMetric=)(\d+)([\s\S]*)$"
|
||||||
|
$match = [Regex]::Match($rasphone, $regex)
|
||||||
|
$rasphone = $match.Groups[1].Value + '1' + $match.Groups[3].Value
|
||||||
|
$rasphone | Set-Content $rasphonePath
|
||||||
|
|
||||||
New-ItemProperty `
|
New-ItemProperty `
|
||||||
-Path "HKLM:\SYSTEM\CurrentControlSet\Services\RasMan\Parameters" `
|
-Path "HKLM:\SYSTEM\CurrentControlSet\Services\RasMan\Parameters" `
|
||||||
|
@ -79,20 +96,24 @@ New-ItemProperty `
|
||||||
if ($vpnSplit) {
|
if ($vpnSplit) {
|
||||||
Echo "Enabling split tunneling."
|
Echo "Enabling split tunneling."
|
||||||
|
|
||||||
Set-VpnConnection `
|
$args = @{
|
||||||
-Name $vpnName `
|
Name = $vpnName
|
||||||
-AllUserConnection `
|
SplitTunneling = $true
|
||||||
-SplitTunneling $true
|
AllUserConnection = $allUsers
|
||||||
|
}
|
||||||
|
Set-VpnConnection @args
|
||||||
|
|
||||||
Echo "Adding routes for VPN networks."
|
Echo "Adding routes for VPN networks."
|
||||||
|
|
||||||
foreach ($vnNetwork in $vpnNetworks) {
|
foreach ($vnNetwork in $vpnNetworks) {
|
||||||
Echo " - $vnNetwork"
|
Echo " - $vnNetwork"
|
||||||
Add-VpnConnectionRoute `
|
$args = @{
|
||||||
-ConnectionName $vpnName `
|
ConnectionName = $vpnName
|
||||||
-AllUserConnection `
|
DestinationPrefix = $vnNetwork
|
||||||
-DestinationPrefix $vnNetwork `
|
RouteMetric = 5
|
||||||
-RouteMetric 5
|
AllUserConnection = $allUsers
|
||||||
|
}
|
||||||
|
Add-VpnConnectionRoute @args
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue