refs #8159 User connection, metric via script, MSCHAPv2 #1

Merged
juan merged 1 commits from juan-patch-1 into master 2024-11-12 16:30:39 +00:00
1 changed files with 51 additions and 30 deletions

View File

@ -5,7 +5,7 @@ param (
# Advanced configuration # Advanced configuration
$vpnHost = "vpn.verdnatura.es", $vpnHost = "vpn.verdnatura.es"
$vpnSuffix = "verdnatura.es" $vpnSuffix = "verdnatura.es"
$vpnSplit = $true $vpnSplit = $true
$vpnNetworks = @("10.0.0.0/8", "172.16.0.0/12", "192.168.0.0/16") $vpnNetworks = @("10.0.0.0/8", "172.16.0.0/12", "192.168.0.0/16")
@ -44,29 +44,46 @@ if (!$hasCa) {
Echo "Creating the VPN connection." Echo "Creating the VPN connection."
Try { try {
Remove-VpnConnection ` $args = @{
-Name $vpnName ` Name = $vpnName
-AllUserConnection $allUsers ` Force = $true
-Force ` ErrorAction = "Stop"
-ErrorAction Stop AllUserConnection = $allUsers
} Catch { }
If ($_.Exception.StatusCode -eq 1) { Remove-VpnConnection @args
Throw "Connection '$vpnName' is open, close it before running the script." } catch {
} else { if ($_.Exception.StatusCode -eq 1) {
Throw throw "Connection '$vpnName' is open, close it before running the script."
} elseif ($_.Exception.StatusCode -ne 6) {
throw
} }
} }
Add-VpnConnection ` $args = @{
-Name $vpnName ` Name = $vpnName
-AllUserConnection $allUsers ` ServerAddress = $vpnHost
-ServerAddress $vpnHost ` TunnelType = "Ikev2"
-TunnelType Ikev2 ` EncryptionLevel = "Required"
-EncryptionLevel Required ` AuthenticationMethod = "Eap"
-AuthenticationMethod Eap ` DnsSuffix = $vpnSuffix
-DnsSuffix $vpnSuffix ` RememberCredential = $true
-RememberCredential AllUserConnection = $allUsers
}
Add-VpnConnection @args
$rasphoneRelPath = "Microsoft\Network\Connections\Pbk\rasphone.pbk"
if ($allUsers) {
$rasphonePath = "$env:ProgramData\$rasphoneRelPath"
} else {
$rasphonePath = "$env:AppData\$rasphoneRelPath"
}
$rasphone = Get-Content $rasphonePath -Raw
$regex = "^([\s\S]*\[${vpnName}\][\s\S]*IpInterfaceMetric=)(\d+)([\s\S]*)$"
$match = [Regex]::Match($rasphone, $regex)
$rasphone = $match.Groups[1].Value + '1' + $match.Groups[3].Value
$rasphone | Set-Content $rasphonePath
New-ItemProperty ` New-ItemProperty `
-Path "HKLM:\SYSTEM\CurrentControlSet\Services\RasMan\Parameters" ` -Path "HKLM:\SYSTEM\CurrentControlSet\Services\RasMan\Parameters" `
@ -79,20 +96,24 @@ New-ItemProperty `
if ($vpnSplit) { if ($vpnSplit) {
Echo "Enabling split tunneling." Echo "Enabling split tunneling."
Set-VpnConnection ` $args = @{
-Name $vpnName ` Name = $vpnName
-AllUserConnection ` SplitTunneling = $true
-SplitTunneling $true AllUserConnection = $allUsers
}
Set-VpnConnection @args
Echo "Adding routes for VPN networks." Echo "Adding routes for VPN networks."
foreach ($vnNetwork in $vpnNetworks) { foreach ($vnNetwork in $vpnNetworks) {
Echo " - $vnNetwork" Echo " - $vnNetwork"
Add-VpnConnectionRoute ` $args = @{
-ConnectionName $vpnName ` ConnectionName = $vpnName
-AllUserConnection ` DestinationPrefix = $vnNetwork
-DestinationPrefix $vnNetwork ` RouteMetric = 5
-RouteMetric 5 AllUserConnection = $allUsers
}
Add-VpnConnectionRoute @args
} }
} }