windows-vpn/README.md

33 lines
1.1 KiB
Markdown

# Windows IPsec configurator
Script to automate VPN connection creation on Windows.
Connection can be created globally or for the current user by using the
*allUsers* parameter, CA certificate must always be installed globally
regardless of who the connection is created for.
To be able to execute the script you have to manually run the following
commnand in PowerShell (as administrator).
```
Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Scope LocalMachine
```
To avoid DNS issues because of Windows 10 "smart multi-homed name resolution"
VPN connection metric should be set to the lowest one, it is done automatically
by the script but it can be done manually from:
- VPN connection > Properties > Networking > TCP/IPv4 > Properties > Advanced...
- Disable "Automatic metric" and set "Interface metric" to 1.
More info about the issue at:
- https://superuser.com/questions/966832/windows-10-dns-resolution-via-vpn-connection-not-working
The EAP XML configuration can be generated from an existing connection using
the following commands.
```
$conn = Get-VpnConnection -Name $vpnName
$conn.EapConfigXmlStream.InnerXml
```