Win 10 auto-vpn

NewPSGuy · April 9, 2020, 9:16am

How to make win 10 auto-vpn, with eap configurations file, adding and removing script. plseasd help!

luki1412 · April 16, 2020, 1:46pm

On Windows 10 you can use add-vpnconnection - https://docs.microsoft.com/en-us/powershell/module/vpnclient/add-vpnconnection?view=win10-ps

and remove-vpnconnection - https://docs.microsoft.com/en-us/powershell/module/vpnclient/remove-vpnconnection?view=win10-ps

add-vpnconnection can read xml configuration files.

NewPSGuy · April 17, 2020, 8:47am

I tried with above method, but add-vpnconnection does not seem to recognize or find object which is VPN connections which is already added.

If I create new VPN Connections, how do I modify scripts to make it work on all machines and not just my machine.

Please advise?

luki1412 · April 17, 2020, 9:18am

You can use Get-VPNConnection to check whether VPN connection under certain already exists or list them all. If it doesnt, use Add-VPNConnection to create it through the xml file, if it does you can either remove it and re-add it or use Set-VPNConnection to modify it. You can create a toolkit package for it a send it through SCCM/Intune to all your machines.

I’m not sure what’s unclear.

NewPSGuy · April 17, 2020, 10:32am

here is omitted script which I am trying to run and getting obj not found error:

$Script = ‘$ProfileName = ‘’’ + $ProfileName + ‘’’’
$ProfileNameEscaped = $ProfileName -replace ’ ', ‘%20’

$session = New-CimSession

try
{
$deleteInstances = $session.EnumerateInstances($namespaceName, $className, $options)
foreach ($deleteInstance in $deleteInstances)
{
$InstanceId = $deleteInstance.InstanceID
if ("$InstanceId" -eq “$ProfileNameEscaped”)
{
$session.DeleteInstance($namespaceName, $deleteInstance, $options)
$Message = “Removed $ProfileName profile $InstanceId”
Write-Host “$Message”
} else {
$Message = “Ignoring existing VPN profile $InstanceId”
Write-Host “$Message”
}
}
}
catch [Exception]
{
$Message = “Unable to remove existing outdated instance(s) of ProfileName profile: _”
Write-Host “$Message”
exit
}

##Set-VpnConnection -Name $ProfileName -SplitTunneling $True

$Connection = Get-VpnConnection -Name $ProfileName
write-host $Connection

if($Connection)
{
$Message = “Unable to get ProfileName connection profile: _”
Write-Host “$Message”
exit
}
$EAPSettings= $Connection.EapConfigXmlStream.InnerXml

Get-VpnConnection : VPN connection “NAME OF VPN CONNECTION” was not found. : The system could not find the phone book entry for this connection.
At “Location”.ps1:40 char:15

$Connection = Get-VpnConnection -Name $ProfileName
```
          ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
```
- CategoryInfo : ObjectNotFound: (“NAME OF VPN CONNECTION”:root/Microsoft/…S_VpnConnection) [Get-VpnConnection], CimException
- FullyQualifiedErrorId : VPN 623,Get-VpnConnection

BUT When I check auto-vpn profile… “NAME OF VPN CONNECTION” is already there…

luki1412 · April 17, 2020, 11:11am

If you want to add/get global vpn connections so they are available to all users not just the current one then you need the -AllUserConnection parameter.

So

$Connection = Get-VpnConnection -Name $ProfileName -AllUserConnection

NewPSGuy · April 17, 2020, 11:52am

what I want to do is create vpn profile with EAP, User certificate, all settings in xml file.
And then import it to created VPN profile.

What I am getting stuck at is if VPN profile is created with user certificate and EAP settings. I am unable to import my xml file to exisiting VPN profile.

SO, What I have so far is :

$A=New-EapConfiguration -TLS -UserCertificate
##Add-VpnConnection -Name “VPN” -ServerAddress “serveraddr” -TunnelType Ikev2 -EncryptionLevel Required -AuthenticationMethod Eap -SplitTunneling -RememberCredential -EapConfigXmlStream $A.EapConfigXmlStream -PassThru

adds vpn profile with eap and option for user certificate#####

$######## Getting stuck on this part to serialize and import xml settings to above created VPN connection###############################

$B = [xml](Get-Content -Path “VPN_Profile.xml”) or Import-Clixml -Path “VPN_Profile.xml”
$B
Set-VpnConnection -Name “VPN” -ServerAddress “serveraddr” -TunnelType Ikev2 -EncryptionLevel Required -AuthenticationMethod Eap -SplitTunneling -RememberCredential -EapConfigXmlStream $B.EapConfigXmlStream -PassThru

luki1412 · April 21, 2020, 11:34am

Well then your xml file isnt in a form that the command expects.

This could help you create one: https://docs.microsoft.com/en-us/windows/client-management/mdm/eap-configuration

Topic		Replies	Views
Check for existing firewall rule General Discussion	3	1888	January 11, 2021
Invoke-HKCURegistrySettingsForAllUsers suggestion General Discussion	1	694	May 29, 2016
Allow Firewall Action for User profile Toolkit Features	1	125	January 11, 2024
Having trouble with IF, elseif, else. its installing regardless General Discussion	3	736	December 7, 2020
Deploy Network Printers from Ini File General Discussion	0	951	May 8, 2019

Win 10 auto-vpn

adds vpn profile with eap and option for user certificate#####

Related Topics