Sample AlwaysOn VPN Device Tunnel Scripts Using PowerShell
OK. Here is how I deployed the AlwaysOn VPN in device tunnel (rather than user tunnel) using PowerShell. Continue on for the steps...
Using Group Policy Preferences
-
Copy “Install AlwaysOn VPN (Run as Admin).cmd”
-
Destination: C:\Windows\System32\Install AlwaysOn VPN (Run as Admin).cmd
-
Check Apply once and do not reapply
-
-
Copy “PsExec64.exe”
-
Destination: C:\Windows\System32\PsExec64.exe
-
Check Apply once and do not reapply
-
-
Copy “VPN_Profile_DeviceTunnel.ps1”
-
Destination: C:\Windows\System32\VPN_Profile_DeviceTunnel.ps1
-
Do NOT check Apply once and do not reapply
-
Using Group Policy, create a startup script
-
Create a Startup Script that runs the following command: C:\Windows\System32\Install AlwaysOn VPN (Run as Admin).cmd
Sample files
-
PsExec64.exe > https://docs.microsoft.com/en-us/sysinternals/downloads/psexec
-
Install AlwaysOn VPN (Run as Admin).cmd > https://pastebin.com/XkeZ9g1y
-
VPN_Profile_DeviceTunnel.ps1 > https://pastebin.com/8k469YDw
-
This has versioning built-in. If you update the version it will uninstall the VPN and then re-install it using the updated configuration.
-