-
Notifications
You must be signed in to change notification settings - Fork 0
/
office-vpn.ps1
131 lines (93 loc) · 4.36 KB
/
office-vpn.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
#
# To run this type the commandL
# powershell -ExecutionPolicy unRestricted office-vpn.ps1
#
#
$cert = "-----BEGIN CERTIFICATE-----
MIIE2TCCA8GgAwIBAgIBADANBgkqhkiG9w0BAQsFADCBpDELMAkGA1UEBhMCQ0Ex
............................................................
INSERT YOUR PUBLIC SelfSigned Cert here
............................................................
-----END CERTIFICATE-----
"
# Get the ID and security principal of the current user account
$myWindowsID=[System.Security.Principal.WindowsIdentity]::GetCurrent()
$myWindowsPrincipal=new-object System.Security.Principal.WindowsPrincipal($myWindowsID)
# Get the security principal for the Administrator role
$adminRole=[System.Security.Principal.WindowsBuiltInRole]::Administrator
# Check to see if we are currently running "as Administrator"
if ($myWindowsPrincipal.IsInRole($adminRole))
{
# We are running "as Administrator" - so change the title and background color to indicate this
$Host.UI.RawUI.WindowTitle = $myInvocation.MyCommand.Definition + "(Elevated)"
# $Host.UI.RawUI.BackgroundColor = "Blue"
# $Host.UI.RawUI.ForeGroundColor = "White"
# clear-host
}
else
{
# We are not running "as Administrator" - so relaunch as administrator
# Create a new process object that starts PowerShell
$newProcess = new-object System.Diagnostics.ProcessStartInfo "PowerShell";
# Specify the current script path and name as a parameter
Write-Host "Attempting to Running as Administator.... "
$newProcess.Arguments = '-ExecutionPolicy Unrestricted -File "' + $myInvocation.MyCommand.Definition + '"';
# Indicate that the process should be elevated
$newProcess.Verb = "runas";
# write-host $newProcess.Arguments;
# Start the new process
[System.Diagnostics.Process]::Start($newProcess);
# Exit from the current, unelevated, process
if ($Error -ne "") {
Write-Output 'Please ensure you allow this script to run as Administrtor'
Write-Output ' '
Write-Output 'Rerun script and click the Run as Administator button'
Write-Output ' '
pause
}
exit
}
# Run your code that needs to be elevated here
# Load assembly
$oLoad = [System.Reflection.Assembly]::LoadWithPartialName("System.Windows.Forms")
$msgBoxInput = [System.Windows.Forms.MessageBox]::Show('Would you like to install the VPN Connection for the Office?',[System.Windows.Forms.MessageBoxIcon]::Question, [System.Windows.Forms.MessageBoxButtons]::YesNo)
switch ($msgBoxInput) {
'Yes' {
$installCert = [System.IO.Path]::GetTempFileName()
Add-Content -Path $installCert -Force -Value $cert
if (Test-Path $installCert) {
} Else {
Write-Error "Failed: Cannot created temp file " $installCert
pause
exit 2
}
write-output "------------------------------------------ "
write-output " Installing Certificate"
write-output "------------------------------------------ "
write-output " "
$i = Import-Certificate -FilePath $installCert -CertStoreLocation Cert:\LocalMachine\Root
Remove-Item -Path $installCert
write-output " "
write-output " Creating VPN Connection"
write-output "------------------------------------------ "
#
# Split tunnel only route the one subnetfor a PFSense Server for VPN
#
Add-VpnConnection -Name "Office" -ServerAddress "vpn.mydomain.com" -TunnelType IKEv2 -EncryptionLevel Required -AuthenticationMethod EAP -SplitTunneling -RememberCredential -DnsSuffix office.local
$null = Add-VpnConnectionRoute -ConnectionName "Office" -DestinationPrefix 192.168.3.0/24 -PassThru
write-output " "
write-output " "
write-output " ++++ Success!!!!!"
write-output "------------------------------------------ "
write-output " "
write-output " VPN Connect Name is Office (Located on your Network icon connection)"
write-output " User Name is xxxxxx"
write-output "You will be asked to login once, it will remember the username and password next time"
write-output " "
Write-Host -NoNewLine "Press any key to continue..."
$null = $Host.UI.RawUI.ReadKey("NoEcho,IncludeKeyDown")
}
'No' {
Write-Host 'Cancelled Installation'
}
}