Code: Select all
PowerShell
1 # Run as administrator
2
3 # Installing the Remote Access role
4 Install-WindowsFeature -Name DirectAccess-VPN
-IncludeManagementTools
5
6 # Installing and configuring the routing role
7 Install-WindowsFeature -Name Routing -IncludeManagementTools
8 Install-RemoteAccess -VpnType Vpn
9
10 # Configuring VPN type and authentication methods
11 Add-VpnS2SInterface -Name "MyVPN" -Protocol IKEv2
-AuthenticationMethod EAP -EncryptionLevel Required
-Destination 0.0.0.0 -IPv4Subnet 192.168.1.0/24:100
-SharedSecret "MYPASSWORD" -Persistent
12
13 # Configuring an IP address pool for VPN clients
14 $ipStartRange = "192.168.1.50"
15 $ipEndRange = "192.168.1.100"
16 $ipSubnet = "255.255.255.0"
17 Set-VpnIPAddressAssigment -IPAddressRange $ipStartRange,
$ipEndRange -Mask $ipSubnet
18
19 # Enable and configure NAT for the Internet Interface
(assuming that 'Ethernet' is the internet interface)
20 $internetInterface = "Ethernet"
21 Install-WindowsFeature -Name Routing
22 Add-NetNat -Name "NatNetwork"
-InternalIPInterfaceAddressPrefix "192.168.1.0/24"
23 New-NetIPAddress -IPAddress 192.168.1.1 -PrefixLength 24
-InterfaceAlias $internetInterface
24 New-NetNatStaticMapping -NatName "NatNetwork" -Protocol TCP
-ExternalIPAddress 0.0.0.0 -InternalIPAddress 192.168.1.1
-InternalPort 1723 -ExternalPort 1723
25
26 # Enabling routing and remote access
27 Set-RemoteAccess -EnableInboundVpn -EnableIPRouting
-EnableNat $internetInterface
28
29 # Configuring the firewall to allow VPN traffic
30 Enable-NetFirewallRule -DisplayGroup "Routing and Remote Access"
31
32 # Restart the Remote Access service to apply the changes
33 Restart-Service RemoteAccess