Add a Meraki VPN and uninstall OpenVPN GUI with GPO and Powershell
#Windows #Powershell #Networking
A company I'm working with is looking to move from an OpenVPN connection to a Meraki VPN on newly installed MX hardware.
To accomplish this, I wrote a short script that can be deployed in GPO that adds the new VPN connection and uninstalls the existing OpenVPN application.
Here's the script:
# Migrate-VPN.ps1
# Adds a new Meraki VPN config and removes the existing OpenVPN GUI application.
# Tim D'Annecy 2022-08-04
Start-Transcript -Path 'C:\temp\Migrate-VPN.log'
function Add-VPN {
$ConnectionName = 'New VPN'
$ServerAddress = 'XXXyourhostnameXXX'
$PresharedKey = 'XXXyourpskXXX'
$check = Get-VpnConnection -Name $ConnectionName -AllUserConnection -ErrorAction SilentlyContinue
if ($check) {
Write-Host 'VPN connection named' $ConnectionName 'already exists. Exiting.'
}
else {
Write-Host 'Adding VPN connection' $ConnectionName
Add-VpnConnection `
-Name $ConnectionName `
-ServerAddress $ServerAddress `
-TunnelType L2tp `
-EncryptionLevel Optional `
-L2tpPsk $PresharedKey `
-AuthenticationMethod Pap `
-RememberCredential $true `
-AllUserConnection $true `
-Force `
-WarningAction SilentlyContinue
}
}
Add-VPN
function Remove-OpenVPN {
if (Test-Path -Path 'C:\Program Files\OpenVPN') {
Write-Host 'OpenVPN installed. Removing...'
(Get-WmiObject -Class Win32_Product -filter "Name LIKE 'OpenVPN%'").Uninstall() | Out-Null
}
else {
Write-Host 'OpenVPN not installed. Exiting.'
}
}
Remove-OpenVPN
Stop-Transcript
Copy and paste this script into your \\domain.com\SYSVOL\scripts folder and save it as Migrate-VPN.ps1.
Once you've done this, go into Group Policy Management and create a new GPO Object that does 3 things:
* Create a folder at C:\temp
* Copy the file from \\domain.com\SYSVOL\scripts\Migrate-VPN.ps1 to C:\temp\Migrate-VPN.ps1
* Run a Scheduled Task that calls Powershell to run the script every hour on the hour
With these things in place, you should see the changes trickle out to your environment as the machines check in.
