Add VpnConnection - PowerShell

Overview

The Add-VpnConnection cmdlet creates a new VPN connection on the local computer. It establishes a virtual private network (VPN) tunnel between the local computer and a remote VPN server, allowing secure and private access to network resources over a public network.

Syntax

Add-VpnConnection [-Name] <String> [-ServerAddress] <String> [-TunnelType] <String> [-AuthenticationMethod] <String> [-Credential] <PSCredential> [-SplitTunneling] [-PassThru] [-Force] [-UseWindowsCredential [True] | [False]] [-WindowsCredentialProviderName] <String> [-WindowsCredentialType] <String> [-WindowsCredentialDomain] <String> [-WindowsCredentialSecureVault] <Boolean> [-WindowsCredentialPersist] <Boolean> [-SkipGroupPolicy] [-UseLegacyCredential] [-AllowCustomAuthentication] [-ConnectionId] <Guid> [-Description] <String> [-ProviderName] <String> [-ServiceProviderName] <String> [-Pbkdf2KeyLength] <Int32> [-Pbkdf2IterationCount] <Int32> [-Pbkdf2Algorithm] <String> [-ForceSourceAddress] <Boolean> [-MaximumConnectionTime] <TimeSpan> [-MaximumSendPacketSize] <UInt64> [-MaximumReceivePacketSize] <UInt64> [-ProxyAddress] <String> [-ProxyPort] <Int32> [-ProxyAuthentication] [-SkipNetworkProfileCheck] [-LogonHours] <StringArray> [-SharedSecret] <Byte[]> [-AllowRemoteRouting] [-AllowPreSharedKey] [-AssociateRouteTable] [-RouteTable] <String>

Options/Flags

  • -Name: Specifies the name of the VPN connection.
  • -ServerAddress: Specifies the address of the VPN server.
  • -TunnelType: Specifies the type of VPN tunnel to create. Valid values are: Automatic, IkeV2, IKEv1, PPTP and SSTP. Default: Automatic
  • -AuthenticationMethod: Specifies the authentication method to use. Valid values are: Certificate, EAP and PreSharedKey. Default: Certificate
  • -Credential: Specifies the credentials to use for authentication.
  • -SplitTunneling: Enables or disables split tunneling. Default: False
  • -PassThru: Returns the created VPN connection object.
  • -Force: Overwrites an existing VPN connection with the same name.
  • -UseWindowsCredential: Specifies whether to use Windows credentials for authentication. Default: True
  • -WindowsCredentialProviderName: Specifies the name of the Windows credential provider.
  • -WindowsCredentialType: Specifies the type of Windows credential.
  • -WindowsCredentialDomain: Specifies the domain of the Windows credential.
  • -WindowsCredentialSecureVault: Specifies whether to store the Windows credential securely.
  • -WindowsCredentialPersist: Specifies whether to persist the Windows credential.
  • -SkipGroupPolicy: Bypasses Group Policy settings.
  • -UseLegacyCredential: Uses the legacy credential method.
  • -AllowCustomAuthentication: Allows custom authentication methods.
  • -ConnectionId: Specifies the connection ID of the VPN connection.
  • -Description: Specifies the description of the VPN connection.
  • -ProviderName: Specifies the VPN provider name.
  • -ServiceProviderName: Specifies the VPN service provider name.
  • -Pbkdf2KeyLength: Specifies the Pbkdf2 key length.
  • -Pbkdf2IterationCount: Specifies the Pbkdf2 iteration count.
  • -Pbkdf2Algorithm: Specifies the Pbkdf2 algorithm.
  • -ForceSourceAddress: Forces the source address of the VPN connection.
  • -MaximumConnectionTime: Specifies the maximum connection time of the VPN connection.
  • -MaximumSendPacketSize: Specifies the maximum send packet size of the VPN connection.
  • -MaximumReceivePacketSize: Specifies the maximum receive packet size of the VPN connection.
  • -ProxyAddress: Specifies the proxy address for the VPN connection.
  • -ProxyPort: Specifies the proxy port for the VPN connection.
  • -ProxyAuthentication: Specifies the proxy authentication for the VPN connection.
  • -SkipNetworkProfileCheck: Skips the network profile check.
  • -LogonHours: Specifies the logon hours for the VPN connection.
  • -SharedSecret: Specifies the shared secret for the VPN connection.
  • -AllowRemoteRouting: Allows remote routing for the VPN connection.
  • -AllowPreSharedKey: Allows pre-shared key authentication for the VPN connection.
  • -AssociateRouteTable: Associates a route table with the VPN connection.
  • -RouteTable: Specifies the route table for the VPN connection.

Examples

Create a VPN connection with certificate authentication

Add-VpnConnection -Name MyVPN -ServerAddress vpn.contoso.com -Credential (Get-Credential)

Create a VPN connection with EAP authentication

$cred = New-Object System.Management.Automation.PSCredential("user", (Get-Credential).Password)
Add-VpnConnection -Name MyVPN -ServerAddress vpn.contoso.com -AuthenticationMethod EAP -Credential $cred

Create a VPN connection with split tunneling

Add-VpnConnection -Name MyVPN -ServerAddress vpn.contoso.com -SplitTunneling

Common Issues

Error: “The remote connection was not made because the attempted VPN tunnels failed”

  • Ensure the VPN server is accessible and the VPN configuration is correct.
  • Check the VPN server’s firewall settings to ensure it allows incoming connections.
  • Verify that the user’s credentials are valid for the VPN server.

Error: “The Group Policy settings for this VPN connection do not enable this connection”

  • Enable the VPN connection in Group Policy using the following setting: Computer Configuration\Administrative Templates\Network\Network Connections\VPN Connections\Connections.

Integration

The Add-VpnConnection cmdlet can be used with the following commands:

  • Get-VpnConnection: Retrieves VPN connections.
  • Remove-VpnConnection: Removes VPN connections.
  • Set-VpnConnection: Modifies VPN connections.
  • Connect-VpnConnection: Connects to a VPN connection.
  • Disconnect-VpnConnection: Disconnects from a VPN connection.
  • New-VpnConnection: Creates a new VPN connection object.
  • Set-VpnConnection: Modifies an existing VPN connection object.
  • Remove-VpnConnection: Removes a VPN connection object.