Set VpnConnection - PowerShell


The Set-VpnConnection command is used to modify existing VPN connections on the local computer. It allows administrators to change settings such as connection name, server address, credentials, and more. This command is essential for managing and updating VPN configurations.


Set-VpnConnection [-Name] <string> -ServerAddress <string> -TunnelType <string> -AuthenticationMethod <string> [-Credential] <PSCredential> [-DnsSuffix] <string> [-SplitTunneling] <bool> [-UsagePreference] <string> [-TriggerAuthentication <string>] [-LdapGroupAttribute] <string> [-LdapUserAttribute] <string> [-LdapSearchBase] <string> [-LdapServiceAccount] <string> [-LdapServiceAccountCredential] <PSCredential> [-LdapRelativeDistinguishedNames] <bool> [-CustomDnsSuffix] <string> [-RememberCredential] <bool> [-ProxyServerAddress] <string>


| Option/Flag | Description | Default |
| -Name | The name of the VPN connection to be modified. | Required |
| -ServerAddress | The address of the VPN server. | Required |
| -TunnelType | The type of VPN tunnel to use. Valid values: Ikev2, Pptp, Sstp. | Required |
| -AuthenticationMethod | The authentication method to use. Valid values: Certificates, Password, WindowsIntegrated, MachineCredential, Eap. | Required |
| -Credential | The credentials to use for authentication. | Required if AuthenticationMethod is Password |
| -DnsSuffix | The DNS suffix to use for the VPN connection. | |
| -SplitTunneling | Enables split tunneling on the VPN connection. | False |
| -UsagePreference | The usage preference for the VPN connection. Valid values: AlwaysConnect, AutoConnect, ConnectOnDemand. | AutoConnect |
| -TriggerAuthentication | The trigger type for the VPN connection. Valid values: Always, OnDemand, AsNeeded. | AsNeeded |
| -LdapGroupAttribute | The LDAP group attribute to use for group membership checks. | |
| -LdapUserAttribute | The LDAP user attribute to use for user authentication. | |
| -LdapSearchBase | The LDAP search base to use for user and group searches. | |
| -LdapServiceAccount | The LDAP service account to use for authentication. | |
| -LdapServiceAccountCredential | The credentials for the LDAP service account. | |
| -LdapRelativeDistinguishedNames | Specifies whether to use relative distinguished names for LDAP attributes. | False |
| -CustomDnsSuffix | The custom DNS suffix to use for the VPN connection. | |
| -RememberCredential | Specifies whether to remember the credentials for the VPN connection. | False |
| -ProxyServerAddress | Specifies the proxy server address to use for the VPN connection. |


Example 1: Modify the server address of an existing VPN connection

Set-VpnConnection -Name "MyVPNConnection" -ServerAddress ""

Example 2: Change the authentication method to Certificate

Set-VpnConnection -Name "MyVPNConnection" -AuthenticationMethod Certificates

Example 3: Enable split tunneling on a VPN connection

Set-VpnConnection -Name "MyVPNConnection" -SplitTunneling $true

Common Issues

Issue: VPN connection fails to establish after modifying its settings.

Solution: Verify that the new settings are correct and that the VPN server is accessible. Check the event logs for any errors related to the VPN connection.


The Set-VpnConnection command can be integrated with other PowerShell commands to automate VPN management tasks. For example, you can use it in a script to create, modify, and delete multiple VPN connections.

# Get all VPN connections on the local computer
$vpnConnections = Get-VpnConnection

# Modify each VPN connection to use a different DNS suffix
foreach ($vpnConnection in $vpnConnections) {
    Set-VpnConnection -Name $vpnConnection.Name -DnsSuffix ""