Script para Auxiliar na VPN Point-to-Site e OpenVPN com o Azure

Buenas Pessoal!!

Realizei um script para auxiliar a configuração da VPN point-to-site e OpenVPN com o Azure em máquinas Windows. Este script gera de forma fácil e iterativa, os certificados e chave necessárias para o processo de configuração de ambos tipos de VPN.

VPN_Logo

Pré-requisitos:

OpenSSL (Você pode baixa-lo aqui https://www.openssl.org)
Powershell

#####################################
#Autor: Eduardo Kieling
#Blog: Https://eduardokieling.com
#Microsoft Azure MVP
#####################################
#>>>Create a certificate root and client + Key For PointTOSite VPN on Azure<<<
#####################################
#
#####################################
#GLOBAL VARIABLES
#####################################
$exportpath = "C:\" #File Path
$certname = Read-Host "Certificate Name"
$pass = Read-Host  "Certificate Password" -AsSecureString
#
#
#
#PS:Openssl requirement
#
#
#####################################

#LOCAL VARIABLES
$rootcertcn="CN="+$certname+"_ROOT"
$clientcertcn="CN="+$certname+"_CLIENT" 

#CREATE ROOT CERTIFICATE
$certroot = New-SelfSignedCertificate -Type Custom -KeySpec Signature -Subject $rootcertcn -KeyExportPolicy Exportable -HashAlgorithm sha256 -KeyLength 2048 -CertStoreLocation "Cert:\CurrentUser\My" -KeyUsageProperty Sign -KeyUsage CertSign


#CREATE CLIENT CERTIFICATE
$certclient = New-SelfSignedCertificate -Type Custom -DnsName $clientcertcn -KeySpec Signature -Subject $clientcertcn -KeyExportPolicy Exportable -HashAlgorithm sha256 -KeyLength 2048 -CertStoreLocation "Cert:\CurrentUser\My" -Signer $certroot -TextExtension @("2.5.29.37={text}1.3.6.1.5.5.7.3.2")

#EXPORT ROOT AND CLIENT CERTIFICATES
$certrootpfx = Export-PfxCertificate -Cert $certclient -FilePath $exportpath\VPN_CLIENT.pfx -ChainOption EndEntityCertOnly -NoProperties -Password $pass
Write-Host "                                                    " -ForegroundColor DarkRed -BackgroundColor White
Write-Host "     Write the same password you entered before     " -ForegroundColor DarkRed -BackgroundColor White
Write-Host "                                                    " -ForegroundColor DarkRed -BackgroundColor White
openssl pkcs12 -in $exportpath\VPN_CLIENT.pfx -nodes -out $exportpath\"VPN_CLIENT_KEY_"$certname".txt"
Remove-Item  $certrootpfx
$certroot64 = Export-Certificate -Cert $certroot -FilePath $exportpath\VPN_ROOT.cer -Type CER
certutil -encode $certroot64 $exportpath\"VPN_ROOT64_"$certname".cer"
Remove-Item  $certroot64
$certclient64 = Export-Certificate -Cert $certclient -FilePath $exportpath\VPN_CLIENT.cer -Type CER
certutil -encode $certclient64 $exportpath\"VPN_CLIENT64_"$certname".cer"
Remove-Item $certclient64

Link para download do script: https://github.com/eduardokieling/AzureVPN/blob/master/VPN_Point_TO_Site_FULL.ps1

Abraço
Eduardo Kieling

Autor: Eduardo Kieling

Mestre em Computação Aplicada e Bacharel no curso de Ciência da Computação, Eduardo Kieling é especialista em infraestrutura de TI com ênfase em Cloud Computing, possuindo grande experiência no mercado e atuando em diversas empresas. Hoje é líder de time de Microsoft Azure e Arquiteto de Soluções em Nuvem Sênior, responsável pelo desenho de soluções, implementação e administração de diversas tecnologias. Tem como prática palestras e artigos técnicos, para a comunidade técnica. Ver todos posts por Eduardo Kieling

Deixe um comentário

Microsoft Azure Updates

Preview a fully parsed YAML document without running the pipeline 25/02/2020

With this update, we've added a preview-but-don't-run mode for YAML pipelines so you can try a YAML pipeline without running it or committing it to a repo. This will let you see a fully parsed YAML document without running the pipeline.

A8 – A11 Azure Virtual Machine sizes will be retired on March 1, 2021 25/02/2020

We recommend moving your high performance computing (HPC) workloads to another HPC Virtual Machine size.

Virtual machines NVv4 series meter name changes 24/02/2020

Effective April 1, 2020, the meter names of Virtual Machines NVv4 series will change because they will become generally available in West Europe and South Central and East US regions.

Public IP prefix static IP addresses meter ID changes 24/02/2020

Effective April 1, 2020, the resource GUIDs (also known as meter IDs) of public IP prefix standard static IP addresses in the US Gov region will change.

Azure API Management update—February 2020 24/02/2020

A regular Azure API Management service update was started on February 20, 2020, and included the following new features, bug fixes, and changes, along with other improvements. It may take over a week for your API Management service to receive the update.

Deixe um comentário Cancelar resposta

Digite seu comentário aqui...

Preencha os seus dados abaixo ou clique em um ícone para log in:

Email (obrigatório) (Nunca tornar endereço público)

Nome (obrigatório)

Site

Você está comentando utilizando sua conta WordPress.com. ( Sair / Alterar )

Você está comentando utilizando sua conta Google. ( Sair / Alterar )

Você está comentando utilizando sua conta Twitter. ( Sair / Alterar )

Você está comentando utilizando sua conta Facebook. ( Sair / Alterar )

Cancelar

Conectando a %s

Compartilhe isto:

Curtir isso:

Autor: Eduardo Kieling

Deixe um comentário Cancelar resposta