Script para Auxiliar na VPN Point-to-Site e OpenVPN com o Azure

Buenas Pessoal!!

Realizei um script para auxiliar a configuração da VPN point-to-site e OpenVPN com o Azure em máquinas Windows. Este script gera de forma fácil e iterativa, os certificados e chave necessárias para o processo de configuração de ambos tipos de VPN.

VPN_Logo

Pré-requisitos:

OpenSSL (Você pode baixa-lo aqui https://www.openssl.org)
Powershell

#####################################
#Autor: Eduardo Kieling
#Blog: Https://eduardokieling.com
#Microsoft Azure MVP
#####################################
#>>>Create a certificate root and client + Key For PointTOSite VPN on Azure<<<
#####################################
#
#####################################
#GLOBAL VARIABLES
#####################################
$exportpath = "C:\" #File Path
$certname = Read-Host "Certificate Name"
$pass = Read-Host  "Certificate Password" -AsSecureString
#
#
#
#PS:Openssl requirement
#
#
#####################################
#LOCAL VARIABLES
$rootcertcn="CN="+$certname+"_ROOT"
$clientcertcn="CN="+$certname+"_CLIENT"
#CREATE ROOT CERTIFICATE
$certroot = New-SelfSignedCertificate -Type Custom -KeySpec Signature -Subject $rootcertcn -KeyExportPolicy Exportable -HashAlgorithm sha256 -KeyLength 2048 -CertStoreLocation "Cert:\CurrentUser\My" -KeyUsageProperty Sign -KeyUsage CertSign
#CREATE CLIENT CERTIFICATE
$certclient = New-SelfSignedCertificate -Type Custom -DnsName $clientcertcn -KeySpec Signature -Subject $clientcertcn -KeyExportPolicy Exportable -HashAlgorithm sha256 -KeyLength 2048 -CertStoreLocation "Cert:\CurrentUser\My" -Signer $certroot -TextExtension @("2.5.29.37={text}1.3.6.1.5.5.7.3.2")
#EXPORT ROOT AND CLIENT CERTIFICATES
$certrootpfx = Export-PfxCertificate -Cert $certclient -FilePath $exportpath\VPN_CLIENT.pfx -ChainOption EndEntityCertOnly -NoProperties -Password $pass
Write-Host "                                                    " -ForegroundColor DarkRed -BackgroundColor White
Write-Host "     Write the same password you entered before     " -ForegroundColor DarkRed -BackgroundColor White
Write-Host "                                                    " -ForegroundColor DarkRed -BackgroundColor White
openssl pkcs12 -in $exportpath\VPN_CLIENT.pfx -nodes -out $exportpath\"VPN_CLIENT_KEY_"$certname".txt"
Remove-Item  $certrootpfx
$certroot64 = Export-Certificate -Cert $certroot -FilePath $exportpath\VPN_ROOT.cer -Type CER
certutil -encode $certroot64 $exportpath\"VPN_ROOT64_"$certname".cer"
Remove-Item  $certroot64
$certclient64 = Export-Certificate -Cert $certclient -FilePath $exportpath\VPN_CLIENT.cer -Type CER
certutil -encode $certclient64 $exportpath\"VPN_CLIENT64_"$certname".cer"
Remove-Item $certclient64

Link para download do script: https://github.com/eduardokieling/AzureVPN/blob/master/VPN_Point_TO_Site_FULL.ps1
Abraço
Eduardo Kieling

Microsoft Azure Updates

New maintenance control features 23 de setembro de 2020

Increase control over maintenance operations and ensure higher availability for your business-critical applications with two new features now in preview. You can now schedule host maintenance operations in addition to the already available manual updates. Additionally, we are adding the ability for you to control when guest OS image updates on Virtual Machine Scale Sets […]

Column-level encryption for Azure Synapse Analytics 23 de setembro de 2020

Azure Synapse Analytics already provides a breadth of options that can be used to handle sensitive data in a secure manner—we are expanding that support with the introduction of Column Level Encryption (CLE).

New MERGE command for Azure Synapse Analytics 23 de setembro de 2020

Users can now synchronize two tables in a single step, streamlining the data processing using a single step statement while improving code readability and debugging.

COPY command now generally available in Azure Synapse Analytics 23 de setembro de 2020

The COPY command can now automatically parse your files to calculate file splits and can evenly distribute data chunks across the Synapse SQL compute nodes for parallel ingestion.

Windows IoT Microsoft Edge Kiosk Mode in public preview 23 de setembro de 2020

Microsoft Edge can now be run in Kiosk mode on Windows IoT

Deixe uma resposta Cancelar resposta