Connect to VPN works in GUI but not through Powershell

Good day

I’m trying to create a script to add a device to a domain remotely but for that I need to establish a VPN connection. This is the script I’m trying to run:

$VPNname = "My-VPN"

$address = "myserver.no-ip.com"

$username = "VPN-Username"

$plainpassword = "VPN-Password"

 

Add-VpnConnection -Name $VPNname -ServerAddress $address -AuthenticationMethod MSChapv2 -EncryptionLevel Required -Force -RememberCredential -TunnelType Pptp

 

Set-VpnConnectionUsernamePassword -connectionname $VPNname -username $username -password $plainpassword -domain ''

 

$vpnName = "My-VPN";

$vpn = Get-VpnConnection -Name $vpnName;

if($vpn.ConnectionStatus -eq "Disconnected"){

rasdial $vpnName;

}

I’m getting the following error:

Connecting to My-VPN...

Verifying username and password…

Remote Access error 691 - The remote connection was denied because the user name and password combination you provided is not recognized, or the selected authentication p

rotocol is not permitted on the remote access server.

 

For more help on this error:

Type ‘hh netcfg.chm’

In help, click Troubleshooting, then Error Messages, then 691


 

When I click on the network connections and connect to the VPN, it connects within seconds.

Any help would be appreciated.

As for this…

When I click on the network connections and connect to the VPN, it connects within seconds.

That is because that is an app (Say Cisco or connectoid shortcuts) already configured with all it needs to connect that is pre-staged.

So, if you have this (app / connectoid shortcuts) in place already, just start that from PS (say using start-process, etc.), then use PS as normal, vs creating something new.

Also, it’s really a bad thing to embed plain text passwords in script files. Just say’in…

Thanks for the response. The Start-Process worked like a charm!

glad it helped, and hopefully you have also made the decision not to use plain text passwords in your script.

;0}

There are several ways to get creds in script without that plain text approach, such as using the Windows Credential Store or a credential file store. Lot’s of docs all over the web talking to both of those approaches.