From f9e7c4a9048784a5ab49b36998271b4da67044b4 Mon Sep 17 00:00:00 2001 From: Aarni Halinen Date: Thu, 16 Jul 2020 07:58:19 +0000 Subject: [PATCH] Update sikdata-mount.ps --- sikdata-mount.ps | 43 +++++++++++++++++++++++++++++++++++++------ 1 file changed, 37 insertions(+), 6 deletions(-) diff --git a/sikdata-mount.ps b/sikdata-mount.ps index e0ba50f..ed60035 100644 --- a/sikdata-mount.ps +++ b/sikdata-mount.ps @@ -1,9 +1,40 @@ +# Certs +# Modify CNs as needed + +$cert = New-SelfSignedCertificate -Type Custom -KeySpec Signature ` +-Subject "CN=AarniP2SRootCert" -KeyExportPolicy Exportable ` +-HashAlgorithm sha256 -KeyLength 2048 ` +-CertStoreLocation "Cert:\CurrentUser\My" -KeyUsageProperty Sign -KeyUsage CertSign + +New-SelfSignedCertificate -Type Custom -DnsName P2SChildCert -KeySpec Signature ` +-Subject "CN=AarniP2SChildCert" -KeyExportPolicy Exportable ` +-HashAlgorithm sha256 -KeyLength 2048 ` +-CertStoreLocation "Cert:\CurrentUser\My" ` +-Signer $cert -TextExtension @("2.5.29.37={text}1.3.6.1.5.5.7.3.2") + +# Export RootCert (cert manager) +https://docs.microsoft.com/fi-fi/azure/vpn-gateway/vpn-gateway-certificates-point-to-site#install + +# Install RootCert to Azure and _SAVE_ +- sikdata-vpn/User VPN configuration + +# REMEMBER TO PRESS SAVE IN AZURE BEFORE NEXT STEP + +# Download Client setup +- Download VPN client button + +# Run correct exe (x64 vs x86) + +# Windows settings VPN, connect to sikdata-vnet (should be installed by the executable) + +# PROFIT!!! + $connectTestResult = Test-NetConnection -ComputerName 192.168.0.4 -Port 445 if ($connectTestResult.TcpTestSucceeded) { -# Save the password so the drive will persist on reboot -cmd.exe /C "cmdkey /add:`"192.168.0.4`" /user:`"Azure\sikdata`” /pass:`"43M1Sa3+rd1e5SJl2FXp+IfcuBISrsq6CWJ0hbEP3bgRrQKNsJc9BoCCcwZ8CEEu9jzEFlHUbu/bGNpBDPlYlw==`"" -# Mount the drive -New-PSDrive -Name Z -PSProvider FileSystem -Root "\\192.168.0.4\sikdata" -Persist + # Save the password so the drive will persist on reboot + cmd.exe /C "cmdkey /add:`"192.168.0.4`" /user:`"Azure\sikdata`" /pass:`"`"" + # Mount the drive + New-PSDrive -Name Z -PSProvider FileSystem -Root "\\192.168.0.4\sikdata" -Persist } else { -Write-Error -Message "Unable to reach the Azure storage account via port 445. Check to make sure your organization or ISP is not blocking port 445, or use Azure P2S VPN, Azure S2S VPN, or Express Route to tunnel SMB traffic over a different port." -} \ No newline at end of file + Write-Error -Message "Unable to reach the Azure storage account via port 445. Check to make sure your organization or ISP is not blocking port 445, or use Azure P2S VPN, Azure S2S VPN, or Express Route to tunnel SMB traffic over a different port." +}