For some business reasons, company provides FortiGate SSL VPN to connect office network, but some subnet cannot be accessed due to route did not add automatically.
here is a PowerShell script to find the gateway and interface of VPN connection then add route. It will be great if I can find out how to run script automatically after VPN connection made.
let say office VPN subnet is 10.50.10.0/24, add 2 new subnet by following
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 |
# add route required admin right, this will popup and ask for permission. If (-NOT ([Security.Principal.WindowsPrincipal][Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] "Administrator")) { $arguments = "& '" + $myinvocation.mycommand.definition + "'" Start-Process powershell -Verb runAs -ArgumentList $arguments Break } # find VPN connection gateway IP and interface number $vpnroute = Get-WmiObject win32_IP4RouteTable | Where-Object { $_.Destination -eq "10.50.10.0" } $gateway = $vpnroute.NextHop $interface = $vpnroute.InterfaceIndex route add 10.50.23.0 mask 255.255.255.0 $gateway metric 20 if $interface route add 10.60.0.0 mask 255.255.0.0 $gateway metric 20 if $interface |
FortiGate SSL VPN client is based on PPP, different to Cisco or others as normal network adapter.
ref:
http://serverfault.com/questions/145259/powershell-win32-networkadapterconfiguration-not-seeing-ppp-adapter
http://stackoverflow.com/questions/3293629/script-for-add-route
photo credit: Brent Hensarling
cc