Devolutions ForumDevolutions Forum

Add support for preshared key for VPN

Add support for preshared key for VPN

0 vote

avatar
faebudo

Hi,

I use the Microsoft VPN plugin with embedded phonebook integration. Unfortunately the phonebook file doesn't support saving the preshared key.
ATM I have to open the pbk file on every PC and input the preshared key manually, it is then saved by windows.
Please add support so we can input the preshared key in the credentials section of RDM.

Best Regards,
Fabian

All Comments (14)

avatar
David Hervieux

How could we add the support? Is it supported by the command line?

David Hervieux

avatar
faebudo

Hi David,

Unfortunately there is no support for entering the psk credential on the CLI.
But it is possible to set the credentials directly in .Net with RasDial. For Reference see here: http://msdn.microsoft.com/en-us/library/aa377811(v=vs.85).aspx
A simple library for managing the phonebook connections is https://dotras.codeplex.com/

avatar
David Hervieux

Thank you. I will add this to our todo list.

David Hervieux

avatar
jadevries83

HI

any news about the support of pre shared key?

avatar
David Hervieux

Hi,
It still on our todo list but we haven't done anything for now.

Regards

David Hervieux

avatar
jadevries83

any idea when it could be implemented?

avatar
David Hervieux

Hi,
I'm not sure. We are working on RDM 12 right now and we want to finish the other major features before.

Sorry for the delay

David Hervieux

avatar
bquick

Old thread but important. Meraki MX firewalls do not use a VPN client but use L2TP with PSK so this problem is going to be a bigger issue moving forward if it has not been solved.

Thanks David.

avatar
bquick

This support document seems to indicate that it does but my test disagrees.

https://help.remotedesktopmanager.com/#_ga=2.53528872.1447728215.1499884013-1118398213.1485962029

avatar
David Grandolfo

Hi Brent,

After a discussion with the engineering department, it's still on their to-do list, unfortunately they didn't have time to do it yet.

Best regards,

David Grandolfo

avatar
bquick

To close the loop on this, the PSK seems to be a magical "Windows" value that cannot be contained in the PBK file. If the user(s) creates the identical VPN entry on their PC (aided by PowerShell script) then you can set RDM to use the "default phonebook" which is per user. Then, since the connection is named the same and the PSK was added by PowerShell the normal credential inheritance rules work. Somewhat of a Rube Goldberg means to solve the problem but workable. I believe the documentation is going to be updated to note that multi-user deployments will need these or similar additional steps.

Thanks David for the help.

For those with Meraki Client VPN's here is the PowerShell I use to create the local VPN. The user does not need to run it via Windows or put in credentials (presuming RDM is providing) before using in RDM.

Note code wraps after {"Optional" -} so need to make single line or put "`" backtick to show continuation.










avatar
izak01

Does this exist yet, we connect to over 98 sites using the VPN phone book and one decided to start using L2tp with a pre-shared key. Some other customers have already given a heads up on them using MS VPN L2TP with pre-shared keys.

avatar
Jeff Dagenais

@Izak,

Please consult this other thread on our forum. It should help you with your L2TP connection.
https://forum.devolutions.net/topic28844-how-to-set-a-preshared-key-for-microsoft-windows-vpn.aspx

Best regards,

Jeff Dagenais

avatar
bquick

@Izak - I dropped an updated script and some other information in the other thread so check it again if you do not see my response in it.

Thanks.