How to create a VPN connection before logging in to Windows 10
I just thought I’d post a quick help guide for those struggling with remote sites that have no site-to-site VPN. For what ever reason the site has no VPN you can get new users logged into a domain.
I’ve been looking after a site that has remote users and due to the fact the remote office is shared with other companies, it is not possible to set up a site-to-site VPN. In the past we have setup new computers at head office, got the user to log-in and then ship the PC to site. Once on the remote site, they can log in and connect to the VPN to get access to the network shares. This is becoming more difficult as new users are starting at the remote location and need to log in for the first time from there.
It’s not obvious how to setup a VPN before the windows login process but I have found the answer.
You need to run the following command from an elevated Powershell window (right click – ‘Run as Administrator). You will need to substitute VPN_NAME with a name of your choice and VPN_SERVER_ADDRESS with the IP address or domain address of your VPN server:
Add-VpnConnection -Name VPN_NAME -ServerAddress VPN_SERVER_ADDRESS -AllUserConnection $true -SplitTunneling $true -AuthenticationMethod MSChapv2 -TunnelType Automatic -EncryptionLevel Required -PassThru
Once you’ve run the add VPN script above, log off the PC and at the logon screen you will see a new network icon in the bottom right of the screen. Click on that, and it will prompt for your VPN username and password. I’m using Microsoft Routing and Remote Access, so as long as the user is in the correct security groups, they put in their user name and password, the VPN connects and they get logged in.
Let me know if this helps,