Configure Meraki Client VPN on Windows

IFM supplies network engineering services for $NZ180+GST per hour. If you require assistance with designing or engineering a Cisco network - hire us!

You've had a look at the instructions on how to setup the Cisco Meraki Client VPN on Windows, but it is just "too many clicks" or you have to do it on lots of computers and you just need a better way?

What now?

Well luckily Powershell provides an easy way to script the creation of a VPN connection.  You can copy and paste this into Powershell, or you can put it into a powershell script or put it into a login script so it gets created automatically on lots of computers. Note this Powershell line will produce a warning - but it still works. Just ignore the warning.

Add-VpnConnection -AllUserConnection -Name "[insert VPN name]" -ServerAddress [insert IP/hostname for VPN] -TunnelType L2tp -DNSSuffix "[insert domain name]" -EncryptionLevel Optional -AuthenticationMethod PAP -L2tpPsk "[insert VPN password]" -Force –PassThru

Powershell actually exposes more options to configure the VPN than the GUI does.  Lets say you want a VPN that does "split tunnelling" (where only a particular subnet gets sent over the VPN instead of everything)?  Well this sequence of powershell commands will do just that.

$ServerAddress = "Meraki External IP here"
$ConnectionName = "Name of your connection here"
$PresharedKey = "Your Preshared Key here"
$Destination = "Your internal subnet here example"

Add-VpnConnection -Name "$ConnectionName" -ServerAddress "$ServerAddress" -TunnelType L2tp -L2tpPsk "$PresharedKey" -AuthenticationMethod Pap -Force

Start-Sleep -m 100

Set-VpnConnection -Name $ConnectionName -SplitTunneling $True

Start-Sleep -m 100

Add-Vpnconnectionroute -Connectionname $ConnectionName -DestinationPrefix $Destination

Do you also want a shortcut on your desktop?

$ConnectionName = "Name of your connection here"
$ShortcutFile = "$env:homepath\Desktop\$ConnectionName.lnk"
$WScriptShell = New-Object -ComObject WScript.Shell
$Shortcut = $WScriptShell.CreateShortcut($ShortcutFile)
$Shortcut.TargetPath = "rasphone.exe"
$Shortcut.Arguments = "-d `"$ConnectionName`""
$ShortCut.WorkingDirectory = "$env:SystemRoot\System32\"