tom-henderson
/ gist:118de8434b113adb9d03
Created
March 25, 2016 03:45
EdgeRouter Dynamic DNS Config
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| set service dns dynamic interface pppoe0 service custom-domain host-name <domain> | |
| set service dns dynamic interface pppoe0 service custom-domain login <username> | |
| set service dns dynamic interface pppoe0 service custom-domain password <password> | |
| set service dns dynamic interface pppoe0 service custom-domain protocol noip |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| set vpn pptp remote-access authentication mode local | |
| set vpn pptp remote-access authentication local-users username <username> password <password> | |
| set vpn pptp remote-access client-ip-pool start 10.0.3.10 | |
| set vpn pptp remote-access client-ip-pool stop 10.0.3.20 | |
| set vpn pptp remote-access dns-servers server-1 10.0.0.1 | |
| set service dns forwarding options "listen-address=10.0.0.1" | |
| set firewall name WAN_LOCAL rule 30 description “Allow PPTP” | |
| set firewall name WAN_LOCAL rule 30 action accept |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| set interfaces ethernet eth0 address 192.168.1.1/24 | |
| set service nat rule 4000 description "Modem Access" | |
| set service nat rule 4000 log disable | |
| set service nat rule 4000 outbound-interface eth0 | |
| set service nat rule 4000 protocol all | |
| set service nat rule 4000 type masquerade | |
| set service nat rule 4000 destination address 192.168.1.0/24 |
tom-henderson
/ Get-UnlinkedGPOs.ps1
Created
May 31, 2016 23:07
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function Get-UnlinkedGPOs { | |
| function IsNotLinked($xmldata){ | |
| If ($xmldata.GPO.LinksTo -eq $null) { | |
| Return $true | |
| } | |
| Return $false | |
| } | |
| $unlinkedGPOs = @() |
tom-henderson
/ Get-EmptyGPOs.ps1
Last active
June 1, 2016 15:21
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function Get-EmptyGPOs { | |
| function HasNoSettings{ | |
| $cExtNodes = $xmldata.DocumentElement.SelectNodes($cQueryString, $XmlNameSpaceMgr) | |
| foreach ($cExtNode in $cExtNodes){ | |
| If ($cExtNode.HasChildNodes){ | |
| Return $false | |
| } | |
| } | |
tom-henderson
/ Get-EmptyOUs.ps1
Created
May 31, 2016 23:09
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function Get-EmptyOUs { | |
| $emptyOus = Get-ADOrganizationalUnit -Filter * -Properties CanonicalName | ForEach-Object { | |
| if (-not (Get-ADObject -SearchBase $_ -SearchScope OneLevel -Filter * )) { | |
| $_ | |
| } | |
| } | |
| return $emptyOus | |
| } |
tom-henderson
/ edgerouter-azure-vpn.txt
Last active
July 30, 2016 04:49
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| vpn { | |
| ipsec { | |
| auto-firewall-nat-exclude enable | |
| esp-group esp-azure { | |
| compression disable | |
| lifetime 3600 | |
| mode tunnel | |
| pfs disable | |
| proposal 1 { | |
| encryption aes256 |
tom-henderson
/ azure-vpn.ps1
Created
July 31, 2016 04:27
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Create the Azure end of an Azure Site to Site VPN | |
| $subscription = 'Visual Studio Enterprise' | |
| $location = 'Australia East' | |
| $resourceGroup = 'RG-Network' | |
| $networkName = 'VN-Azure' | |
| $networkPrefix = '10.20.0.0/16' |
tom-henderson
/ edgerouter-azure-vpn-commands.txt
Last active
March 16, 2018 13:45
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| set vpn ipsec ipsec-interfaces interface pppoe0 | |
| set vpn ipsec auto-firewall-nat-exclude enable | |
| set vpn ipsec nat-traversal enable | |
| set vpn ipsec esp-group esp-azure compression disable | |
| set vpn ipsec esp-group esp-azure lifetime 3600 | |
| set vpn ipsec esp-group esp-azure mode tunnel | |
| set vpn ipsec esp-group esp-azure pfs disable | |
| set vpn ipsec esp-group esp-azure proposal 1 encryption aes256 | |
| set vpn ipsec esp-group esp-azure proposal 1 hash sha1 |
tom-henderson
/ azure-update-local-gateway-ip.ps1
Last active
September 14, 2016 00:55
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $resourceGroup = 'RG-Network' | |
| $localGatewayName = 'GW-Local' | |
| $localGatewayIP = $(Resolve-DNS host.example.com).IPAddress | |
| $localGateway = Get-AzureRmLocalNetworkGateway -Name $localGatewayName -ResourceGroupName $resourceGroup | |
| $localAddressSpace = $localGateway.AddressSpaceText | ConvertFrom-Json | |
| $localGateway.GatewayIpAddress = $localGatewayIP | |
| Set-AzureRmLocalNetworkGateway -LocalNetworkGateway $localGateway -AddressPrefix @($localAddressSpace.AddressPrefixes) |