Giter VIP home page Giter VIP logo

aov's People

Contributors

mr-tbone avatar thewillwilson avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar

Forkers

franciscocalvodaylesford

aov's Issues

General Error When Using High Security IPSec Settings

Hello,

Thanks for all the work here, this has been useful in our lab environment for testing different settings.

We receieve a general error when attempting to use the following cryptography settings, but are able to set them afterwards with powershell's Set-VPNConnectionIPSecConfiguration. This is on Windows 11 23H2, running January's 2023 CU.

<CryptographySuite>
         <AuthenticationTransformConstants>GCMAES256</AuthenticationTransformConstants>
         <CipherTransformConstants>GCMAES256</CipherTransformConstants>
         <EncryptionMethod>GCMAES256</EncryptionMethod>
         <IntegrityCheckMethod>SHA384</IntegrityCheckMethod>
         <DHGroup>ECP384</DHGroup>
         <PfsGroup>ECP384</PfsGroup>
 </CryptographySuite>

Running the script with lesser settings is successful. These settings work for example.

      <CryptographySuite>
         <AuthenticationTransformConstants>SHA256128</AuthenticationTransformConstants>
         <CipherTransformConstants>AES128</CipherTransformConstants>
         <EncryptionMethod>AES128</EncryptionMethod>
         <IntegrityCheckMethod>SHA256</IntegrityCheckMethod>
         <DHGroup>Group14</DHGroup>
         <PfsGroup>PFS2048</PfsGroup>
      </CryptographySuite>

Here's the debug when it fails, unfortunately it's the dreaded general error.

2024-02-05,18:02:38,Start,Starting script WalkerITGTest-AoV-User-Tunnel with installtype: Install option set
2024-02-05,18:02:38,Info,Skipped to get Currentversion from registry due to not exist, setting 0.0.0.0 as version
2024-02-05,18:02:38,Info,Success to start execute script with Installed version: 0.0.0.0, Script version: 1.6.2303.1, Installtype: Install
2024-02-05,18:02:38,info,Success to enumerate Username from WMI to @{username=TEST\vpntest}.
2024-02-05,18:02:38,info,Success to enumerate Username: vpntest and SID: S-1-5-21-1903627400-982974822-0123456789-4616
2024-02-05,18:02:38,Info,Success to verify credentials, The script is running as admin with the current user credentials
2024-02-05,18:02:38,Info,Success to verify the service dmwappushservice, it is already running
2024-02-05,18:02:38,Info,Success to connect CSP over WMI bridge
2024-02-05,18:02:38,Info,Success to disconnect VPN Tunnel WalkerITG AoV User Tunnel
2024-02-05,18:02:38,Info,Success to enumerate existing VPN Tunnels with CSP over WMI
2024-02-05,18:02:38,Info,Skipped to delete VPN Tunnels with CSP over WMI, No VPN Tunnel found
2024-02-05,18:02:38,Info,Skipped to delete VPN Tunnel WalkerITG AoV User Tunnel with PowerShell, no VPN tunnel exist
2024-02-05,18:02:38,Info,Success to get MDM Tracking from registry
2024-02-05,18:02:38,Info,Skipped to delete MDM Tracking from registry, does not exist
2024-02-05,18:02:38,Info,Success to get NetworkList from registry
2024-02-05,18:02:38,Info,Skipped to delete NetworkList from registry, does not exist
2024-02-05,18:02:38,Info,Success to get AutoTriggerDisabledProfilesList from registry
2024-02-05,18:02:38,Info,Skipped to remove AutoTriggerDisabledProfilesList from registry, key does not exist
2024-02-05,18:02:38,Error,Failed to create VPN Profile WalkerITG AoV User Tunnel with error: A general error occurred that is not covered by a more specific error code.

What's weird is that I can set it afterwards just fine using powershell as noted. Is this a continuation of the CSP problems on Win11 or something else?

Happy to provide any further information or testing, thanks again for all the work on this.

DisplayVersion not read correctly

Hi!

Just been digging into the script before deploying it, but just noticed the script doesn't actually read the DisplayVersion from the registry correctly even when it's there, therefore showing 0.0.0.0.

It looks like it's caused by the install script looking for $AppKey = "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\$ProfileName" with $profilename being $ProfileName = "$company AoV Device Tunnel"

Whereas the reg is actually being written with the GUID suffix by $AddRemKey = "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\$guid" therefore isn't actually finding the key

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.