> For the complete documentation index, see [llms.txt](https://docs.devolutions.net/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.devolutions.net/rdm/knowledge-base/troubleshooting-articles/configure-a-microsoft-vpn-with-a-preshared-key.md).

# Configure a Microsoft VPN with a preshared key

The VPN L2TP configuration in Remote Desktop Manager required a Phonebook file. We are also adding a PowerShell script in the VPN session to add the VPN in Windows and inject the Passphrase. Steps are simple but require precise information. In the first step, we need a Phonebook file. I do not cover this example as too many Google search examples exist.

1. Create a phonebook entry with the PBK file.
2. We will configure a Microsoft VPN session. Important the VPN Name need to be the address that you will connect to. The PowerShell script is not reading the information in the PBK file when creating the local VPN.

   <figure><img src="https://cdnweb.devolutions.net/docs/docs_en_kb_KB4243.png" alt=""><figcaption></figcaption></figure>

### Configure the Microsoft VPN entry as

1. Select the phonebook previously created.
2. Click on the refresh button and select in the dropdown the proper VPN Name.
3. Enter the credentials.

Now it is time for the PreShared key, under ***Common – Custom Fields***, in the ***Custom #1***, click on the name and change it for PreSharedKey (#1). Then enter the Preshared-Key in the field at the right. As a visual protection, only click on the lock at the end (#2).

<figure><img src="https://cdnweb.devolutions.net/docs/docs_en_kb_KB4244.png" alt=""><figcaption></figcaption></figure>

{% hint style="warning" %}
The Preshared key is not protected with View Password permission. To prevent the user to see it, you need to block the Edit access to the entry. The value of a hidden custom field is encrypted and protected with the ***View sensitive*** permission.
{% endhint %}

The last one and the most important is the integration of the PowerShell which will create the VPN configuration in Windows.

Under ***Events – Before Connect*** select ***PowerShell*** and copy the script above into the box.

```powershell
# Run from elevated PowerShell session (-verb RunAs)
# May need to run commented line below and answer 'A' OR 'Y'
#set-executionpolicy -executionpolicy unrestricted

$wshell = New-Object -ComObject Wscript.Shell;
$ServerAddress = $RDM.Connection.VPN.Name;
$ConnectionName = $RDM.Connection.VPN.Name;
$PresharedKey = $RDM.Connection.MetaInformation.CustomField1Value;

$Exists = Get-VpnConnection -Name $ConnectionName -ErrorAction SilentlyContinue -ErrorVariable ProcessError;
If ($ProcessError) {$wshell.Popup('RDM is creating the VPN  ' + $ConnectionName,0,'Creation',0x0);
$Exists = $False};

If ($Exists -eq $False){;
$ServerAddress = $ServerAddress;
$PresharedKey = $PresharedKey;

Add-VpnConnection -RememberCredential -Name $ConnectionName -ServerAddress $ServerAddress -TunnelType L2tp -L2tpPsk $PresharedKey -AuthenticationMethod Pap -Force -ErrorAction SilentlyContinue;
$ExistsTest = Get-VpnConnection -Name $ConnectionName -ErrorAction SilentlyContinue -ErrorVariable ProcessError;
If ($ProcessError) { $wshell.Popup('VPN ' + $ConnectionName + ' - Cannot be created' + $Error,0,'Error',0x0)} else {$wshell.Popup('VPN ' + $ConnectionName + ' - Succefully Created ',0,'Success',0x0)};
} else {$wshell.Popup('VPN ' + $ConnectionName + ' - Already Exists',0,'Done',0x0)};
```


---

# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.

## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.devolutions.net/rdm/knowledge-base/troubleshooting-articles/configure-a-microsoft-vpn-with-a-preshared-key.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.