Skip to content

Set AvmAppVpnWithPfs

Jump to bottom
Gincules edited this page Apr 4, 2023 · 1 revision

Set-AvmAppVpnWithPfs

Synopsis

Action: SetAppVPNwithPFS
Available on: ✅ FRITZ!Box / 🚫 FRITZ!Repeater
Status: ⚠️
Remote access: ✅
Required rights: 🔧

Description

This function confugres of a VPN (IPsec) access for the app instance with PFS (Perfect Forward Secrecy) support. Every app instance can have at most only one VPN access configuration. In case a VPN access already exists for the app instance, the old configuration is overwritten. In case a VPN access already exists and all IPSec parameter are empty, the existing VPN configuration will be deleted.

NOTE: an app instance never has any configuration rights, so box user credentials must be used for TR-064 authentication to perform this action.

Input:

Data type Variable Example or Description
String NewAppId Identifier of the app instance
String NewIPSecIdentifier IPSec identifier
String NewIPSecPreSharedKey IPSec pre-shared-key
String NewIPSecXauthUsername Username for xauth
SecureString NewIPSecXauthPassword Password for xauth as PowerShell SecureString

Output:

Data type Variable Example
String u urn:dslforum-org:service:X_AVM-DE_AppSetup:1

Syntax

Set-AvmAppVpnWithPfs
    [-Insecure]
    [-RemoteAccess]
    [-Url <String>]
    [-Port <Ushort>]
    [-Credential <PSCredential>]
    [-NewAppId <String>]
    [-NewIPSecIdentifier <String>]
    [-NewIPSecPreSharedKey <String>]
    [-NewIPSecXauthUsername <String>]
    [-NewIPSecXauthPassword <SecureString>]

Examples

Example 1

This example describes how to run the command using a valid certificate and remote access.

[PSCredential]$Credential = Import-Clixml -Path "${env:APPDATA}\PScred\avmtools-credential.xml"
[SecureString]$NewIPSecXauthPassword = Get-Content -Path "${env:APPDATA}\PScred\function-password.txt" | ConvertTo-SecureString

$splatParameters = @{
    RemoteAccess = $true
    Url = "https://myfritzaddress12.myfritz.net"
    Port = 443
    Credential = $Credential
    NewAppId = "1"
    NewIPSecIdentifier = "1"
    NewIPSecPreSharedKey = "1"
    NewIPSecXauthUsername = "Username"
    NewIPSecXauthPassword = $NewIPSecXauthPassword
}

Set-AvmAppVpnWithPfs @splatParameters

Example 2

This example describes how to run the command using local connection with a valid certificate.

[PSCredential]$Credential = Import-Clixml -Path "${env:APPDATA}\PScred\avmtools-credential.xml"
[SecureString]$NewIPSecXauthPassword = Get-Content -Path "${env:APPDATA}\PScred\function-password.txt" | ConvertTo-SecureString

$splatParameters = @{
    Url = "https://fritz.box"
    Port = 49443
    Credential = $Credential
    NewAppId = "1"
    NewIPSecIdentifier = "1"
    NewIPSecPreSharedKey = "1"
    NewIPSecXauthUsername = "Username"
    NewIPSecXauthPassword = $NewIPSecXauthPassword
}

Set-AvmAppVpnWithPfs @splatParameters

IP address can be used instead of DNS name.

[PSCredential]$Credential = Import-Clixml -Path "${env:APPDATA}\PScred\avmtools-credential.xml"
[SecureString]$NewIPSecXauthPassword = Get-Content -Path "${env:APPDATA}\PScred\function-password.txt" | ConvertTo-SecureString

$splatParameters = @{
    Url = "https://192.168.178.1"
    Port = 49443
    Credential = $Credential
    NewAppId = "1"
    NewIPSecIdentifier = "1"
    NewIPSecPreSharedKey = "1"
    NewIPSecXauthUsername = "Username"
    NewIPSecXauthPassword = $NewIPSecXauthPassword
}

Set-AvmAppVpnWithPfs @splatParameters

Example 3

This example describes how to run the command using local connection without a valid certificate.

[PSCredential]$Credential = Import-Clixml -Path "${env:APPDATA}\PScred\avmtools-credential.xml"
[SecureString]$NewIPSecXauthPassword = Get-Content -Path "${env:APPDATA}\PScred\function-password.txt" | ConvertTo-SecureString

$splatParameters = @{
    Insecure = $true
    Url = "http://fritz.box"
    Port = 49000
    Credential = $Credential
    NewAppId = "1"
    NewIPSecIdentifier = "1"
    NewIPSecPreSharedKey = "1"
    NewIPSecXauthUsername = "Username"
    NewIPSecXauthPassword = $NewIPSecXauthPassword
}

Set-AvmAppVpnWithPfs @splatParameters

IP address can be used instead of DNS name.

[PSCredential]$Credential = Import-Clixml -Path "${env:APPDATA}\PScred\avmtools-credential.xml"
[SecureString]$NewIPSecXauthPassword = Get-Content -Path "${env:APPDATA}\PScred\function-password.txt" | ConvertTo-SecureString

$splatParameters = @{
    Insecure = $true
    Url = "http://192.168.178.1"
    Port = 49000
    Credential = $Credential
    NewAppId = "1"
    NewIPSecIdentifier = "1"
    NewIPSecPreSharedKey = "1"
    NewIPSecXauthUsername = "Username"
    NewIPSecXauthPassword = $NewIPSecXauthPassword
}

Set-AvmAppVpnWithPfs @splatParameters

Copyright ©️ 2020 Gincules. All rights reserved.

Clone this wiki locally