How to connect to a VPN at startup?

I need to have a computer at a branch office automatically connect to the corporate VPN to simplify the login process (not forcing the user to press network login down the right).

The client machine is a Windows 8.1 machine and the VPN is a standard PPTP tunnel.

Mikael Dúi Bolinder

Posted 2014-04-04T18:16:12.093

Reputation: 1 083

Answers

Found this solution here.

Open Task Scheduler (search Task Scheduler)
Click Create Task in the Actions panel on the right
General Tab
1. Provide a logical name for the task like Auto VPN
2. Switch the running task mode to Run whether user is logged on or not
3. Enable the Run with highest privileges option
4. Change the Configure for: drop-down to Windows 10
Triggers Tab
1. Click the New... button
2. Change Begin the task: to At start up
3. (Optional) Enable Delay task for and set to 5 minutes. This give the slow machine a chance to idle down before launching the VPN.
Actions Tab
1. Click the New... button
2. Enter c:\windows\system32\rasdial.exe in the Program/script: field. You can also browse to it if you don't want to type it or your default Windows install directory is different.
3. Type the connection name in the Add arguments field. The rasdial.exe requires you wrap the connection name in quotes if it has spaces. You may also need to append the connection's username and password, as well as domain, if they are required, like this: "VPN Connection Name" username password /domain:domainname.
Conditions Tab
1. Un-check all of the options on the conditions tab.
Settings Tab
1. (Optional) enable "If the task fails, restart every:" and set to an appropriate value. I set mine to 1 hour in case there is a problem on the VPN server's end.
2. (Optional) set the "Attempt to restart up to:" value to an acceptable number. My default is 72 times at a 1 hour interval. This covers long weekend.
Save the new task

Mikael Dúi Bolinder

Posted 2014-04-04T18:16:12.093

Reputation: 1 083

This is an awesome answer save for one thing 5.3 you could do to show the format for that step. – Martin Barker – 2018-07-26T10:27:34.077

1@MartinBarker I know, I've been thinking about it every time I see the answer. – Mikael Dúi Bolinder – 2018-07-26T12:38:46.923

1There should be an option to fav/star an answer instead of the question itself. Thank you for this. – Francisco Zarabozo – 2018-10-13T18:13:06.513

The accepted answer by Mikael is great, except for the plain text password in 5.3, which just makes me queasy. The way my VPN connection (via IKEv2) works, rasdial doesn't need the username and password as parameters.

But if your situation is different, there are ways to avoid the plain text password in the script:

This article explains how to encrypt and save text using Powershell: https://www.pdq.com/blog/secure-password-with-powershell-encrypting-credentials-part-1/

To summarize: using the function ConvertTo-SecureString you can encrypt text in such a way that only (processes running under) the same user, on the same machine can decrypt it. Which isn't perfectly secure, but better than plain text. The powershell command to encrypt and save "MyP@ssword1" to a file would be:

"MyP@ssword1" | ConvertTo-SecureString -AsPlainText -Force | ConvertFrom-SecureString | Out-File "C:\path to\your\Password.txt"

And here you'll find how to read and decrypt the password again: https://stackoverflow.com/a/19950628/4602253

Niki Herl

Posted 2014-04-04T18:16:12.093

Reputation: 21

it's now a community wiki, feel free to add your suggestion there. – Mikael Dúi Bolinder – 2019-01-04T23:20:47.650

Just create the .bat file

c:\windows\system32\rasdial.exe "VPN Connection Name" [username] [password] [/domain:domainname]

and create shortcut of created file into WINDOWS_KEY+R: shell:startup folder

sergioneli

Posted 2014-04-04T18:16:12.093

Reputation: 25

3The commands in a user’s startup folder are executed after the user logs in. The question is asking how to execute a command *before* a user logs in. – Scott – 2018-08-07T06:13:24.610