The accepted answer by Mikael is great, except for the plain text password in 5.3, which just makes me queasy. The way my VPN connection (via IKEv2) works, rasdial doesn't need the username and password as parameters.
But if your situation is different, there are ways to avoid the plain text password in the script:
This article explains how to encrypt and save text using Powershell: https://www.pdq.com/blog/secure-password-with-powershell-encrypting-credentials-part-1/
To summarize: using the function ConvertTo-SecureString you can encrypt text in such a way that only (processes running under) the same user, on the same machine can decrypt it. Which isn't perfectly secure, but better than plain text.
The powershell command to encrypt and save "MyP@ssword1" to a file would be:
"MyP@ssword1" | ConvertTo-SecureString -AsPlainText -Force | ConvertFrom-SecureString | Out-File "C:\path to\your\Password.txt"
And here you'll find how to read and decrypt the password again:
https://stackoverflow.com/a/19950628/4602253
This is an awesome answer save for one thing 5.3 you could do to show the format for that step. – Martin Barker – 2018-07-26T10:27:34.077
1@MartinBarker I know, I've been thinking about it every time I see the answer. – Mikael Dúi Bolinder – 2018-07-26T12:38:46.923
1There should be an option to fav/star an answer instead of the question itself. Thank you for this. – Francisco Zarabozo – 2018-10-13T18:13:06.513