added synopsis and domain option for VM

Author: PowerShellCrack

CHANGELOG.md

@@ -1,5 +1,12 @@
 # Change log for AzureSite2SiteVPNLab
 
+## 1.4.0 - January 17, 2022
+
+- Fixed vyos setup script output; was out putting blank file in step 2
+- Added synopsis to each script; provide steps taken and parameters
+- Add OStype parameter to simple Azure VM script; allow Windows 10 or Windows Server deployment
+- Added domain join capability for VM; domain controller must exist
+
 ## 1.3.9 - January 13, 2022
 
 - check vNet for subnets; ensure vNet has required subnets added if vNet is already provisioned

Step 3A. Build Azure Simple S2S.ps1

@@ -1,3 +1,28 @@
+<#
+    .SYNOPSIS
+        Sets up Site 2 Site VPN in Azure
+
+    .DESCRIPTION
+        Sets up Site 2 Site VPN in Azure with 1 gateway and subnet (no hub and spoke)
+
+    .NOTES
+        1. Gets new share key
+        2. Retrieves VyOS external IP
+        3. Create a resource group
+        4. Build subnets configurations
+        5. Create the VNet; bind subnets
+        6. Attach gateway to vnet
+        7. Create the local network gateway
+        8. Create a Public IP address
+        9. Attaches public IP to gateway
+        10. Create the Virtual Network Gateway
+        11. Create the local network gateway
+        12. Create the VPN connection
+        13. Build VyOS VPN Configuration
+        14. Applies VyOS configurations
+        15. Check VPN connection
+#>
+
 $ErrorActionPreference = "Stop"
 #Requires -Modules Az.Accounts,Az.Resources,Az.Network
 Set-Item Env:\SuppressAzurePowerShellBreakingChangeWarnings "true" | Out-Null
@@ -166,7 +191,7 @@ Else{
 }
 #endregion
 
-#region 7. make the gateway
+#region 7. Attaches public IP to gateway
 If( $subnet = Get-AzVirtualNetworkSubnetConfig -Name 'GatewaySubnet' -VirtualNetwork $vNet -ErrorAction SilentlyContinue )
 {
     Write-host ("Attaching Azure public IP [{0}] to gateway subnet [{1}]..." -f $AzureSimpleConfig.PublicIpName, 'GatewaySubnet') -ForegroundColor White -NoNewline
@@ -186,7 +211,7 @@ Else{
 }
 #endregion
 
-#region 8. Create the VPN gateway
+#region 8. Create the Virtual Network Gateway
 #Check to see if public IP is attached to VNG
 If( -Not(Get-AzVirtualNetworkGateway -Name $AzureSimpleConfig.VnetGatewayName -ResourceGroupName $AzureSimpleConfig.ResourceGroupName -ErrorAction SilentlyContinue).IpConfigurations.PublicIpAddress.id )
 {
@@ -211,7 +236,7 @@ Else{
 }
 #endregion
 
-#region 9. Create the Virtual Network Gateway
+#region 9. Create the Local Network Gateway
 If( -Not($Local = Get-AzLocalNetworkGateway -Name $AzureSimpleConfig.LocalGatewayName -ResourceGroupName $AzureSimpleConfig.ResourceGroupName -ErrorAction SilentlyContinue) )
 {
     Write-host ("Building the local network gateway [{0}]..." -f $AzureSimpleConfig.LocalGatewayName) -ForegroundColor White -NoNewline

Step 3B-1. Build Azure Advanced S2S - Region 1.ps1

@@ -1,3 +1,26 @@
+<#
+    .SYNOPSIS
+        Sets up Site 2 Site VPN in Azure in Region 1
+
+    .DESCRIPTION
+        Sets up Site 2 Site VPN in Azure Region 1 using hub and spoke design
+
+    .NOTES
+        1. Gets new share key
+        2. Retrieves VyOS external IP
+        3. Create a resource group
+        3. Create virtual network A (Hub) with gateway
+        4. Create virtual network B (Spoke)
+        5. Build Peering between vnets
+        6. Create a Public IP address
+        7. attach public ip to gateway
+        8. Create the VPN gateway
+        9. Create the local network gateway
+        10. Create the VPN connection
+        11. Build VyOS VPN Configuration
+        12. Applies VyOS configurations
+        13. Check VPN connection
+#>
 $ErrorActionPreference = "Stop"
 #Requires -Modules Az.Accounts,Az.Resources,Az.Network
 Set-Item Env:\SuppressAzurePowerShellBreakingChangeWarnings "true" | Out-Null

Step 3B-2. Build Azure Advanced S2S - Region 2.ps1

@@ -1,3 +1,26 @@
+<#
+    .SYNOPSIS
+        Sets up Site 2 Site VPN in Azure in Region 2
+
+    .DESCRIPTION
+        Sets up Site 2 Site VPN in Azure Region 2 using hub and spoke design
+
+    .NOTES
+        1. Gets new share key
+        2. Retrieves VyOS external IP
+        3. Create a resource group
+        3. Create virtual network A (Hub) with gateway
+        4. Create virtual network B (Spoke)
+        5. Build Peering between vnets
+        6. Create a Public IP address
+        7. attach public ip to gateway
+        8. Create the VPN gateway
+        9. Create the local network gateway
+        10. Create the VPN connection
+        11. Build VyOS VPN Configuration
+        12. Applies VyOS configurations
+        13. Check VPN connection
+#>
 $ErrorActionPreference = "Stop"
 #Requires -Modules Az.Accounts,Az.Resources,Az.Network
 Set-Item Env:\SuppressAzurePowerShellBreakingChangeWarnings "true" | Out-Null

Step 3B-3. Connect Azure Advanced S2S Regions.ps1

@@ -1,3 +1,16 @@
+<#
+    .SYNOPSIS
+        Connect Azure vnet to Azure vnets
+
+    .DESCRIPTION
+        Connect Azure Region 1 vnet and Region 2 vnet using VPN gateway
+
+    .NOTES
+        1. Get Region 1 gateway
+        2. Get Region 2 gateway
+        3. Building site-2-site VPN gateway connection to second Azure tenant gateway
+        4. Building site-2-site VPN gateway connection to first Azure tenant gateway
+#>
 $ErrorActionPreference = "Stop"
 #Requires -Modules Az.Accounts,Az.Resources,Az.Network
 Set-Item Env:\SuppressAzurePowerShellBreakingChangeWarnings "true" | Out-Null

Step 3C. Attach Azure S2S to Existing Network.ps1

@@ -1,3 +1,80 @@
+<#
+    .SYNOPSIS
+        Sets up Site 2 Site VPN using existing Azure network
+
+    .DESCRIPTION
+        Sets up Site 2 Site VPN using existing Azure network
+
+    .NOTES
+        1. Gets new share key
+        2. Retrieves VyOS external IP
+        3. Grab the resource group
+        3. Find Virtual network
+        4. Create the VNet
+        5. Attach gateway to vnet
+        6. Create the local network gateway
+        7. Create a Public IP address
+        8. make the gateway
+        9. Create the VPN gateway
+        10. Create the Virtual Network Gateway
+        11. Create the VPN connection
+        12. Remove Public IP (optional)
+        13. Creating a new NSG (optional)
+        14. Enabled Autoshutdown on VM's (optional)
+        15. Create the VPN connection
+        16. Build VyOS VPN Configuration
+        17. Applies VyOS configurations
+        18. Check VPN connection
+
+    .PARAMETER Prefix
+    STRING
+
+    .PARAMETER ResourceGroup
+    MANDATORY
+
+    .PARAMETER VirtualNetwork
+    MANDATORY
+
+    .PARAMETER DnsIp
+    MANDATORY
+
+    .PARAMETER RemovePublicIps
+    SWITCH
+
+    .PARAMETER AttachNsg
+    SWITCH
+
+    .PARAMETER EnableVMAutoShutdown
+    SWITCH
+
+    .PARAMETER Force
+    SWITCH
+
+    .EXAMPLE
+
+    & '.\Step 3C. Attach Azure S2S to Existing Network.ps1' -Prefix 'contoso' -ResourceGroup 'mecmcb-arm-rg' -VirtualNetwork 'contoso-vnet' -DnsIp '10.120.0.1'
+
+    RESULT: Build a VPN connection to existing virtual network with prefix of contoso
+
+    .EXAMPLE
+
+    & '.\Step 3C. Attach Azure S2S to Existing Network.ps1' -Prefix 'contoso' -ResourceGroup 'mecmcb-arm-rg' -VirtualNetwork 'contoso-vnet' -DnsIp '10.120.0.1' -RemovePublicIps -AttachNsg
+
+    RESULT: Build a VPN connection to existing network with prefix of contoso while removing all other attached public ip and adds an Network Security Gateway for VMs on vnet
+
+    .EXAMPLE
+
+    & '.\Step 3C. Attach Azure S2S to Existing Network.ps1' -Prefix 'contoso' -ResourceGroup 'mecmcb-arm-rg' -VirtualNetwork 'contoso-vnet' -DnsIp '10.120.0.1' -EnableVMAutoShutdown
+
+    RESULT: Build a VPN connection to existing network with prefix of contoso and enabled autoshutdown for all VM's
+
+    .EXAMPLE
+
+    & '.\Step 3C. Attach Azure S2S to Existing Network.ps1' -Prefix 'contoso' -ResourceGroup 'mecmcb-arm-rg' -VirtualNetwork 'contoso-vnet' -DnsIp '10.120.0.1' -Force
+
+    RESULT: Build a VPN connection to existing network with prefix of contoso and Rebuilds vyos router's VPN settings
+#>
+[CmdletBinding()]
 Param(
     [string]$Prefix,
 
@@ -66,6 +143,7 @@ Param(
 $Prefix='contoso'
 $ResourceGroup='mecmcb-arm-rg'
 $VirtualNetwork='contoso-vnet'
+$DnsIp='10.120.0.1'
 #>
 
 $ErrorActionPreference = "Stop"