Unable to create AWS ClientVPNEndPoint with Powewshell

Ask Question

Asked 2 years ago

Modified 2 years ago

Viewed 24 times

Part of AWS Collective

I would like to create ClientVPNEndPoint by using Powershell module AWSPowerShell.NetCore version 4.1.385 on Windows 10 Pro.

When I run this :

    $serverCertificat = Get-ACMCertificateList | where-object { $_.DomainName -eq "server" } 
    $clientCertificat = Get-ACMCertificateList | where-object { $_.DomainName -eq "client1.domain.tld" } 

    $Authentication = new-object Amazon.EC2.Model.ClientVpnAuthenticationRequest
    $Authentication.Type = Amazon.EC2.ClientVpnAuthenticationType.CertificateAuthentication
    $Authentication.MutualAuthentication = new-object Amazon.EC2.Model.CertificateAuthenticationRequest
    $Authentication.MutualAuthentication.ClientRootCertificateChainArn = $clientCertificat.CertificateArn
    
    New-EC2ClientVpnEndpoint -ClientCidrBlock "10.0.0.0/22" `
                            -ServerCertificateArn $serverCertificat.CertificateArn `
                            -AuthenticationOption @($Authentication) `
                            -DnsServer @("172.31.43.131","172.31.30.194") `
                            -vpcid (Get-EC2VPC).VpcId `
                            -ConnectionLogOptions_Enabled $false

... I got following error

Amazon.EC2.ClientVpnAuthenticationType.CertificateAuthentication: 
Line |
   8 |  … tion.Type = Amazon.EC2.ClientVpnAuthenticationType.CertificateAuthent …
     |                ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     | The term 'Amazon.EC2.ClientVpnAuthenticationType.CertificateAuthentication' is not recognized as a name of a cmdlet, function, script file, or executable program.
Check the spelling of the name, or if a path was included, verify that the path is correct and try again.
New-EC2ClientVpnEndpoint: 
Line |
  12 |  New-EC2ClientVpnEndpoint -ClientCidrBlock "10.0.0.0/22" `
     |  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     | Authentication type is required but is missing in the request

Note 1 : Link to PS function documentation : https://docs.aws.amazon.com/powershell/latest/reference/items/New-EC2ClientVpnEndpoint.html

Note 2 : I have checked PS Module dll and more specifically the Amazon.EC2.ClientVpnAuthenticationType without any help

using System;
using Amazon.Runtime;

namespace Amazon.EC2
{
    // Token: 0x02000032 RID: 50
    public class ClientVpnAuthenticationType : ConstantClass
    {
        // Token: 0x060005C6 RID: 1478 RVA: 0x00012B61 File Offset: 0x00010D61
        public ClientVpnAuthenticationType(string value) : base(value)
        {
        }

        // Token: 0x060005C7 RID: 1479 RVA: 0x00012B6A File Offset: 0x00010D6A
        public static ClientVpnAuthenticationType FindValue(string value)
        {
            return ConstantClass.FindValue<ClientVpnAuthenticationType>(value);
        }

        // Token: 0x060005C8 RID: 1480 RVA: 0x00012B72 File Offset: 0x00010D72
        public static implicit operator ClientVpnAuthenticationType(string value)
        {
            return ClientVpnAuthenticationType.FindValue(value);
        }

        // Token: 0x040000B5 RID: 181
        public static readonly ClientVpnAuthenticationType CertificateAuthentication = new ClientVpnAuthenticationType("certificate-authentication");

        // Token: 0x040000B6 RID: 182
        public static readonly ClientVpnAuthenticationType DirectoryServiceAuthentication = new ClientVpnAuthenticationType("directory-service-authentication");

        // Token: 0x040000B7 RID: 183
        public static readonly ClientVpnAuthenticationType FederatedAuthentication = new ClientVpnAuthenticationType("federated-authentication");
    }
}

edited Nov 17, 2023 at 14:09

asked Nov 17, 2023 at 14:01

Philippe sillon

1,6123 gold badges15 silver badges20 bronze badges

You are missing option -ServerCertificateArn. See : docs.aws.amazon.com/powershell/latest/reference/items/… Also docs.aws.amazon.com/acm/latest/userguide/acm-overview.html

jdweng
– jdweng

2023-11-17 17:30:59 +00:00
Commented Nov 17, 2023 at 17:30
What do you mean ? ServerCertificateArn parameter is the second one when I invoke function New-EC2ClientVpnEndpoint...

Philippe sillon
– Philippe sillon

2023-11-19 02:20:11 +00:00
Commented Nov 19, 2023 at 2:20
You are right. What version of Net is being used. Looks like you may have older version of Net. In version 4.5 your type is defined as a static method. See : docs.aws.amazon.com/sdkfornet/v3/apidocs/items/EC2/…

jdweng
– jdweng

2023-11-19 12:41:50 +00:00
Commented Nov 19, 2023 at 12:41

Add a comment |

0 Your Answer

Sign up or log in

Post as a guest

Name

Required, but never shown

Post as a guest

Name

Required, but never shown

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.

Collectives™ on Stack Overflow

Unable to create AWS ClientVPNEndPoint with Powewshell

0

Your Answer

Hot Network Questions

Collectives™ on Stack Overflow

0

Know someone who can answer? Share a link to this question via email, Twitter, or Facebook.

Your Answer

Sign up or log in

Post as a guest