Add VPN configuration tools and agent documentation

Created comprehensive VPN setup tooling for Peaceful Spirit L2TP/IPsec connection
and enhanced agent documentation framework.

VPN Configuration (PST-NW-VPN):
- Setup-PST-L2TP-VPN.ps1: Automated L2TP/IPsec setup with split-tunnel and DNS
- Connect-PST-VPN.ps1: Connection helper with PPP adapter detection, DNS (192.168.0.2), and route config (192.168.0.0/24)
- Connect-PST-VPN-Standalone.ps1: Self-contained connection script for remote deployment
- Fix-PST-VPN-Auth.ps1: Authentication troubleshooting for CHAP/MSChapv2
- Diagnose-VPN-Interface.ps1: Comprehensive VPN interface and routing diagnostic
- Quick-Test-VPN.ps1: Fast connectivity verification (DNS/router/routes)
- Add-PST-VPN-Route-Manual.ps1: Manual route configuration helper
- vpn-connect.bat, vpn-disconnect.bat: Simple batch file shortcuts
- OpenVPN config files (Windows-compatible, abandoned for L2TP)

Key VPN Implementation Details:
- L2TP creates PPP adapter with connection name as interface description
- UniFi auto-configures DNS (192.168.0.2) but requires manual route to 192.168.0.0/24
- Split-tunnel enabled (only remote traffic through VPN)
- All-user connection for pre-login auto-connect via scheduled task
- Authentication: CHAP + MSChapv2 for UniFi compatibility

Agent Documentation:
- AGENT_QUICK_REFERENCE.md: Quick reference for all specialized agents
- documentation-squire.md: Documentation and task management specialist agent
- Updated all agent markdown files with standardized formatting

Project Organization:
- Moved conversation logs to dedicated directories (guru-connect-conversation-logs, guru-rmm-conversation-logs)
- Cleaned up old session JSONL files from projects/msp-tools/
- Added guru-connect infrastructure (agent, dashboard, proto, scripts, .gitea workflows)
- Added guru-rmm server components and deployment configs

Technical Notes:
- VPN IP pool: 192.168.4.x (client gets 192.168.4.6)
- Remote network: 192.168.0.0/24 (router at 192.168.0.10)
- PSK: rrClvnmUeXEFo90Ol+z7tfsAZHeSK6w7
- Credentials: pst-admin / 24Hearts$

Files: 15 VPN scripts, 2 agent docs, conversation log reorganization,
guru-connect/guru-rmm infrastructure additions

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>

projects/msp-tools/guru-rmm/agent/deploy/glaztech-slc/install.ps1

@@ -0,0 +1,199 @@
+# GuruRMM Agent Installer
+# Client: Glaztech Industries
+# Site: SLC - Salt Lake City
+# Compatible with: Windows 7 SP1+ / PowerShell 2.0+
+
+$ErrorActionPreference = "Stop"
+
+# Get script directory (works on all PowerShell versions including 2.0)
+$ScriptDir = Split-Path -Parent $MyInvocation.MyCommand.Definition
+if (-not $ScriptDir) { $ScriptDir = (Get-Location).Path }
+
+$InstallPath = "C:\Program Files\GuruRMM"
+$ConfigPath = "C:\ProgramData\GuruRMM"
+$ServiceName = "GuruRMMAgent"
+
+Write-Host "GuruRMM Agent Installer" -ForegroundColor Cyan
+Write-Host "========================" -ForegroundColor Cyan
+Write-Host "Client: Glaztech Industries"
+Write-Host "Site: SLC - Salt Lake City"
+Write-Host ""
+
+# Check for admin privileges
+$isAdmin = ([Security.Principal.WindowsPrincipal][Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole]"Administrator")
+if (-not $isAdmin) {
+    Write-Host "ERROR: Please run as Administrator" -ForegroundColor Red
+    Write-Host "Right-click PowerShell and select 'Run as Administrator'"
+    exit 1
+}
+
+# Check Windows version
+$osVersion = [Environment]::OSVersion.Version
+Write-Host "Detected Windows version: $($osVersion.Major).$($osVersion.Minor)" -ForegroundColor Gray
+if ($osVersion.Major -lt 6 -or ($osVersion.Major -eq 6 -and $osVersion.Minor -lt 1)) {
+    Write-Host "ERROR: Windows 7 SP1 or later is required" -ForegroundColor Red
+    exit 1
+}
+
+# Enable TLS 1.2 on Windows 7/8/8.1 if needed (required for secure connections)
+# Windows 10+ has TLS 1.2 enabled by default
+if ($osVersion.Major -eq 6) {
+    Write-Host "Checking TLS 1.2 support..." -ForegroundColor Gray
+
+    $tls12Path = "HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2"
+    $tls12ClientPath = "$tls12Path\Client"
+    $needsReboot = $false
+
+    # Check if TLS 1.2 Client key exists and is enabled
+    $tls12Enabled = $false
+    try {
+        if (Test-Path $tls12ClientPath) {
+            $enabled = Get-ItemProperty -Path $tls12ClientPath -Name "Enabled" -ErrorAction SilentlyContinue
+            $disabled = Get-ItemProperty -Path $tls12ClientPath -Name "DisabledByDefault" -ErrorAction SilentlyContinue
+            if ($enabled.Enabled -eq 1 -and $disabled.DisabledByDefault -eq 0) {
+                $tls12Enabled = $true
+            }
+        }
+    } catch {}
+
+    if (-not $tls12Enabled) {
+        Write-Host "Enabling TLS 1.2 for secure connections..." -ForegroundColor Yellow
+
+        # Create protocol keys if they don't exist
+        if (-not (Test-Path $tls12Path)) {
+            New-Item -Path $tls12Path -Force | Out-Null
+        }
+        if (-not (Test-Path $tls12ClientPath)) {
+            New-Item -Path $tls12ClientPath -Force | Out-Null
+        }
+
+        # Enable TLS 1.2 for client connections
+        New-ItemProperty -Path $tls12ClientPath -Name "Enabled" -Value 1 -PropertyType DWORD -Force | Out-Null
+        New-ItemProperty -Path $tls12ClientPath -Name "DisabledByDefault" -Value 0 -PropertyType DWORD -Force | Out-Null
+
+        # Also create Server keys for completeness
+        $tls12ServerPath = "$tls12Path\Server"
+        if (-not (Test-Path $tls12ServerPath)) {
+            New-Item -Path $tls12ServerPath -Force | Out-Null
+        }
+        New-ItemProperty -Path $tls12ServerPath -Name "Enabled" -Value 1 -PropertyType DWORD -Force | Out-Null
+        New-ItemProperty -Path $tls12ServerPath -Name "DisabledByDefault" -Value 0 -PropertyType DWORD -Force | Out-Null
+
+        # Enable TLS 1.2 in WinHTTP (for .NET and other apps)
+        $winHttpPath = "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WinHttp"
+        try {
+            if (-not (Test-Path $winHttpPath)) {
+                New-Item -Path $winHttpPath -Force | Out-Null
+            }
+            # 0x800 = TLS 1.2
+            New-ItemProperty -Path $winHttpPath -Name "DefaultSecureProtocols" -Value 0x800 -PropertyType DWORD -Force | Out-Null
+        } catch {}
+
+        # Also for 64-bit on 32-bit keys
+        $winHttp64Path = "HKLM:\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\WinHttp"
+        try {
+            if (Test-Path "HKLM:\SOFTWARE\Wow6432Node") {
+                if (-not (Test-Path $winHttp64Path)) {
+                    New-Item -Path $winHttp64Path -Force | Out-Null
+                }
+                New-ItemProperty -Path $winHttp64Path -Name "DefaultSecureProtocols" -Value 0x800 -PropertyType DWORD -Force | Out-Null
+            }
+        } catch {}
+
+        Write-Host "  TLS 1.2 enabled successfully" -ForegroundColor Green
+        $needsReboot = $true
+    } else {
+        Write-Host "  TLS 1.2 already enabled" -ForegroundColor Gray
+    }
+
+    if ($needsReboot) {
+        Write-Host "  NOTE: A reboot may be required for TLS changes to take effect" -ForegroundColor Yellow
+    }
+}
+
+# Stop existing service if running
+$service = $null
+try { $service = Get-Service -Name $ServiceName -ErrorAction SilentlyContinue } catch {}
+if ($service) {
+    Write-Host "Stopping existing service..." -ForegroundColor Yellow
+    try { Stop-Service -Name $ServiceName -Force -ErrorAction SilentlyContinue } catch {}
+    Start-Sleep -Seconds 3
+}
+
+# Create install directory
+Write-Host "Creating install directory: $InstallPath" -ForegroundColor Green
+if (-not (Test-Path $InstallPath)) {
+    New-Item -ItemType Directory -Path $InstallPath -Force | Out-Null
+}
+
+# Create config directory
+Write-Host "Creating config directory: $ConfigPath" -ForegroundColor Green
+if (-not (Test-Path $ConfigPath)) {
+    New-Item -ItemType Directory -Path $ConfigPath -Force | Out-Null
+}
+
+# Verify source files exist
+if (-not (Test-Path "$ScriptDir\gururmm-agent.exe")) {
+    Write-Host "ERROR: gururmm-agent.exe not found in $ScriptDir" -ForegroundColor Red
+    exit 1
+}
+if (-not (Test-Path "$ScriptDir\agent.toml")) {
+    Write-Host "ERROR: agent.toml not found in $ScriptDir" -ForegroundColor Red
+    exit 1
+}
+
+# Copy files
+Write-Host "Copying agent files..." -ForegroundColor Green
+Write-Host "  Source: $ScriptDir" -ForegroundColor Gray
+Copy-Item -Path "$ScriptDir\gururmm-agent.exe" -Destination "$InstallPath\gururmm-agent.exe" -Force
+Copy-Item -Path "$ScriptDir\agent.toml" -Destination "$ConfigPath\agent.toml" -Force
+
+Write-Host "  Binary: $InstallPath\gururmm-agent.exe" -ForegroundColor Gray
+Write-Host "  Config: $ConfigPath\agent.toml" -ForegroundColor Gray
+
+# Install Windows service
+Write-Host "Installing Windows service..." -ForegroundColor Green
+$installResult = & "$InstallPath\gururmm-agent.exe" install 2>&1
+if ($LASTEXITCODE -ne 0) {
+    Write-Host "Service installation output:" -ForegroundColor Yellow
+    Write-Host $installResult
+}
+
+# Wait for service to register
+Start-Sleep -Seconds 2
+
+# Start the service
+Write-Host "Starting service..." -ForegroundColor Green
+$startResult = & "$InstallPath\gururmm-agent.exe" start 2>&1
+if ($LASTEXITCODE -ne 0) {
+    Write-Host "Service start output:" -ForegroundColor Yellow
+    Write-Host $startResult
+}
+
+# Verify service status
+Start-Sleep -Seconds 3
+$service = $null
+try { $service = Get-Service -Name $ServiceName -ErrorAction SilentlyContinue } catch {}
+
+if ($service -and $service.Status -eq "Running") {
+    Write-Host ""
+    Write-Host "========================================" -ForegroundColor Green
+    Write-Host "SUCCESS: GuruRMM Agent installed and running!" -ForegroundColor Green
+    Write-Host "========================================" -ForegroundColor Green
+    Write-Host ""
+    Write-Host "Site Code: DARK-GROVE-7839" -ForegroundColor Cyan
+    Write-Host ""
+    Write-Host "Useful commands:" -ForegroundColor White
+    Write-Host "  Status:    $InstallPath\gururmm-agent.exe status"
+    Write-Host "  Stop:      $InstallPath\gururmm-agent.exe stop"
+    Write-Host "  Start:     $InstallPath\gururmm-agent.exe start"
+    Write-Host "  Uninstall: $InstallPath\gururmm-agent.exe uninstall"
+} elseif ($service) {
+    Write-Host ""
+    Write-Host "WARNING: Service installed but status is: $($service.Status)" -ForegroundColor Yellow
+    Write-Host "Check logs in Event Viewer > Windows Logs > Application"
+} else {
+    Write-Host ""
+    Write-Host "WARNING: Service may not have installed correctly" -ForegroundColor Yellow
+    Write-Host "Try running manually: $InstallPath\gururmm-agent.exe status"
+}