How do can script a client VPN session

Unanswered Question
Jun 3rd, 2008

I have a need to automate a client VPN connection from within my application. I currently launch the client, but I would prefer to automate the complete login and logout. Does anyone know if there is a CLI available to do this? Alternatively, I found reference to a VPN API available, however, I can not find any documentation for this API on the Cisco site - not sure if this is a public API. The API may be the preferred method assuming it provides a callback mechanism for my application to present status and error information to the user.

Thank you in advance for any help.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
t.fortmann Mon, 06/09/2008 - 08:25

Running config? I'm not sure I follow - is there a server side configuration option that impacts a connected Mac notebook's ability to script the VPNClient connect process?

Farrukh Haroon Mon, 06/09/2008 - 18:32

But do you realize the security implications of this? Like a stolen laptop etc?

After all this is one of the primary reasons X-auth was invented....

Regards

Farrukh

t.fortmann Tue, 06/10/2008 - 05:19

I do understand the security implications. I'm not looking to store the user's credentials. I just want to make use of the Mac OS X vpnclient.framework library to embedded the login prompt in my application.

t.fortmann Tue, 06/10/2008 - 05:42

Yes - Thank you. I found this late last week and it turns out you can execute vpnclient from a bash prompt with these CLI parameters. However, when executing this from within another application you need to either present the user with a terminal window (not pretty) or scrape the output and represent it. I also found that you can execute the binary contained in the Mac VPNClient.app application to script the Cisco GUI. This is the approach I'm using for now, but I really was hoping to use their library to control the whole user experience.

Thanks again for your help. At this point I'm assuming Cisco is not prepared to expose the programming API (despite references to the contrary on some of the Easy VPN Client marketing collateral).

Farrukh Haroon Tue, 06/10/2008 - 12:31

The marketing guys are not always in sync with the techies :)

Anyway I'm sorry I could not help more.

Regards

Farrukh

Actions

This Discussion