Script cisco anyconnect VPN connection

mpole · ‎06-14-2008

Hi,

I'm trying to figure out how to script a VPN connection using Cisco AnyConnect VPN client so that you dont need to enter group, username and password.

I've been trying with the vpncli.exe command but with no luck.

Any help would be much appreciated!

hadbou · ‎06-19-2008

To minimize download time, the AnyConnect client requests downloads (from the security appliance) only of core modules that it needs for each feature that it supports. To enable new features, such as Start Before Logon (SBL), you must specify the module name using the svc modules command from group policy webvpn or username webvpn configuration mode:

[no] svc modules {none | value string}

The string for SBL is vpngina

whisperwind · ‎07-14-2008

I have always set things like the vpn group / static ip address and such for users in the ASA CLI, specifically in the attributes section, see below:

username VPNUSER attributes

vpn-filter value VPN-GROUP

MARK BAKER · ‎08-27-2008

The username should show the last username that was used. I'm not sure about the password though. I have the group assigned by a RADIUS attribute. I believe it is class 25. I actually had this already configured when using the VPN3000 and IPSec. Once I configured AnyConnect support it also was able to map the group using the already configured RADIUS attribute. I don't know if you are using RADIUS or not, but thought I would add this just in case. FYI..The user does not see a group selection box either. They are forced to the correct group transparently.

Gerard Roy · ‎09-04-2008

Anyone get this to work? I need to script the vpncli.exe to connect and login without user intervention. Problem is I cannot pass the username and password to the vpncli.exe. It needs to be automated. The entire process would be to fire off vpn, login, fire off pcanywhere and download some files. Once complete close pcanywhere and then tear down vpn. Anyone has a script that does something similar?