30 lines
973 B
Markdown
30 lines
973 B
Markdown
|
# Always on Openconnect VPN
|
||
|
|
|
||
|
|
This script uses Openconnect to automatically connect to Cisco Anyconnect VPN server.
|
||
|
|
|
||
|
|
Server address, username, password and 2fa seed is stored in macOS keychain. Feel free to remove them and ask for user input instead.
|
||
|
|
|
||
|
|
Additionaly routing for only specific subnets can be set up in `routing.sh`
|
||
|
|
|
||
|
|
## Setup
|
||
|
|
|
||
|
|
```
|
||
|
|
git clone this repo
|
||
|
|
brew install openconnect
|
||
|
|
```
|
||
|
|
|
||
|
|
Add server address, username, password and 2fa seed in keychain with these names:
|
||
|
|
* `Openconnect VPN Server`
|
||
|
|
* `Openconnect Username`
|
||
|
|
* `Openconnect Account Password`
|
||
|
|
* `Openconnect TOTP Seed`
|
||
|
|
|
||
|
|
_For ease of use you can allow automatic keychain access to some of the attributs, but_ **do not allow automatic access to password and especially the 2fa seed**. _It will keep it in memory as long as the script is running._
|
||
|
|
|
||
|
|
## Usage
|
||
|
|
|
||
|
|
```
|
||
|
|
sudo ./run-vpn.sh
|
||
|
|
```
|
||
|
|
|
||
|
|
In case of disconnect, it will try reconnecting after 3 seconds. You can stop it by pressing `CTRL+C` or killing the script.
|