Posted on 12-05-2013 07:08 AM
Hey was just wondering if anyone has used a script to automate VPN setup with OS X's built-in VPN client. I've tried using an Applescript but it kind of works in 10.8 and doesn't work at all in 10.9. The script is very similar to the one found here:
http://blog.affirmix.com/2011/01/12/how-to-configure-a-vpn-in-mac-os-x-usingapplescript/
Wanted to see what everyone else was using (if anything at all). Thanks in advance.
Posted on 12-05-2013 07:18 AM
use a configuration profile
Posted on 12-05-2013 07:28 AM
There are two options that I know of...
1) a .mobileconfig file out of Casper or ProfileManager, installed either over MDM or the bash command "profiles"
2) a complex script using the bash command "networksetup"
Posted on 12-05-2013 07:29 AM
@nessts I would like too but unfortunately it requires a username for authentication which is unique to the user who logs in. I don't have generic credentials to use, which is why I am looking for a scripting solution.
Posted on 12-05-2013 07:41 AM
If you script the installation of the mobileconfig in a package, than the user is provided a system-UI for password entry.
If you are setting it up at imaging time, than you can store the mobileconfig file somewhere and craft up a LaunchDaemon to install it once there is an active console user.
Either way, root is actually running the script, so password issues at that point become moot.
Posted on 12-05-2013 07:47 AM
Hey Conor long time no talk, using Casper at the new job?
and if you put the vpn icon in the menu bar each user can add their credentials at the time of VPN connection so no need to worry about per user settings either.
Posted on 12-05-2013 07:50 AM
@nessts When you make the configuration profile within the JSS, it's required to enter a username for authentication for a VPN configuration profile. That's what I was referring to, sorry if it was unclear. Otherwise the configuration profile can't be saved and used. Oh and I'm on 8.73.
Posted on 12-05-2013 08:00 AM
so for username put changethis and set the password to a
if you use profile manager there is no requirement for a username and password.
Posted on 12-05-2013 08:01 AM
@perrycj It requires there to be something in the username field, yes, but you can easily use "Enter your username" or some such.
@nessts We have Casper in limited pilot to about 1% of our users. We are hoping to go into production early next year. I can go into more detail offline if you're interested (Rick has my contact info).
Posted on 12-05-2013 08:04 AM
good to hear @c0n0r you will like it much more than Altiris :)
Posted on 12-05-2013 08:12 AM
@nesstss @c0n0r good points ha. I'll try that and report back if it works in our environment. Thanks for the feedback.
Posted on 12-05-2013 08:39 AM
@perrycj you could try: http://macmule.com/2011/12/22/how-to-silently-setup-vpn-on-10-6-10-7/
But i'd really recommend a config profile & use:
$USERNAME
In the username field to grab the username of the logged in user (well logging in user).
Posted on 07-28-2014 05:17 AM
There is also an open source command line tool written in Objective-C which might help you: https://github.com/halo/macosvpn
It pretty much simulates using the Systems Preferences Network pane, only using the native SystemPreferences API. It's also faster than AppleScript.
Posted on 07-28-2014 07:52 AM
I wrote this awhile ago for our corporate vpn's we didn't like the idea of storing the VPN in a script and needed the ability to provide our Infrastructure team a place to swap out shared key's them without getting their hands dirty.
https://github.com/pingidentity/JamfScripts/tree/master/SelfServiceVPNDeployment
Posted on 05-06-2020 06:19 AM
Hi @nessts just wondering about your comment such a long time ago on 12/5/2013 about putting the vpn icon on the he menu bar. Is there a way to do that in an automated way?
Regards,
David
Posted on 05-06-2020 07:44 AM
Sorry @nessts I should have looked more. This conversation covers the vpn icon https://www.jamf.com/jamf-nation/discussions/9745/show-vpn-on-the-menu-bar