Jamf Nation Community

Is this possible with the built-in VPN client?

@PhillyPhoto

You cannot trigger the built in VPN via GUI from the login window, but you can do it via command line. Perhaps you could create a launchd script to attempt the following command:

sudo networksetup -connectpppoeservice "[vpn connection name here]"

... must be executed as root.

In fact... here is a LaunchDaemon:

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
    <key>Label</key>
    <string>com.openskycorp.vpnatboot</string>
    <key>LaunchOnlyOnce</key>
    <true/>
    <key>ProgramArguments</key>
    <array>
        <string>sh</string>
        <string>-c</string>
        <string>sleep 30;/usr/sbin/networksetup -connectpppoeservice &quot;vpn connection name here&quot;</string>
    </array>
    <key>RunAtLoad</key>
    <true/>
</dict>
</plist>

Edit the above to replace the string "vpn connection name here" with your actual VPN connection name. Leave the '"'s in there.

I was able to get this to work, but had to sleep the command first, to give the network stack a chance to load and pick up an IP address before attempting to connect. I think a smarter way to go about it is to write a script that will loop a connectivity test to an outside server, and then run the connectpppoeservice command after it has assured connectivity to the outside world, then just call that script from the launchdaemon instead of putting the logic right in the launchdaemon. Don't have time to get that detailed though. Best to you!