- OpenConnect on Mac
- Installation
- Starting and stopping
- Run in the background
- Avoiding typing the password
- Scripting to make it easier
- Openconnect mac os ��������� ���������
- About
- Openconnect mac os ��������� ���������
- About
- Zanshin.net
- Setup Openconnect for Mac OS X Lion
- Mark H. Nichols
- Share this post
- Аналоги OpenConnect GUI для Mac OS
- Альтернативы для OpenConnect GUI для Mac OS
- Что в этом списке?
OpenConnect on Mac
One of my clients has recently moved to AnyConnect VPN and I’ve been having routing problems with the official Mac client. As my colleagues on Linux on the project have not had these issues, I investigated and installed the OpenConnect client.
These are my notes after scouring the Internet to set it up how I want it.
Installation
I used Homebrew:
OpenConnect is a CLI tool. If you want a GUI in your menu bar, then also install openconnect-gui. I an not using the GUI as command line works for me.
Starting and stopping
To start the VPN:
(Replace & with the relevant details, of course.)
You can then use ctrl+C to stop it.
To avoid having to type your password for the sudo call each time, we can add a new file to /etc/sudoers.d/ to allow no password for openconnect binary.
This one-liner will do it:
This creates /etc/sudoers.d/openconnect with the relevant config.
Run in the background
Alternatively, you can put openconnect into the background with the --background flag. To stop the VPN, we need to find the pid so that we can kill the process:
This will be useful for scripting it.
Avoiding typing the password
The --passwd-on-stdin flag allows us to pipe the password to openconnect like this:
Clearly we don’t want the password in our history or in our scripts, so we put it in a file such as
This file needs to contain the plain text password and be readable only by the current user:
We can now pipe the output of this file:
/.vpn_password) | sudo openconnect --passwd-on-stdin --user=
We now have a working connection.
Scripting to make it easier
At this point we have enough to write a couple of functions to start and stop the VPN connection.
Place the following into
/.vpn_password) | sudo openconnect --background --passwd-on-stdin --user=$VPN_USER $VPN_HOST
Replace with the correct URL for your VPN and with your VPN username.
Источник
Openconnect mac os ��������� ���������
OpenConnect - OS X/Mac OS GUI Menu Bar for connecting/disconnecting
An easy way to get OpenConnect VPN to have an OS X/Mac OS Menu Bar GUI for:
- quick connecting
- quick disconnect
- status changes (icon)
Full support for multi-factor authentication (especially Duo)!
1. Get the latest BitBar release:
BitBar provides an easy way to put "things" (for output and input) in your OS X/Mac OS Menu Bar.
Just unzip the release in your /Application folder and launch BitBar. It will ask you to create (or select) a folder to use for your scripts.
Obviously make sure you have installed openconnect too 🙂 brew install openconnect
2. Edit the "openconnect.sh" and follow the steps inside to customize:
Make sure you make it executable: chmod 755 openconnect.sh once you download it.
This file is the "script" that interacts with BitBar. Place it in your bitbar scripts folder (I have chosen:
/Documents/bitbar-plugins/), and edit it/follow these steps:
First - Update your sudoers file with:
You can create a /etc/sudoers.d/openconnect file which contains:
Please note that mac-username is not a literal, but the actually the 'whoami' username for OS X/Mac OS.
Second - Make sure your openconnect binary is here:
Third - add your VPN domain and VPN username and set Auth for "push" or "pin"
Finally, create your KeyChain password (to store your VPN password securely):
That's it! Now you can use the GUI to connect and disconnect! (and if you are using Duo - get the 2nd factor push to your phone)
If you have another VPN (ex: OpenVPN), you might already have an 'utun0' interface. Please check with '/sbin/ifconfig'. If that's the case, in step #2 above you need to add:
If you already have an utun0 and an utun1, then you need to change it to the next available, ex: utun2.
In order to make sure this doesn't happen - I've chosen 'utun99'
For help or more info, feel free to contact me or open an issue here!
About
OpenConnect Menu Bar - Connect/Disconnect/Status - for Mac OS X (supports Duo push/sms/phone, or Yubikey, Google Authenticator, Duo, or any TOTP)
Источник
Openconnect mac os ��������� ���������
Cisco VPN for nerds on MacOS and Linux
This is a package containing an OpenConnect configuration script for MacOS that allows you to fully control how the VPN connection is made, which routes are added, and how the DNS are configured.
If you are tired of having all your private traffic go through the corporate VPN, but you need it always up, this script is for you. It is MacOS and brew centric, but if you know your way you can of course make it work with your installation from source.
Create a working directory, say,
/code/openconnect and enter into it
Clone the sources
Create a directory for your VPN
Copy the network configuration script for your OS, and set the INTERNAL_ROUTES variable. For MacOS, if you want to run multiple VPNs, also set the SERVICE_NAME variable to a unique value
Copy the configuration file and set the user , authgroup and script settings. If you want to be prompted for the username, comment out the user setting.
Copy the vpn.sh script and set the VPN_CONF and VPN_CONCENTRATOR variables
Grant yourself rights to start the VPN without password: run sudo visudo and add:
at the end of the file.
Connect the VPN
Use the runner script
or run it manually, as you please
Disconnect the VPN
- Start the VPN straight from the Command Line
- Only DNS requests for the corporate domain are routed through the VPN
- Only corporate traffic is routed through the VPN, for more privacy, security, and reliability.
About
Letting Cisco AnyConnect give back our choice in how to configure our systems
Источник
Zanshin.net
The personal site of Mark H. Nichols.
Setup Openconnect for Mac OS X Lion
Rather than use Cicso’s AnyConnect (which has given me trouble in the past) I have setup Openconnect for VPN access.
Here is a high level set of steps to install and configure it for your use. As always, proceed at your own risk, make a backup, complete your last will and testament, and accept that your computer may overheat and fuse into a worthless pile of slag as a result of following these directions.
##Installs You’ll need openconnect and vpnc-script.
The caveats for openconnect warn you that you’ll need the TUN/TAP kernel extensions. Get TUN/TAP from http://tuntaposx.sourceforge.net/download.html . After running the installer, run
Download vpnc-script. I saved mine to /usr/local/bin/vpnc-script . Make sure the script is executable.
##Configuration You can view the openconnect command options by running
Rather than enter the options each time you want to create a virtual private network, create an openconnect configuration file and put the configuration values you need there.
Here is my .openconnect file:
Fill in your own authgroup and user information.
There is no configuration necessary for vpnc-script.
##Running openconnect With a configuration file in place, here’s how to start a VPN:
If you don’t want to have to enter your local account password for the sudo command, you can add an exception for the openconnect command to /etc/sudoers , like so:
And add this line to the file:
Finally, create an alias for the openconnect command above to make life easier.
Mark H. Nichols
I am a husband, cellist, code prole, nerd, technologist, and all around good guy living and working in fly-over country. You should follow me on Twitter.
Share this post
All content copyright Mark H. Nichols © 1996 - 2021 • All rights reserved.
Made with Jekyll • Governed by these Policies
Источник
Аналоги OpenConnect GUI для Mac OS
OpenConnect GUI - это графический клиент OpenConnect для систем Microsoft Windows (или любой другой системы, на которой работают Qt и OpenConnect). OpenConnect - это VPN-клиент, который использует TLS и DTLS для безопасного установления сеанса и совместим с протоколом Cisco AnyConnect SSL VPN.
В настоящее время клиент находится в стадии бета-тестирования.
Альтернативы для OpenConnect GUI для Mac OS
Android iOS (iPhone / iPad)
Бесплатное программное обеспечение для OpenVPN на OS X и MacOS.
Tunnelblick - это бесплатный графический пользовательский интерфейс с открытым исходным кодом для OpenVPN в OS X и macOS. Он обеспечивает простое управление клиентскими и/или серверными подключениями OpenVPN.
Сделайте работу с VPN проще и безопаснее с помощью усовершенствованной технологии удаленного доступа Cisco .
- Платная Windows Android iPhone Mac OS
Сделайте работу с VPN проще и безопаснее с помощью усовершенствованной технологии удаленного доступа Cisco AnyConnect Secure Mobility Client. Это программное обеспечение основано на предыдущих предложениях Cisco AnyConnect VPN Client, чтобы улучшить взаимодействие VPN с большинством ноутбуков и смартфонов, включая ноутбуки, использующие Microsoft Windows 7.
Что в этом списке?
В списке находится программы которые можно использовать для замены OpenConnect GUI на платформе Mac OS.
Это аналоги похожие по функционалу на OpenConnect GUI, которые заменяют программу частично или полностью. Этот список содержит 2 замены.
С помощью пользователей мы собираем каталог похожих друг на друга программ, чтобы вы могли подобрать альтернативу и скачать их. На сайте можно скачать популярные программы для Windows, Mac Os, Android и iPhone
Источник
