-
-
Save andrewh/7135352 to your computer and use it in GitHub Desktop.
| -- 1. Place in ~/Library/Scripts and enable the Applescript menu via the Applescript Editor | |
| -- 2. Substitute "vpn.example.com" and "redacted" for your VPN server and password | |
| -- 3. Open Security & Privacy System Preferences, go to Privacy, Accessibility | |
| -- 4. Enable Applescript Editor and System UI Server | |
| -- 5. Trigger script from the menu | |
| -- 6. Enjoy being connected | |
| tell application "Cisco AnyConnect Secure Mobility Client" | |
| activate | |
| end tell | |
| repeat until application "Cisco AnyConnect Secure Mobility Client" is running | |
| delay 1 | |
| end repeat | |
| tell application "System Events" | |
| repeat until (window 1 of process "Cisco AnyConnect Secure Mobility Client" exists) | |
| delay 1 | |
| end repeat | |
| tell process "Cisco AnyConnect Secure Mobility Client" | |
| keystroke ("vpn.example.com" as string) | |
| keystroke return | |
| end tell | |
| repeat until (window 2 of process "Cisco AnyConnect Secure Mobility Client" exists) | |
| delay 1 | |
| end repeat | |
| tell process "Cisco AnyConnect Secure Mobility Client" | |
| keystroke ("redacted" as string) | |
| keystroke return | |
| end tell | |
| end tell |
You are the greatest
@awhow's one is loads better - https://gist.github.com/awhow/9633290
Also, there is a timing issue - if you set off the script then switch to another app before the password has been typed in, the password will be typed into your current app. Not great if it's during a chat session.
+1
Would be great if password is loaded from keychain
@Lightblade - potential approach here: http://apple.stackexchange.com/a/9517
So I'm automating turning off automatic server selection and no matter the script I apply to the preference button ui can't get the button or the menu, sometimes it says it can't turn a given piece into an integer or it say's it can't get a component Menu bar 1 but in the errors says can't click "C" effectively renaming the component. I'm new to Applescript so if you guys have any ideas it'd be much appreciated!
Hi,
here is one more improvement - Banner window auto acceptance:
-- Waiting for "Cisco AnyConnect - Banner" window
repeat until (window "Cisco AnyConnect - Banner" of process "Cisco AnyConnect Secure Mobility Client" exists)
delay 1
end repeat
click button "Accept" of window "Cisco AnyConnect - Banner" of application process "Cisco AnyConnect Secure Mobility Client"
this is so nice, amazing!
I had to create an app in workflow and added the "launch application " step before the run applescript step to get it to work. This is probably because i couldn't find the scripts folder in /library mentioned in step 1. It shows up via terminal ls command but in the finder it is hidden for some reason. So i just created an application in automator with Launch Application (Cisco Any Connect) > Run Applescript (your script).
But i get this error even though it still works. "the action run applescript encountered an error"
and it only works if the app is completely close from the beginning. Like for example if you lose connection and it disconnects but the app stays open and you want to reconnect, the automator won't do it.
Also, it would be so sweet if after connecting to your vpn (mine is for my college) it could also map to my network drive (also from college). its called "go to server" on mac finder menu under "go". Really nice job though very convenient script.
See https://gist.github.com/halocaridina/ for a forked version that includes Keychain integration for password storage and security.
+1 This is a major frustration reducer and time saver!
This is exactly what I'm looking for! Thanks for sharing!
Great script! Has anybody played with MobilePass, or another token generator to try and automate and pass the password to the script ?
I just love this code from andrewh, so kudos to him. However, on Yosemite, I ran into several problems, so I had to expand the code to cover Two-Step authentication, and UI requirements. First, let me show you the modified code:
-- 1. Substitute "vpn.example.com" and "Your.PWSD" for your VPN server and password
-- 2. Save the modified code as "VPN.applescript" and store it anywhere convenient
-- 3. Double-click the applescript to launch the Script Editor
-- 4. Click the "compile" icon (looks like a hammer)
-- 5. From the File menu, click Save and choose "Applications" from the left-column
-- 6. Choose the "File format" to be an Application
-- 7. Make sure "Save as" at the top is "VPN.app" without the quotes.
-- 8. Click the "Save" button to save the application in /Applications
-- 9. Open Security & Privacy in System Preferences, go to Privacy, Accessibility
--10. Unlock the window. Then drag-drop the application into the window.
--11. Launch the application from the /Applications
global currentstate
on run argv
set theapp to "Cisco AnyConnect Secure Mobility Client"
tell application "VPN"
my checkUI()
if currentstate is false then
return
end if
tell application "Cisco AnyConnect Secure Mobility Client"
activate
end tell
repeat until application "Cisco AnyConnect Secure Mobility Client" is running
delay 1
end repeat
tell application "System Events"
repeat until (window 1 of process theapp exists)
delay 1
end repeat
tell process theapp
keystroke ("vpn.example.com" as string) -- Enter your VPN server name
keystroke return
end tell
repeat until (window 2 of process theapp exists)
delay 1
end repeat
tell process theapp
keystroke ("Your.PSWD" as string) -- Enter your password
keystroke return
end tell
-- Waiting for "Cisco AnyConnect - Banner" window
set cntr to 30 as number
repeat while cntr > 0
set cntr to (cntr - 1)
if (window "Cisco AnyConnect - Banner" of process theapp exists) then
set cntr to 0 as number
click button "Accept" of window "Cisco AnyConnect - Banner" of application process theapp
else
delay 1
end if
end repeat
end tell
end tell
end run
on checkUI()
set currentstate to false
tell application "System Events"
try
set currentstate to UI elements enabled
end try
end tell -- System Events
if (currentstate is false) then
say "UI, disabled" -- UI disabled
return
end if
end checkUI
OK, the -- comments explain what to do. Two things were very important to me. One was that I didn't want to have to run this program from inside the Script Editor. I prefer an actual application in /Applications that I can copy to the Dock. Second, I didn't want an infinite loop waiting for the "Banner", and I couldn't use "with timeout" because the loop used "pause" which conflicts with a timer. So I used a counter to limit the waiting-period to 30 cycles, or about 30 seconds. During those 30 seconds, I have to respond to another window for Two-Step Authentication, and I can be done with that in less than 30 seconds. If your system requires Two-Step, and you don't have a "fob" that can quickly give you a code, then you may need more than 30 cycles. Also, if you abort the VPN login, you may have to Quit your VPN application early. For me, it goes away in 30 seconds anyway.
The hardest part is the UI requirement. You have to add your VPN application to System Preferences -> Security & Privacy. You unlock, if needed, and drag-drop your application into the open window. But here's the rub ... if you recompile the VPN app, or move it, the old information in "Security & Privacy" needs to be deleted, and then you need to drag-drop the VPN app again. Basically, once you have it working, DON'T change it, unless your password or VPN server changes. Good luck.
Unlike the other suggested scripts, this one works for me. Thank you very much. Working from home during COVID-19 got a tiny bit easier.
Hello guys, I finally found a working solution. I'm using Anyconnect VPN secure mobility 4.8
We can use this to connect to Anyconnect with terminal
To connect:
printf 'USERNAME\nPASSWORD\ny' | /opt/cisco/anyconnect/bin/vpn -s connect HOST
Replace USERNAME, PASSWORD, and HOST. The \ny at the end is to accept the login banner - this is specific to my host.
Note the single quotes ' instead of double quotes " - this is because double quotes tell Bash to interpret certain characters within strings, such as exclamation marks, as Bash history commands. Double quotes will make this command fail with an "event not found" error if the password contains an exclamation mark. Single-quoted strings pass exclamation marks along without interpreting them.
To disconnect:
/opt/cisco/anyconnect/bin/vpn disconnect
I've made an alias to bash_profile to those commands
I use zsh so what @shivam13juna was close but not what I needed: I used
export CISCO_USERNAME="..."
export CISCO_PASSWORD="..."
vpn() {
# Any connect can't be running (and doesn't have to be)
kill $(pidof anyconnect) >/dev/null 2>&1
echo "$CISCO_USERNAME\n$CISCO_PASSWORD\ny" | /opt/cisco/anyconnect/bin/vpn -s connect vpn.host.com
}Do note that anyconnect can't be running if this is
Inspired by this thread I made shell script to toggle connection and BetterTouchTool Widget to show connection status and toggle connection on click.
Link to repo: https://github.com/augustplaninsek/vpn-cisco-anyconnect
I couldn't get the banner part to work, but this works at least:
tell application "System Events"
click button "Accept" of window "Cisco AnyConnect - Banner" of application process "Cisco AnyConnect Secure Mobility Client"
end tell
Since i updated Cisco Anyconnect two days ago, it seemed like a major update, this has stopped working. It is not called "Cisco AnyConnect Secure Mobility Client" any longer, it shows it as "Cisco Secure Client " now and the icon changed too. But this was working for me up until my company made me update this software. I think it was mandatory by Cisco. See screenshot of the new VPN icon/dialog box.
I tried renaming wherever "Cisco AnyConnect Secure Mobility Client" was set to "Cisco Secure Client " but in the Script Editor it says UI Disabled when i hit the play button...
Can someone help me out here?
This worked great because i have the password enetered automatically, and then i just click the Yubi key for the 2nd one... now i have to find the first password everyday now, and i had this working for 3 years now... So i hope this can be fixed easily.
Here are the screenshots of the new look of the app and the new app name, which is in version 5.0.00556 of their VPN app:
Thanks in advance!
Cisco Secure Client + M$ auth https://gist.github.com/brozikcz/7c08366243ab953a4e883826d616b5d1
+1