-
-
Save kaleksandrov/3cfee92845a403da995e7e44ba771183 to your computer and use it in GitHub Desktop.
#!/bin/bash | |
case $# in | |
0) | |
echo "Usage: $0 {start|stop}" | |
exit 1 | |
;; | |
1) | |
case $1 in | |
start) | |
echo "Starting GlobalProtect..." | |
launchctl load /Library/LaunchAgents/com.paloaltonetworks.gp.pangpa.plist | |
launchctl load /Library/LaunchAgents/com.paloaltonetworks.gp.pangps.plist | |
echo "Done!" | |
;; | |
stop) | |
echo "Stopping GlobalProtect..." | |
launchctl remove com.paloaltonetworks.gp.pangps | |
launchctl remove com.paloaltonetworks.gp.pangpa | |
echo "Done!" | |
;; | |
*) | |
echo "'$1' is not a valid verb." | |
echo "Usage: $0 {start|stop}" | |
exit 2 | |
;; | |
esac | |
;; | |
*) | |
echo "Too many args provided ($#)." | |
echo "Usage: $0 {start|stop}" | |
exit 3 | |
;; | |
esac |
Here is what I modified it to , check for connection state after every 30 minutes(you can modify this ) and then connect again
`➜ ~ cat gp.sh
#!/usr/bin/env bash
osascript <<EOF
tell application "System Events" to tell process "GlobalProtect"
click menu bar item 1 of menu bar 2 -- Activates the GlobalProtect "window" in the menubar
set frontmost to false -- keep window 1 active
tell window 1
-- Find the status
tell (first UI element whose title is "Connect") to if exists then set message to "VPN is connecting now..."
--tell (first UI element whose title is "Disconnect") to if exists then set message to "VPN is connected."
-- Click connect button
tell (first UI element whose title is "Connect") to if exists then click
end tell
click menu bar item 1 of menu bar 2 -- This will close the GlobalProtect "window" after clicking Connect/Disconnect. This is optional.
end tell
EOF
➜ ~ cat com.example.globalprotect.plist
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>Label</key>
<string>com.example.globalprotect</string>
<key>Program</key>
<string>/Users/Aadil.Mir/gp.sh</string>
<key>StartInterval</key>
<integer>1800</integer>
</dict>
</plist>
cp com.example.globalprotect.plist ~/Library/LaunchAgents
launchctl load ~/Library/LaunchAgents/com.example.globalprotect.plist
launchctl unload ~/Library/LaunchAgents/com.example.globalprotect.plist
`
Hi, Friends.
I found that none of the above worked for me on MacOS Ventura 13.2.1 running GlobalProtect 6.0.5, so I created a simple script that does.
Perhaps I am different in that I have also disabled the underlying system LaunchDaemon service (pangpsd
) when this thing is not running because I like to know what's happening on my machine at all times, to the best extent possible. I have no Login Items enabled and modified the plists directly with a text editor to keep them from launching on startup.
This quick script is part of my ~/.bash_profile
and invoked by calling vpn
on the command line and will start the requisite services, and then launch GlobalProtect. If you have a different install location, you may need to change the open -a /Applications/GlobalProtect.app
line to the appropriate directory.
To quit, vpn unload
will stop and disable all services and kill the app as well. Errors are suppressed, with the routing > /dev/null 2>&1
because I don't care if the shutdown process isn't clean. Your milage may vary.
vpn() {
if [ "$1" = "unload" ]; then
launchctl bootout gui/$(id -u) /Library/LaunchAgents/com.paloaltonetworks.gp.pangpa.plist > /dev/null 2>&1
launchctl bootout gui/$(id -u) /Library/LaunchAgents/com.paloaltonetworks.gp.pangps.plist > /dev/null 2>&1
launchctl bootout gui/$(id -u) /Library/LaunchDaemons/com.paloaltonetworks.gp.pangpsd.plist > /dev/null 2>&1
PID="$(launchctl list | grep palo | cut -f 1)"
kill $PID
echo "VPN unloaded"
else
launchctl bootstrap gui/$(id -u) /Library/LaunchAgents/com.paloaltonetworks.gp.pangpa.plist
launchctl bootstrap gui/$(id -u) /Library/LaunchAgents/com.paloaltonetworks.gp.pangps.plist
launchctl bootstrap gui/$(id -u) /Library/LaunchDaemons/com.paloaltonetworks.gp.pangpsd.plist
open -a /Applications/GlobalProtect.app
fi
}
Is there a way to fill in your 2FA code when prompted for this when connecting to a specific VPN portal?
Is there a way to fill in your 2FA code when prompted for this when connecting to a specific VPN portal?
This script doesn't supports this. All it does is to register/unregister the global protect application as an autostart service. It doesn't use any global protect API.
@kaleksandrov thank you, I understand that. However, do you think it would be possible, seeing that some of the scripts above are using the click functionality?
This is a easier version that works for me in macOS Sonoma
vpn() {
if [ "$1" = "stop" ]; then
launchctl bootout gui/$(id -u) /Library/LaunchAgents/com.paloaltonetworks.gp.pangps.plist > /dev/null 2>&1
launchctl bootout gui/$(id -u) /Library/LaunchAgents/com.paloaltonetworks.gp.pangpa.plist > /dev/null 2>&1
echo "VPN unloaded"
elif [ "$1" = "start" ]; then
#statements
launchctl bootstrap gui/$(id -u) /Library/LaunchAgents/com.paloaltonetworks.gp.pangps.plist
launchctl bootstrap gui/$(id -u) /Library/LaunchAgents/com.paloaltonetworks.gp.pangpa.plist
echo "VPN loaded"
fi
}
I adapted the script to kill globalprotect icon in tray on stop and open globalprotect app when start :
# Add the function below to your .zsh_env or .bash_profile
# Usage : globalprotect start or globalprotect stop
globalprotect() {
if [ "$1" = "stop" ]; then
launchctl bootout gui/$(id -u) /Library/LaunchAgents/com.paloaltonetworks.gp.pangps.plist > /dev/null 2>&1
launchctl bootout gui/$(id -u) /Library/LaunchAgents/com.paloaltonetworks.gp.pangpa.plist > /dev/null 2>&1
PID="$(launchctl list | grep palo | cut -f 1)"
# Kill the processes IDs only if found
if [ ! -z "$PID" ]; then
kill -9 $PID
fi
echo "VPN unloaded"
elif [ "$1" = "start" ]; then
launchctl bootstrap gui/$(id -u) /Library/LaunchAgents/com.paloaltonetworks.gp.pangps.plist
launchctl bootstrap gui/$(id -u) /Library/LaunchAgents/com.paloaltonetworks.gp.pangpa.plist
open -a /Applications/GlobalProtect.app
echo "VPN loaded"
fi
}
Update on my version of
toggleGlobalProtectConnection
that broke with the update to GlobalProtect of the last few days(it has duplicate code but it works 🤣)
It's inspired by the previous comments. Thanks to everyone!