-
-
Save kaleksandrov/3cfee92845a403da995e7e44ba771183 to your computer and use it in GitHub Desktop.
| #!/bin/bash | |
| case $# in | |
| 0) | |
| echo "Usage: $0 {start|stop}" | |
| exit 1 | |
| ;; | |
| 1) | |
| case $1 in | |
| start) | |
| echo "Starting GlobalProtect..." | |
| launchctl load /Library/LaunchAgents/com.paloaltonetworks.gp.pangpa.plist | |
| launchctl load /Library/LaunchAgents/com.paloaltonetworks.gp.pangps.plist | |
| echo "Done!" | |
| ;; | |
| stop) | |
| echo "Stopping GlobalProtect..." | |
| launchctl remove com.paloaltonetworks.gp.pangps | |
| launchctl remove com.paloaltonetworks.gp.pangpa | |
| echo "Done!" | |
| ;; | |
| *) | |
| echo "'$1' is not a valid verb." | |
| echo "Usage: $0 {start|stop}" | |
| exit 2 | |
| ;; | |
| esac | |
| ;; | |
| *) | |
| echo "Too many args provided ($#)." | |
| echo "Usage: $0 {start|stop}" | |
| exit 3 | |
| ;; | |
| esac |
Hi, Friends.
I found that none of the above worked for me on MacOS Ventura 13.2.1 running GlobalProtect 6.0.5, so I created a simple script that does.
Perhaps I am different in that I have also disabled the underlying system LaunchDaemon service (pangpsd) when this thing is not running because I like to know what's happening on my machine at all times, to the best extent possible. I have no Login Items enabled and modified the plists directly with a text editor to keep them from launching on startup.
This quick script is part of my ~/.bash_profile and invoked by calling vpn on the command line and will start the requisite services, and then launch GlobalProtect. If you have a different install location, you may need to change the open -a /Applications/GlobalProtect.app line to the appropriate directory.
To quit, vpn unload will stop and disable all services and kill the app as well. Errors are suppressed, with the routing > /dev/null 2>&1 because I don't care if the shutdown process isn't clean. Your milage may vary.
vpn() {
if [ "$1" = "unload" ]; then
launchctl bootout gui/$(id -u) /Library/LaunchAgents/com.paloaltonetworks.gp.pangpa.plist > /dev/null 2>&1
launchctl bootout gui/$(id -u) /Library/LaunchAgents/com.paloaltonetworks.gp.pangps.plist > /dev/null 2>&1
launchctl bootout gui/$(id -u) /Library/LaunchDaemons/com.paloaltonetworks.gp.pangpsd.plist > /dev/null 2>&1
PID="$(launchctl list | grep palo | cut -f 1)"
kill $PID
echo "VPN unloaded"
else
launchctl bootstrap gui/$(id -u) /Library/LaunchAgents/com.paloaltonetworks.gp.pangpa.plist
launchctl bootstrap gui/$(id -u) /Library/LaunchAgents/com.paloaltonetworks.gp.pangps.plist
launchctl bootstrap gui/$(id -u) /Library/LaunchDaemons/com.paloaltonetworks.gp.pangpsd.plist
open -a /Applications/GlobalProtect.app
fi
}
Is there a way to fill in your 2FA code when prompted for this when connecting to a specific VPN portal?
Is there a way to fill in your 2FA code when prompted for this when connecting to a specific VPN portal?
This script doesn't supports this. All it does is to register/unregister the global protect application as an autostart service. It doesn't use any global protect API.
@kaleksandrov thank you, I understand that. However, do you think it would be possible, seeing that some of the scripts above are using the click functionality?
This is a easier version that works for me in macOS Sonoma
vpn() {
if [ "$1" = "stop" ]; then
launchctl bootout gui/$(id -u) /Library/LaunchAgents/com.paloaltonetworks.gp.pangps.plist > /dev/null 2>&1
launchctl bootout gui/$(id -u) /Library/LaunchAgents/com.paloaltonetworks.gp.pangpa.plist > /dev/null 2>&1
echo "VPN unloaded"
elif [ "$1" = "start" ]; then
#statements
launchctl bootstrap gui/$(id -u) /Library/LaunchAgents/com.paloaltonetworks.gp.pangps.plist
launchctl bootstrap gui/$(id -u) /Library/LaunchAgents/com.paloaltonetworks.gp.pangpa.plist
echo "VPN loaded"
fi
}
I adapted the script to kill globalprotect icon in tray on stop and open globalprotect app when start :
# Add the function below to your .zsh_env or .bash_profile
# Usage : globalprotect start or globalprotect stop
globalprotect() {
if [ "$1" = "stop" ]; then
launchctl bootout gui/$(id -u) /Library/LaunchAgents/com.paloaltonetworks.gp.pangps.plist > /dev/null 2>&1
launchctl bootout gui/$(id -u) /Library/LaunchAgents/com.paloaltonetworks.gp.pangpa.plist > /dev/null 2>&1
PID="$(launchctl list | grep palo | cut -f 1)"
# Kill the processes IDs only if found
if [ ! -z "$PID" ]; then
kill -9 $PID
fi
echo "VPN unloaded"
elif [ "$1" = "start" ]; then
launchctl bootstrap gui/$(id -u) /Library/LaunchAgents/com.paloaltonetworks.gp.pangps.plist
launchctl bootstrap gui/$(id -u) /Library/LaunchAgents/com.paloaltonetworks.gp.pangpa.plist
open -a /Applications/GlobalProtect.app
echo "VPN loaded"
fi
}
Here is what I modified it to , check for connection state after every 30 minutes(you can modify this ) and then connect again