MacOS X Cisco AnyConnect Automation

_vpn_start

#!/usr/bin/osascript

tell application "Cisco AnyConnect Secure Mobility Client" to activate
delay 1
tell application "System Events" to tell process "Cisco AnyConnect Secure Mobility Client"
  key code 36
end tell

tell application "System Events"
  repeat until (exists window "Cisco AnyConnect | VPN KB NONSTANDARD" of application process "Cisco AnyConnect Secure Mobility Client")
    delay 1
  end repeat
end tell

set pwd to do shell script "security find-generic-password -w -s Exchange"

tell application "System Events" to tell process "Cisco AnyConnect Secure Mobility Client"
  keystroke pwd
  key code 36
end tell

_vpn_stop

#!/usr/bin/osascript

tell application "Cisco AnyConnect Secure Mobility Client" to quit

vpn

#!/bin/bash

echo "Switching to KB VPN location."
sudo networksetup -switchtolocation "KB VPN"

echo "Turning off the Ethernet interface."
sudo networksetup -setv6off "Apple USB Ethernet Adapter"
sudo networksetup -setv4off "Apple USB Ethernet Adapter"
sudo dscacheutil -flushcache

echo "Connecting to KB Wifi."
sudo networksetup -setairportpower "Wi-Fi" on

echo "Restoring KB ~/.npmrc"
cp ~/.npmrc_kb ~/.npmrc
echo "Restoring KB Maven settings"
cp ~/.m2/settings_kb.xml ~/.m2/settings.xml

echo "Waiting for WiFi"
sleep 10

echo "Starting VPN"
_vpn_start
echo "Done."

wifi

#!/bin/bash

echo "Switching to Automatic location."
sudo networksetup -switchtolocation "Automatic"

echo "Turning off the Ethernet interface."
sudo networksetup -setv6off "Apple USB Ethernet Adapter"
sudo networksetup -setv4off "Apple USB Ethernet Adapter"
sudo dscacheutil -flushcache

echo "Connecting to Wifi"
sudo networksetup -setairportpower "Wi-Fi" on

echo "Deleting KB ~/.npmrc"
mv ~/.npmrc ~/.npmrc_kb
echo "Deleting KB Maven settings"
mv ~/.m2/settings.xml ~/.m2/settings_kb.xml

echo "Stopping VPN"
_vpn_stop
echo "Done."

Manage Cisco AnyConnect from command line

What is it about?

Starts and stops Cisco AnyConnect VPN service from command line.

Files

• vpn bash script that switches to KB VPN location and connects to KB using Cisco AnyConnect
• wifi bash script that switches to Automatic locations and kills Cisco AnyConnect
• _vpn_start helper Apple script (called from vpn) that starts Cisco AnyConnect and does the clicking
• _vpn_stop helper Apple script (called from wifi) that kills Cisco AnyConnect

Prepare

Do not just copy and paste the files! There are changes that you must make!
Read the scripts. Read the HOW-TO. Be sure that you understand everything. Don't be afraid to ask.

HOW-TO

Network profiles

I have two network profiles (a.k.a Locations): KB VPN and Automatic.

Yours might be called differently.

VPN password

My VPN password is the same as my e-mail password (yours probably too). And it's stored in Keychain Access under Exchange key. Yours is probably different.

.npmrc and .m2 setting

I have specific npm and maven settings for KB. If you don't know what I'm talking about then you can ommit lines with those settings.

Visudo

To avoid asking for password you must put the scripts to etc/sudoers file.

Use sudo visudo -f /etc/sudoers command to add following lines to etc/sudoers. Replace krtek with your login.

krtek           ALL = NOPASSWD: /Users/krtek/bin/wifi
krtek           ALL = NOPASSWD: /Users/krtek/bin/kabel
krtek           ALL = NOPASSWD: /Users/krtek/bin/vpn
krtek           ALL = NOPASSWD: /usr/sbin/networksetup
krtek           ALL = NOPASSWD: /usr/bin/dscacheutil

Be cautious! If you screw up this step you might not start terminal again. This article will save your ass.

Usage

Move the files to ~/bin directory and make them executable using chmod. Then run vpn command to start VPN and wifi to disconnect from VPN back to normal wifi.