/forticlientsslvpn-expect.sh
Last active May 27, 2019
Simple script intended to automate Fortinet SSL VPN Client connection on Linux using expect scripting.
| #!/bin/bash | |
| # Forticlient SSL VPN Client launching script utilizing expect. | |
| # -------------------------------------------- | |
| # CONFIGURATION | |
| # If empty - script will take some simple logic to locate appropriate binary. | |
| FORTICLIENT_PATH="" | |
| # VPN Credentials | |
| VPN_HOST="host:10443" | |
| VPN_USER="username" | |
| VPN_PASS="password" | |
| # -------------------------------------------- | |
| trap ctrl_c INT | |
| function ctrl_c() { | |
| echo "Removing left-over files..." | |
| rm -f /tmp/expect | |
| } | |
| if [[ $EUID -ne 0 ]]; then | |
| echo "This script must be run as root" | |
| exit 1 | |
| fi | |
| if [ -z "$FORTICLIENT_PATH" ]; then | |
| FORTICLIENT_PATH=`uname -r | grep -q 64 && echo $(locate forticlientsslvpn_cli | grep 64bit) || echo $(locate forticlientsslvpn_cli | grep 32bit)` | |
| if [ ! -f $FORTICLIENT_PATH ]; then | |
| echo "Tried to locate Forticlient SSL VPN Cli binary, but failed." | |
| echo "Specify it at variable FORTCLIENT_PATH" | |
| exit 1 | |
| fi | |
| echo "Located Forticlient VPN Client at: $FORTICLIENT_PATH" | |
| fi | |
| echo "Killing previous instances of Forticlient SSL VPN client..." | |
| killall -9 $(basename $FORTICLIENT_PATH) 2> /dev/null | |
| cat << EOF > /tmp/expect | |
| #!/usr/bin/expect -f | |
| match_max 1000000 | |
| set timeout -1 | |
| spawn $FORTICLIENT_PATH --server $VPN_HOST --vpnuser $VPN_USER --keepalive | |
| expect "Password for VPN:" | |
| send -- "$VPN_PASS" | |
| send -- "\r" | |
| expect "Would you like to connect to this server? (Y/N)" | |
| send -- "Y" | |
| send -- "\r" | |
| expect "Clean up..." | |
| close | |
| EOF | |
| chmod 500 /tmp/expect | |
| /usr/bin/expect -f /tmp/expect | |
| rm -f /tmp/expect |
This comment has been minimized.
This comment has been minimized.
hugoeustaquio
commented
Dec 28, 2017
|
Thanks, it works perfectly! |
This comment has been minimized.
This comment has been minimized.
ronamosa
commented
Apr 3, 2018
|
Thanks for this. came in real handy for work! |
This comment has been minimized.
This comment has been minimized.
alfem
commented
Apr 1, 2019
|
I use something like this, but I do not need to run it with root permissions. |
This comment has been minimized.
This comment has been minimized.
naxvm
commented
May 27, 2019
|
Really useful, thanks!!!! PD: in my case, the "sudo" launching is not required, I commented that lines on the script and works flawlessly. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
This comment has been minimized.
azizasm commentedJul 22, 2017
•
edited
A very good script to access fortiClient using bash script.
For Ubuntu 64 bit based Linux need to change to
uname -a | grep -q 64because uname -r doesn't work.