Skip to content

Instantly share code, notes, and snippets.

@p120ph37

p120ph37/vpn.expect

Last active December 19, 2021 23:08
Show Gist options
  • Star 6 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save p120ph37/10999441 to your computer and use it in GitHub Desktop.
Save p120ph37/10999441 to your computer and use it in GitHub Desktop.
Download ZIP
Expect script to connect to an AnyConnect VPN server on OSX using only oathtool and openconnect (not the Cisco AnyConnect client)
Raw
vpn.expect
!/usr/bin/expect -f
set timeout 30
log_user 0
puts stderr "Generating OTP"
spawn oathtool --totp YOUR_SECRET_KEY_HERE
expect -re \\d+
set otp $expect_out(0,string)
puts stderr "Connecting to VPN server $server"
spawn env SPLIT_DNS=YOUR_SPLIT_DNS_DOMAINS_HERE openconnect --script ./vpnc-script https://YOUR_SERVER_HERE --cafile=cacert.pem
expect "GROUP:"
send "YOUR_GROUP_HERE\n"
expect "Username:"
send "YOUR_USERNAME_HERE\n"
expect "Password:"
send "YOUR_PASSWORD_HERE\n"
expect "Password:"
send "$otp\n"
interact
@p120ph37
Copy link
Author

Remember to use "sudo"!!! (root permission needed for openconnect to work.)

@dkordik
Copy link

dkordik commented Jun 7, 2018

thanks! this script was super handy!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment