首页 文章

通过bash连接CISCO Anyconnect VPN

提问于
浏览
9

正如 Headers 所说,尝试通过bash连接vpn . 以下脚本似乎最接近我正在寻找的答案:

#!/bin/bash
/opt/cisco/anyconnect/bin/vpn -s << EOF
connect https://your.cisco.vpn.hostname/vpn_name
here_goes_your_username
here_goes_your_passwordy
EOF

当我运行它时,vpn启动,但然后退出没有错误,没有连接 . 这似乎是由-s引起的 . 如果我删除此参数,VPN将启动,但不会输入任何命令(即connect vpn,username,password) . 从我读到的-s选项将允许传递用户名/密码 . 救命!

3 回答

  • 7

    我不得不下载expect软件包(yum install expect) . 这是我用来自动化vpn连接的代码

    #!/usr/bin/expect
    
    eval spawn /opt/cisco/anyconnect/bin/vpn connect vpn.domain.com
    
    expect "Username: " { send "username\r" }
    expect "Password: " { send "password\r" }
    
    set timeout 60
    expect "VPN>"
    

    真的很容易! :d

  • 0

    虽然 expect 可以更清洁,但并非绝对必要 . 假设 /opt/cisco/anyconnect/bin/vpnagentd 正在运行,因为它应该是:

    connect

    printf "USERNAME\nPASSWORD\ny" | /opt/cisco/anyconnect/bin/vpn -s connect HOST
    

    替换 USERNAMEPASSWORDHOST . \ny 最后是接受登录 Banner - 这是我的主机特有的,所以你可能不需要它 .

    我知道这种方法存在明显的安全问题;它仅用于说明目的 .

    获得 state

    /opt/cisco/anyconnect/bin/vpn state
    

    disconnect

    /opt/cisco/anyconnect/bin/vpn disconnect
    

    这是使用AnyConnect v3.1.05160测试的 .

  • 7

    c#solution ...在这种情况下,profile是组名 .

    //file = @"C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpncli.exe"
    var file = vpnInfo.ExecutablePath;
    var host = vpnInfo.Host;
    var profile = vpnInfo.ProfileName;
    var user = vpnInfo.User;
    var pass = vpnInfo.Password;
    var confirm = "y";
    
    var proc = new Process
    {
        StartInfo = new ProcessStartInfo
        {
            FileName = file,
            Arguments = string.Format("-s"),
            UseShellExecute = false,
            RedirectStandardInput = true,
            RedirectStandardOutput = true,
            RedirectStandardError = true,
        }
    };
    
    proc.OutputDataReceived += (s, a) => stdOut.AppendLine(a.Data);
    proc.ErrorDataReceived += (s, a) => stdOut.AppendLine(a.Data);
    
    //make sure it is not running, otherwise connection will fail
    var procFilter = new HashSet<string>() { "vpnui", "vpncli" };
    var existingProcs = Process.GetProcesses().Where(p => procFilter.Contains(p.ProcessName));
    if (existingProcs.Any())
    {
        foreach (var p in existingProcs)
        {
            p.Kill();
        }
    }
    
    proc.Start();
    proc.BeginOutputReadLine();
    
    //simulate profile file
    var simProfile = string.Format("{1}{0}{2}{0}{3}{0}{4}{0}{5}{0}"
        , Environment.NewLine
        , string.Format("connect {0}", host)
        , profile
        , user
        , pass
        , confirm
        );
    
    proc.StandardInput.Write(simProfile);
    proc.StandardInput.Flush();
    
    //todo: these should be configurable values
    var waitTime = 500; //in ms
    var maxWait = 10;
    
    var count = 0;
    var output = stdOut.ToString();
    while (!output.Contains("state: Connected"))
    {
        if (count > maxWait)
            throw new Exception("Unable to connect to VPN.");
    
        Thread.Sleep(waitTime);
        output = stdOut.ToString();
        count++;
    }
    stdOut.Append("VPN connection established! ...");
    

相关问题