This script allows to connect to a AnyConnect VPN server using SSO for authentication via command line. Tested on macOS, probably working as well for Linux with some minor modifications.
The following tools need to be installed to use the script.
brew install openconnectOptional, but recommended, see https://github.com/pypa/pipx.
brew install pipxpipx install "openconnect-sso[full]"once finished installation, run
pipx ensurepathTo save the password to keychain, run the openconnect-sso command once manually (yourname needs to be changed to your name / abbreviation):
sudo openconnect-sso --server "ras.zhaw.ch" --user="[email protected]"Log in in the web view showing up. Password will then automatically be saved to keychain.
Modify the script found in this repo called vpnzhaw with your information, namely your email address, by setting the correct value for the variable VPN_USER correctly (replace yourname):
VPN_USER="[email protected]"Make the script executable:
chmod +x vpnzhawPlace the modified script at usr/local/bin/
The script needs root permission to work properly.
To allow executing it with sudo without entering a password, add the file /private/etc/sudoers.d/vpnzhaw, for example using nano:
sudo nano "/private/etc/sudoers.d/vpnzhaw"and paste the following to the file
yourmacusername ALL=(ALL) NOPASSWD: /usr/local/bin/vpnzhawreplace yourmacusername with your actual username. To get this, run whoami in terminal.
(If using nano, save with CTRL+o and exit with CTRL+x)
Installation should now be finished. Use the script with the following commands:
vpnzhaw startto start a new connection to the VPN server. If not yet connected, just executingvpnzhawwill start a new connection as well.vpnzhaw statusto show whether OpenConnect is currently running. If OpenConnect is currently running, just executingvpnzhawwill show the status as well.vpnzhaw stopto close the existing connection.
Enjoy 😚