openconnect automation question
David Woodhouse
dwmw2 at infradead.org
Wed Aug 1 15:57:08 EDT 2012
On Wed, 2012-08-01 at 14:47 -0500, David Starchman wrote:
> We have a server that aggregates (masquerades) access to a
> VPN-connected customer using a linux box. (In other words, all
> customer-destined traffic gets rerouted through a single VPN
> connection.) I'm currently doing this with the Cisco client and a cron
> job that ensures its continued existence. Can this be accomplished
> with openconnect? So far, everything I've seen looks like openconnect
> has to be initiated at the user level.
You just want a script that keeps the connection up and running?
Restarting openconnect any time it dies? That's simple enough to do.
Something like (typing into email client; this is not tested...)
#!/bin/sh
VPNSERVER=foo.company.com
USERNAME=username
PASSWORD=sdfsdf
while true; do
RETRY=$(($(date +%s) + 60))
openconnect -u $USERNAME $VPNSERVER --non-inter --passwd-on-stdin <<< "$PASSWORD"
if [ $? = 2 ]; then
# authentication failure. log and bail out
exit 1
fi
# If something's going wrong, don't try more than once a minute or the
# server admins may hunt you down and promote an attitude of violence
# towards you...
NOW=$(date +%s)
if [ $NOW -lt $RETRY ]; then
sleep $(($RETRY - $NOW))
fi
done
--
dwmw2
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 6171 bytes
Desc: not available
URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20120801/84cb8167/attachment.bin>
More information about the openconnect-devel
mailing list