ventz / openconnect-gui-menu-bar Goto Github PK

I echo the following openconnect command and run it in terminal find it run ok.
sudo "$VPN_EXECUTABLE" -u "$VPN_USERNAME" -i "$VPN_INTERFACE" "$VPN_HOST"
But echo password, it accept, but when i add VIP response code it fail
------Extract from command line ------------
SSL negotiation with xxx.xxx.com
Connected to HTTPS on xxx.xxx.com
XML POST enabled
Please enter your username and password.
Password:
POST https://xxxx.xxxx.com/
Enter Your VIP Security Code:
Response:
fgets (stdin): Inappropriate ioctl for device

what is the parameter for push/pin or other item?

I tried the script in MacOS Monterey, even though it requires tons of changes( e.g. security find-generic-password should be changed to security find-internet-password as new keychain entries are saved under Interned Passwords).

But on top of this, openconnect still doesn't wait for you to receive the 2fa sms (in my case, from DUO) and throws a Failed to obtain WebVPN cookie error before shutting down.

Has anyone found a way to bypass this problem caused by openconnect? Interesting enough using push allows openconnect to way for your push authentication before connection.

I tried to add password in keychain manually but got security: SecKeychainSearchCopyNext: The specified item could not be found in the keychain. when trying to retrieve it.
I guess it could be caused by "https://xxx" in VPN_HOST (even if it seems useless to add https://)

So I use command line to set password and it works like a charm:

security add-generic-password -s openconnect -a $VPN_HOST -w

I also updated the GET_VPN_PASSWORD like that:

GET_VPN_PASSWORD="security find-generic-password -s openconnect -a $VPN_HOST -w"

That's said, thank you a lot for your plugin! 👍

I have two VPN (one cisco anynet + openconnect) online in the sametimes. The issue is when openconnect successfully connect to VPN host, route may not add success to route table. Ping will success for few second, then will be overwrite/refreshed by cisco anynet, and pind cannot connect to VPN host.
Is it possible to check the connection to an VPN host for few second, if it is not cannot connect to a specific address, then retry?

Most everything works great, however the openconnect.sh script needs to be marked executable. That's not specifically in the docs, but a few people got hung up at that part. Otherwise perfect!

First I want to thank you for nice tool for openconnect.
I have question about connection password and PINs.
To connect to my VPN I need to provide username, password and then PIN and after that second PIN that I recieve via SMS.
It's possible to store first PIN also in keychain, so when I want to connect, I only wait for SMS with second PIN?

I'm going mad trying to figure this out. So connecting from the menu bar wasn't doing anything for me. I typed this into the Terminal substituting all the variables to try to debug my issue:

sudo "$VPN_EXECUTABLE" -u "$VPN_USERNAME" -i "$VPN_INTERFACE" "$VPN_HOST"

I get this error:

>>> /private/etc/sudoers.d/openconnect: syntax error near line 2 <<<
sudo: parse error in /private/etc/sudoers.d/openconnect near line 2
sudo: no valid sudoers sources found, quitting
sudo: unable to initialize policy plugin

Not sure why, because this is my openconnect file:

sn0w ALL=(ALL) NOPASSWD: /usr/local/bin/openconnect
sn0w ALL=(ALL) NOPASSWD: /usr/bin/killall -2 openconnect

where sn0w is the result of the whoami.

Hi.

Found your script and worked great but only when I have already used my 2FA. I.e. if I need to input the pin code received on SMS, I do not see anywhere to input this pin code.
Tried to look at the script but unsure how this input is suppose to work. Does the script not support inputing pin code after "connected" to the the vpn or am I missing something?