Start configured VPN from command line (OSX)
I have two VPN configurations on my mac and I would like to be able to start them from the console when I ssh into my machine.
I have found the command networksetup
which allows me to configure connections, but as far as I can tell not actually start one.
Using Lion.
For newer macOS versions, a very simple command can be used, as shown in the below answers, e.g. this one (give it a +1!).
All you need is:
networksetup -connectpppoeservice "UniVPN"
The only problem is that you cannot disconnect using this command.
You can also use AppleScript to connect to the VPN services of your choice. We'll use shell functions, which are available from the command line, once they are loaded.
Add the functions below to your ~/.bash_profile
or ~/.profile
(whatever you use).
You just need to change the name of the VPN connection itself, as it appears under the Network preferences. I used my university VPN here.
You can change the names of the functions as well, if you want to do it for different ones. It might be possible to shorten this using arguments, but it works just fine this way. I tested it on Snow Leopard (but Leopard and Lion should work too).
Once you've added the functions, reload the terminal and call them with vpn-connect
and vpn-disconnect
, respectively.
function vpn-connect {
/usr/bin/env osascript <<-EOF
tell application "System Events"
tell current location of network preferences
set VPN to service "UniVPN" -- your VPN name here
if exists VPN then connect VPN
repeat while (current configuration of VPN is not connected)
delay 1
end repeat
end tell
end tell
EOF
}
function vpn-disconnect {
/usr/bin/env osascript <<-EOF
tell application "System Events"
tell current location of network preferences
set VPN to service "UniVPN" -- your VPN name here
if exists VPN then disconnect VPN
end tell
end tell
return
EOF
}
You can also, as of at least Lion1, use the scutil command.
For example, if I have a VPN service named "Foo", I could connect via:
$ scutil --nc start Foo
I can optionally specify a user, password, and secret using flags of the same names:
$ scutil --nc start Foo --user bar --password baz --secret quux
The service can be disconnected via:
$ scutil --nc stop Foo
For more detailed help, you can see the man page, or run:
$ scutil --nc help
Update
Adding a quick script to poll until the connection is established (in response to the comment from Eric B.
#!/bin/bash
# Call with <script> "<VPN Connection Name>"
set -e
#set -x
vpn="$1"
function isnt_connected () {
scutil --nc status "$vpn" | sed -n 1p | grep -qv Connected
}
function poll_until_connected () {
let loops=0 || true
let max_loops=200 # 200 * 0.1 is 20 seconds. Bash doesn't support floats
while isnt_connected "$vpn"; do
sleep 0.1 # can't use a variable here, bash doesn't have floats
let loops=$loops+1
[ $loops -gt $max_loops ] && break
done
[ $loops -le $max_loops ]
}
scutil --nc start "$vpn"
if poll_until_connected "$vpn"; then
echo "Connected to $vpn!"
exit 0
else
echo "I'm too impatient!"
scutil --nc stop "$vpn"
exit 1
fi
Footnotes:
- It's not clear when this command was added to OSX, I have it in Mavericks, and user Eric B. reports that it works in Lion (10.7.5).
Haven't tested this under Lion but but I'm using following command under Mountain Lion without any problem:
networksetup -connectpppoeservice UniVPN
You can use networksetup -connectpppoeservice "myvpn"
to connect to a vpn named myvpn, and use networksetup -disconnectpppoeservice "myvpn"
to disconnect from the vpn named myvpn
Before use these command lines, you need to manually config a connection in System Preferences > Network