Jump to content

VPN applescript is busted in El Capitan


Recommended Posts

 

I got this problem too.

tell current location of network preferences			
set VPNService to service "VPN (Cisco IPSec)"		
set config to current configuration of VPNService
log config
end tell

outputs:

(*missing value*)

 

 

Yeah, since the AppleScript is busted, you have to use the command-line.

 

You can get the connection status of a VPN using this command-line:

scutil --nc show "<vpn name>" | grep Disconnected > /dev/null

That returns an exit code of zero if the VPN is disconnected, anything else and the VPN is connected.

 

You can start a VPN with this command-line:

scutil --nc start "<vpn name>"

And stop it with this command-line:

scutil --nc stop "<vpn name>"

So a Ruby script to toggle the status of a VPN connection would be:

vpn_name = ARGV[0]
status = system("scutil --nc show \"#{vpn_name}\" | grep Disconnected > /dev/null")
if status
	system("scutil --nc start \"#{vpn_name}\"")
else
	system("scutil --nc stop \"#{vpn_name}\"")
end

Unfortunately, you can't reliably use the command-line to get a VPN list. It truncates long VPN names. So if you want to get a list of all VPNs, you still need to use AppleScript to pull the list, but then you have to manipulate the VPN connections using the command-line tool.

Link to comment
  • 10 months later...

I'm trying to do the same thing. It works with all VPN connections except connections of type IKEv2.

 

Trying to run this script in Script Editor:

tell application "System Events"
   tell current location of network preferences
      set service_name to "IKEv2_connection_name"
      do shell script (do shell script "scutil --nc start \"" & service_name & "\"")
   end tell
end tell

And here is the error:

error "System Events got an error: No service" number 1

It appears that AppleScript cannot recognize the IKEv2 VPN connection. So I tried to run another script which to print out all the current internet connections in the system:

tell application "System Events"
   tell current location of network preferences
      set names to get name of every service
   end tell
end tell

The result shows all the network connections (including "Wi-Fi", "USB Ethernet", "Bluetooth PAN", "Thunderbolt Bridge", all VPN connections of type L2TP, PTPP, IPSec) but it doesn't list any IKEv2 connections although I have set a few of them and they're all working.

 

Is this a known issue with El Capitan? Is there any workaround for this kind of VPN on El Capitan?

Edited by khangazun
Link to comment

I'm trying to do the same thing. It works with all VPN connections except connections of type IKEv2.

 

Trying to run this script in Script Editor:

tell application "System Events"
   tell current location of network preferences
      set service_name to "IKEv2_connection_name"
      do shell script (do shell script "scutil --nc start \"" & service_name & "\"")
   end tell
end tell

And here is the error:

error "System Events got an error: No service" number 1

It appears that AppleScript cannot recognize the IKEv2 VPN connection. So I tried to run another script which to print out all the current internet connections in the system:

tell application "System Events"
   tell current location of network preferences
      set names to get name of every service
   end tell
end tell

The result shows all the network connections (including "Wi-Fi", "USB Ethernet", "Bluetooth PAN", "Thunderbolt Bridge", all VPN connections of type L2TP, PTPP, IPSec) but it doesn't list any IKEv2 connections although I have set a few of them and they're all working.

 

Is this a known issue with El Capitan? Is there any workaround for this kind of VPN on El Capitan?

 

This probably won't work either then, but you can give it a try:

property newLine : (ASCII character 10)
set results to ""
set flag to true
tell application "System Events"
	tell network preferences to set locs to every location
	repeat with loc in locs
		tell loc
			set vpns to every service
			repeat with vpn in vpns
				if flag is true then
					set flag to false
				else
					set results to results & newLine
				end if
				set vpnName to (the name of vpn) as string
				set results to results & vpnName
				set results to results & "|" & (kind of vpn)
			end repeat
		end tell
	end repeat
end tell
results

Link to comment

 

This probably won't work either then, but you can give it a try:

property newLine : (ASCII character 10)
set results to ""
set flag to true
tell application "System Events"
	tell network preferences to set locs to every location
	repeat with loc in locs
		tell loc
			set vpns to every service
			repeat with vpn in vpns
				if flag is true then
					set flag to false
				else
					set results to results & newLine
				end if
				set vpnName to (the name of vpn) as string
				set results to results & vpnName
				set results to results & "|" & (kind of vpn)
			end repeat
		end tell
	end repeat
end tell
results

 

Thanks for your reply. Here is the result at my side:

"Wi-Fi|2
USB Ethernet|6
Bluetooth PAN|7
Thunderbolt Bridge|5
UK-StarVPN|0
US-StarVPN|0
Canada Ip|16
Usa Ip|16"

The result is missing the IKEv2 VPN connections.

Link to comment
  • 1 year later...

Awesome article @Coneybeare.

 

I tried Algo (because it's the ideal solution), but in the end, I reinstalled Streisand on my VPS, as a lot of the open WiFi networks I use block VPNs, and Streisand offers OpenVPN via port 443, which always gets through.

 

I guess it also bears mentioning that always connecting via a single VPS makes it easier to track you in some regards, as your traffic always comes from the same static IP, not whatever external IP the WiFi network you're on right now has. As such, depending on your threat model, it's worth considering only using the VPN when you're on an unsecured WiFi network.

 

Link to comment

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...