domingo, 14 de abril de 2013

Automatic CheckPoint SSL VPN login (Linux)

Little recipe to automatically login to CheckPoint SSL Network Extender:

----------------- /home/user/login.vpn.expect -----------
spawn /usr/bin/snx -s <SERVER> -p 443 -u <USERNAME>
expect "password:"
send "<PASSWORD>\r"
expect eof

To execute it, you just need to use expect tool:
$ expect login.vpn.expect

Good luck!

3 comentarios:

  1. The script seems to work, in that snx outputs that the connection is up, but after the script exits, there is no connection. Is is possible expect is killing the snx process afterwards, while in a normal terminal the process switches to the background (so snx -d will work later)?

  2. I finally used another simplified script:

    (date | sed ':a;N;$!ba;s/\n/ /g'; echo "Init" )>> /root/vpn.log
    if /usr/lib/nagios/plugins/check_ssh [HOST TO CHECK IF TUNNEL IS ALIVE]; then
    echo "OK"
    echo "Restarting VPN"
    snx -d
    sleep 1
    snx < /root/pass

    Nevertheless, I found a problem with snx requering a tty. And nohup is not working for this.

    1. I forgot to mention that I used the .snxrc file:
      ---- .snxrc ----
      reauth yes
      debug 1 # if you want to debug