Ubuntu – How to automatically connect OpenConnect VPN when the connection closes

openvpnservervpn

I need to use a third party web service which is accessible only through Cisco AnyConnect VPN. I'm using OpenConnect on Ubuntu to connect to this VPN using host, username, and password.

However, instead of having to manually connect every time we need to connect to the service (since the service is being consumed by a script that runs on daily basis), I would like to set it up once and have itself reconnect when the tunnel breaks.

Is there a way for us to connect openconnect client (or any other similar client for Cisco AnyConnect) to automatically reconnect when the connection breaks.

Alternatively, is there a way to login without username and password and store that configuration somewhere so we can automatically respawn the process when it stops.

Please note that this is all on a server, so no GUI.

Best Answer

See the options it has. openconnect --help:

-u,--user=NAME

Set login username to NAME

--passwd-on-stdin

Read password from standard input

--reconnect-timeout

Keep reconnect attempts until so many seconds have elapsed. 
The default timeout is 300 seconds, which means that openconnect 
can recover VPN connection after a temporary network 
downtime of 300 seconds.

it also supports a

--config=CONFIGFILE

There are several scripts on-line you can adapt to your situation.

Related Solutions

Ubuntu – How to automatically connect to VPN with Network-Manager

The solution suggested by con-f-use should work but doesn't, due to a long-standing bug:

https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/280571

There are workarounds though. For recent NetworkManager versions, there is a commandline utitility, nmcli, that can be edited and saved as something like /etc/NetworkManager/dispatcher.d/vpn-up:

#! /bin/bash

REQUIRED_CONNECTION_NAME="<name-of-connection>"
VPN_CONNECTION_NAME="<name-of-vpn-connection>"


activ_con=$(nmcli con status | grep "${REQUIRED_CONNECTION_NAME}")
activ_vpn=$(nmcli con status | grep "${VPN_CONNECTION_NAME}")
if [ "${activ_con}" -a ! "${activ_vpn}" ];
then
    nmcli con up id "${VPN_CONNECTION_NAME}"
fi

[I haven't tested this -- please feel free to test and edit according to results]

See: https://wiki.archlinux.org/index.php/NetworkManager#Use_dispatcher_to_connect_to_a_vpn_after_a_network-connection_is_established has more info.

Ubuntu – Cannot connect to the internet after installing Cisco AnyConnect VPN Client

Cisco AnyConnect VPN Client makes changes to /etc/resolv.conf. Make sure that the program restored /etc/resolv.conf to its original state. /etc/resolv.conf should be a symbolic link to "../run/resolvconf/resolv.conf". If this is not the case then run

sudo dpkg-reconfigure resolvconf

Best Answer

Related Solutions

Ubuntu – How to automatically connect to VPN with Network-Manager

Ubuntu – Cannot connect to the internet after installing Cisco AnyConnect VPN Client

Related Question