I need to launch an openconnect VPN on a linux router from a powershell script on Windows.
I have a working script on the linux router:
echo PASSWORD | sudo openconnect -b --no-dtls --interface=sslvpn host.isp.com --authgroup=SharedVPN --user=username --passwd-on-stdin
When I run the script locally on the router, the vpn launches perfectly. Here is my powershell script from the windows machine:
Import-Module SSH-Sessions
New-SshSession -ComputerName "10.1.43.11" -Username "ubuntu" -KeyFile "C:\keys.pem"
Invoke-SshCommand -ComputerName "10.1.43.11" -Command '/usr/local/sbin/InitializeVPN'
Remove-SshSession -computername "10.1.43.11"
When I run the powershell script, it does launch the VPN, but freezes there, waiting for the VPN to end. I can kill the process on the router and then the powershell script finishes. I need the VPN to run in the background. So I modified the script on the router like this:
echo PASSWORD | sudo openconnect -b --no-dtls --interface=sslvpn host.isp.com --authgroup=SharedVPN --user=username --passwd-on-stdin &
Now when I run the powershell script, it does seem to send it into the background, but the VPN doesn't stay up and I only get partial output to the screen:
Key file specified. Will override password. Trying to read key file...
Successfully connected to 10.1.43.11
10.1.43.11: POST https://host.isp.com/
Connected to ip_addr:443
SSL negotiation with host.isp.com
Connected to HTTPS on host.isp.com
XML POST enabled
POST https://host.isp.com/
Connected to ip_addr:443
SSL negotiation with host.isp.com
Connected to HTTPS on host.isp.com
XML POST enabled
10.1.43.11 should now be disconnected and disposed.
When I run it directly on the router, there is more after the last "XML POST enabled":
Please enter your username and password.
POST https://host.isp.com/
Got CONNECT response: HTTP/1.1 200 OK
CSTP connected. DPD 30, Keepalive 20
Connected as 10.251.0.29, using SSL
Continuing in background; pid 11049
Connect Banner:
| Access to this system is restricted to authorized users. Unauthorized use is strictly prohibited. Information on this system may be intercepted, recorded, read, copied, and disclosed by and to authorized personnel for official purposes, including criminal investigations. Access or use of this system whether authorized or unauthorized, constitutes your awareness and consent to these terms. DISCONNECT IMMEDIATELY if you do not agree to the conditions stated in this warning.
|
How do I get the VPN to launch in the background?
I'm using ubuntu 16.04, openconnect 7.08, powershell 5.1, windows server 2016, downloaded SSH-Sessions from http://www.powershelladmin.com/wiki/SSH_from_PowerShell_using_the_SSH.NET_library#Downloads
Well, I got it working using plink:
C:\bin\plink.exe -i C:\key.ppk ubuntu@10.1.43.11 "nohup /usr/local/sbin/InitializeVPN >/home/ubuntu/VPN.out 2>/home/ubuntu/VPN.err </dev/null &"
stdin, stdout, and stderr had to be redirected and use nohup.
I found it here: Getting ssh to execute a command in the background on target machine
Don't know if I'll take the time to get it working with PowerShell and SSH-Sessions now. Maybe if I need something more complex in the future.