VPN support for Mac

Hi,

In the AppleVPN, the Terminal mode means we will use the following command line to launch the VPN:

scutil --nc start "VPN Name" --user "username" --password "password"

The AppleScript mode means we will use a script to fetch the proper Network Preferences service and fill it's credentials.

All that being said, I was a bit curious you didn't find it easier to setup, so I've investigated a bit and it appear that only L2TP (so far as I know) seems to work with either methods.

The scutil command will return "No service" even if the IKEv2 is properly configured in the Network preferences pane. And it won't appear in the list of "network preferences services" in AppleScript and therefor can't be launched, nor can it be shown in the Apple VPN settings view "VPN name" combo box.

Outside of actually clicking through the System Preferences Network panel (via script or manually), I am not aware of any other way to launch IKEv2 VPNs at the moment. To me, it looks like a bug on Apple side, as both the scutil and AppleScript method should work.

I'll open an issue to investigate this.

Best regards,

Thank you Xavier. I look forward to your next update.

Checking in to see if there is any progress on this feature request.

Thanks...randy

So far, I have received no answer from Apple.

I do not know any other proper ways to launch IKEv2 VPN programmatically. Using assistive access to navigate through the Preferences windows and automatically click the Connect button would be janky at best and display downright undesirable behaviour (i.e. the user appearing to lose control, albeit for a short period of time).

Sorry for not having better news.

Best regards,

Hi all,

I have been searching for this problem as well, and I found a nice solution here:
https://blog.timac.org/2018/0719-vpnstatus/
They created a few dedicated VPN control apps (with and without GUI).

The source code is available here: https://github.com/Timac/VPNStatus

the most interesting tool is "vpnutil", the source code Is available here: https://github.com/Timac/VPNStatus/tree/master/vpnutil

with this, you can connect to the VPN using the command vpnutil start ConnectionName which also works for IKEv2!

using vpnutil, this can be used right away, however you need to run an unsigned executable. Given the source code, it should also be possible to directly implement this in RDM.

Cheers,
Luiz

Hi,

Thanks for the info! This is very interesting, I will add this to the ticket and we will look it up when we get a chance.

Best regards,

Hi luiz and randywebb,

VPNStatus has been integrated into RDM and will be used with the AppleScript method of the Apple VPN entry (not with the Terminal method). It seems to be able to list, connect and disconnect any VPN configured in the Network Preferences panel (all those I've tested). This will be available in the next release of RDM Mac (2021.1.1.0).

Best regards,

Hi randywebb and luiz1,

The version 2021.1.1.0 of RDM just got released and (so long as the AppleScript mode is used) all VPN entry types should work properly.

Special thanks to you luiz1 for pointing us in the direction of vpnutil, it was very useful.

The version can be downloaded here (or here for the free version).

Best regards,