An easy way to get OpenConnect VPN to have an OS X Menu Bar GUI for:
- quick connecting
- quick disconnect
- status changes (icon)
Full support for multi-factor authentication (especially Duo)!
https://github.com/matryer/bitbar/releases
BitBar provides an easy way to put "things" (for output and input) in your OS X Menu Bar.
Just unzip the release in your /Application folder and launch BitBar. It will ask you to create (or select) a folder to use for your scripts.
Start by just getting the file itself: https://raw.githubusercontent.com/ventz/openconnect-gui-menu-bar/master/openconnect.sh
This file is the "script" that interacts with BitBar. Place it in your bitbar scripts folder (I have chosen: ~/Documents/private/bitbar-plugins/), and edit it/follow these steps:
osx-username ALL=(ALL) NOPASSWD: /usr/local/bin/openconnect
osx-username ALL=(ALL) NOPASSWD: /usr/bin/killall -2 openconnect
VPN_EXECUTABLE=/usr/local/bin/openconnect
VPN_HOST="vpn.domain.tld"
VPN_USERNAME="vpn_username@domain.tld#VPN_TUNNEL_OPTIONALLY"
a.) Open "Keychain Access" and
b.) Click on "login" keychain (top left corner)
c.) Click on "Passwords" category (bottom left corner)
d.) From the "File" menu, select -> "New Password Item..."
e.) For "Keychain Item Name" and "Account Name" use the value for "VPN_HOST"
f.) For "Password" enter your VPN AnyConnect password.
That's it! Now you can use the GUI to connect and disconnect! (and if you are using Duo - get the 2nd factor push to your phone)
If you have another VPN (ex: OpenVPN), you might already have an 'utun0' interface. Please check with '/sbin/ifconfig'. If that's the case, in step #2 above you need to add:
VPN_INTERFACE="utun1"
If you already have an utun0 and an utun1, then you need to change it to the next available, ex: utun2.
In order to make sure this doesn't happen - I've chosen 'utun99'
For help or more info, feel free to contact me or open an issue here!