
OpenConnect VPN Client for the UniFi Dream Machine Pro (Unofficial)

Primary LanguageShellThe UnlicenseUnlicense


OpenConnect VPN Client for the UniFi Dream Machine Pro (Unofficial)


Require the use of the excellent On Boot script from: https://github.com/unifi-utilities/unifios-utilities/blob/main/on-boot-script-2.x/README.md

Because of the way OpenConnect works with the particular Global Protect VPN endpoint I'm using (requires a 2FA auth based on an Okta prompt) I actually didn't put the connection script in the container image itself.

Instead I just put a generic entrypoint shell script in there that does nothing. I pre-loaded the binaries for TOTP creation and the openconnect client in the image.

Then I bind-mount a shell script from a /mnt/data sub-directory (so it persists across upgrades).

And finally I overload the command at runtime to execute that script instead of the built-in info-message/generic entrypoint script.


Edit connect-example.sh to match your needs (or create a different connection script, and adapt the command below), then run:

docker run -it -d --rm --net=host --name openconnect --privileged \
  -v /mnt/data/openconnect/connect-example.sh:/usr/local/bin/connect-example.sh \
  -v /dev/net/tun:/dev/net/tun \
  ghcr.io/shuguet/openconnect-udm \