This is my first post on Powershell. Hopefully it won’t be too painful. Anyway, Campus recently mandated that we get away from the Cisco IPSec client, and move to the AnyConnect client. Problem is, the IPSec client was REALLY easy to put the username and password in the launch shortcut (just switches), and it’d connect. That doesn’t seem to be the case with the AnyConnect client, so I had to figure out how to do this in powershell. The script below (the fold) does this, and seems to work quite well. The reason for automating it is because we’re an almost 100% Mac shop, and there is a piece of “Banner” that is PC only. So we provide a Terminal Services/RDC Server that Mac users connect to, VPN fires up, and they’re able to connect to this package1.
I just dropped this script into C:\powershell\vpn.ps1, and then created a shortcut in the user account start menu, startup, and had the path be: “%windir%\system32\windowspowershell\v1.0\powershell.exe C:\powershell\vpn.ps1”2.
Good luck. And thanks to the forums here, and it’s users, for the base code that I modified to work with my environment.
#Please change following variables
#IP address or host name of cisco vpn
[string]$CiscoVPNHost = “vpn.example.com”
[string]$Login = “username”
[string]$Password = “password”
[string]$agree = “y”
#Please check if file exists on following paths
[string]$vpncliAbsolutePath = ‘C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpncli.exe’
[string]$vpnuiAbsolutePath = ‘C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe’
#****************************************************************************
#**** Please do not modify code below unless you know what you are doing ****
#****************************************************************************
Add-Type -AssemblyName System.Windows.Forms -ErrorAction Stop
#Set foreground window function
#This function is called in VPNConnect
Add-Type @’
using System;
using System.Runtime.InteropServices;
public class Win {
[DllImport(“user32.dll”)]
[return: MarshalAs(UnmanagedType.Bool)]
public static extern bool SetForegroundWindow(IntPtr hWnd);
}
‘@ -ErrorAction Stop
#quickly start VPN
#This function is called later in the code
Function VPNConnect()
{
Start-Process -FilePath $vpncliAbsolutePath -ArgumentList “connect $CiscoVPNHost”
$counter = 0; $h = 0;
while($counter++ -lt 1000 -and $h -eq 0)
{
sleep -m 10
$h = (Get-Process vpncli).MainWindowHandle
}
#if it takes more than 10 seconds then display message
if($h -eq 0){echo “Could not start VPNUI it takes too long.”}
else{[void] [Win]::SetForegroundWindow($h)}
}
#Check if VPN is running, but disconnected, and if so, kill the process so we can reconnect.
if ((“$vpncliAbsolutePath state”) -like “*Disconnected*”) {
#Terminate all vpnui processes.
Get-Process | ForEach-Object {if($_.ProcessName.ToLower() -eq “vpnui”)
{$Id = $_.Id; Stop-Process $Id; echo “Process vpnui with id: $Id was stopped”}}
#Terminate all vpncli processes.
Get-Process | ForEach-Object {if($_.ProcessName.ToLower() -eq “vpncli”)
{$Id = $_.Id; Stop-Process $Id; echo “Process vpncli with id: $Id was stopped”}}
}
#Connect to VPN
echo “Connecting to VPN address ‘$CiscoVPNHost’ as user ‘$Login’.”
VPNConnect
#Write login and password
[System.Windows.Forms.SendKeys]::SendWait(“$Login{Enter}”)
[System.Windows.Forms.SendKeys]::SendWait(“$Password{Enter}”)
[System.Windows.Forms.SendKeys]::SendWait(“$agree{Enter}”)
#Start vpnui
start-Process -FilePath $vpnuiAbsolutePath
Blake Buchanan says
what am I missing? I used your script, however the first mobility panel popped up, but it seems as though the “Connect” button wasn’t clicked. Thus the second popup where the user Id and password should be entered was never accessed. The script got me half way there though. Just need the other half.
staze says
This was a long time ago. Sorry, I don’t know what might be missing. I do know a lot of what I was doing has been broken by Cisco… I eventually had to give up on scripting the Anyconnect client and go a different route (asking them to poke a hole in the firewall).