There are many options when troubleshooting in FortiGate firewalls. ... Full Story
By Manny Fernandez
April 7, 2020
Running Post VPN Login Script
I have been getting asked this question since this coronavirus thing started. I decided I would address it with an article. So the use case is: You want to run a script after the user logs in. This could be like mapping / mounting a share, running an application, etc.
I wrote an article about packaging the FortiClient. You can follow the same process however there is another section you need to modify.
On Connect
Windows
Option I
<on_connect>
<script>
<os>windows</os>
<script>
<script>
<![CDATA[
net use x: \\10.1.1.43\home /user:mfernandez
md c:\inbox
copy x:\outbox\*.* c:\inbox
]]>
</script>
</script>
</script>
</on_connect>
Option II
I updated this to show how you can run a batch file or script file.
<on_connect>
<script>
<os>windows</os>
<script>
<script>
<![CDATA[
Script "C:\ournetwork\NETLOGON\manny.bat"
]]>
</script>
</script>
</script>
</on_connect>
macOS X
In a macOS X environment,
<on_connect>
<script>
<os>mac</os>
<script>
/bin/mkdir /Volumes/Share1
mount -F smbfs -o user=root,domain=monkey //server.myinfosec/tmp /Volumes/Sahre1
</script>
</script>
</on_connect>
On Disconnect
Windows
Similar to the On Connect (as above), we can also run scripts when you disconnect.
<on_disconnect>
<script>
<os>windows</os>
<script>
<script>
<![CDATA[
net use x: /DELETE
]]>
</script>
</script>
</script>
</on_disconnect>
macOS X
<on_disconnect>
<script>
<os>mac</os>
<script>
/sbin/umount /Volumes/Share1
</script>
</script>
</on_disconnect>
Hope this helps.
Thanks to Omar Ortiz and Matt Sherif for their input.
Recent posts
-
-
Have you ever had an IPS signature that continues... Full Story
-
Use case: Customer has a Split Tunnel Enabled but... Full Story