3

Basically my problem is that I need to write a script that automatically creates a VPN service in Mac OS X Snow Leopard that can be used on multiple machines to speed up the process rather than going through system preferences every single time. It is specifically needed to run on 10.6.* because the VPN needs to use the Cisco IPSec protocol which is only built in to Snow Leopard. I am not sure if it is even possible, but I was thinking this could be done using terminal commands or some form of shell scripting. I really have no idea where to start though. When I looked through the system for possible start points I found that if you opened the following file with Property List Editor it had all the Network Services.

/Library/Preferences/SystemConfiguration/preferences.plist

I'm not sure if that just shows the services or if that actually does control them, thus making it have the ability to add another service through modification of that .plist file. So basically what I am asking is: How can add a network service with specific settings through terminal or scripting?

Waffle
  • 302
  • 1
  • 3
  • 12
  • See http://stackoverflow.com/questions/7022250/how-to-set-up-a-vpn-connection-programmatically-in-mac –  Jul 28 '14 at 07:51

2 Answers2

1

You can manipulate network services with /usr/sbin/scutil. It has limited functionality in its single-invocation form, but if you run it without arguments, you'll enter an interactive mode in which you can do quite a lot. Type help to get started. Then try list to see all of the keys in the dynamic store. Of course, you have to be root in order to change anything.

The Tunnelblick project uses scutil to update DNS and other settings after establishing an OpenVPN connection. I don't know if you can actually create a new service in a similar manner, but this would be a good place to start looking.

psagers
  • 859
  • 4
  • 5
  • I have looked in to scutil and I have not been able to figure out how to actually get it to create a new network interface. I have only been able to manipulate existing ones. Also, Tunnelblick would not work in my circumstance because I need to mass deploy the script and can't have another program need to be downloaded. I am looking in to just editing .plist files to generate a key and add the connection. Thank you very much for your response! – Waffle Apr 06 '11 at 22:17
1

You might also check out /usr/sbin/networksetup ; I've used it for configuring OSX network settings from the command line. See: http://developer.apple.com/library/mac/#documentation/Darwin/Reference/ManPages/man8/networksetup.8.html

Dave Guarino
  • 509
  • 5
  • 14
  • Thank you for the suggestion! This solution actually does work for what I need it to do. The solution I have been using thus far though which is actually simple as well is to just export the configuration file without user data and it seems to work as well. – Waffle Aug 05 '11 at 17:28
  • 2
    This will not work. /usr/sbin/networksetup can't operate on VPN services as should be clear from the linked man page. – Dave Jun 02 '14 at 06:30
  • @Dave It can now. But the linked page is down. – Noah Jun 18 '19 at 19:35