I have a config file that completely describes how to connect to a VPN. I'd like to write a tool (C or Objective-C) to read in the file and then create a new VPN interface on the system. I'm guessing the answer will have something to do with SCNetworkServiceCreate and/or SCNetworkInterfaceCreateWithInterface. Both of these want to bind to another interface. What stumps me is that, in theory, the VPN connections should ride on top of any IP interface so I'm at a loss what to use for the base interface. Any help or pointers would be greatly appreciated.
Asked
Active
Viewed 1,871 times
2 Answers
4
macosvpn is a command line tool written in Objective-C over on GitHub which allows you to "Create Mac OS VPNs programmatically". E.g. to add a L2TP over IPSec VPN service you would do this:
sudo macosvpn create --l2tp Atlantic --endpoint atlantic.example.com --username Alice --password p4ssw0rd --shared-secret s3same
It should be straightforward to read your config file params into the command's flag args.
As of today macosvpn is available via Homebrew: brew install macosvp. Xcode is a build requirement.
Richard Poole
- 3,946
- 23
- 29
MatzFan
- 877
- 8
- 17
0
Answering this for completeness.
So, the answer is not well documented. However, there is a magical constant interface definition for any protocol that you want to ride on top of the currently connected IPv4 interface, kSCNetworkInterfaceIPv4.
Therefore the code to create a new VPN builds the VPN stack on top of that interface.
Jeremy
- 849
- 1
- 7
- 11