SonicWall's SSL VPN clients include MobileConnect and NetExtender. NetExtender is available on Linux and has a GUI and CLI.
The GUI version has garbled Japanese and is unexpectedly heavy, so I would like to use the CLI version.
--Confirmed on Ubuntu 18.04. --Confirmed with NetExtender version 8.6.799 for Linux. --Refer to the SonicWall manual for installation instructions.
The manual is displayed with man netExtender.
netExtender LOCAL netExtender
NAME
netExtender — SonicWALL NetExtender command-line client for Mac OS X/Linux
SYNOPSIS
netExtender [-u username] [-p password] [-d domain] [options] [server[:port]]
DESCRIPTION
NetExtender is a client for use with SonicWALL's SRA and UTM appliances. It enables remote
users to securely connect to a remote network.
With NetExtender, remote users can securely run any application on the remote network.
Users can upload and download files, mount network drives, and access resources in the same
way as if they were on the local network. The NetExtender connection uses a Point-to-Point
Protocol (PPP) connection inside a secure SSL tunnel.
To log in interactively, run the netExtender command and enter the connection information.
$ netExtender
NetExtender for Linux - Version 8.6.799
SonicWall
Copyright (c) 2017 SonicWall
SSL VPN Server: vpn.example.com:4433
User Access Authentication
User: takeume2
Password:
Domain: LocalDomain
Connecting to vpn.example.com:4433...
Connected.
Logging in...
Login successful.
Version header not found
SSL Connection is ready
Using SSL Encryption Cipher 'ECDHE-RSA-AES256-SHA384'
Using new PPP frame encoding mechanism
Using PPP async mode (chosen by server)
Connecting tunnel...
Client IP Address: 10.254.128.12
You now have access to the following 1 remote networks:
10.0.0.0/255.0.0.0
NetExtender connected successfully. Type "Ctrl-c" to disconnect...
During the connection, the process runs in the foreground, so it's a good idea to use Ctrl-Z, bg to background it.
^Z
[1]+Stop netExtender
$ bg
[1]+ netExtender &
Connection information can also be specified with command line parameters.
$ netExtender \
--username=takeume2 \
--password=hogehoge \
--domain=LocalDomain \
vpn.example.com:4433
However, we do not recommend passwords (--password) as they are visible to other users.
To enter only the password interactively, specify:
$ netExtender --username=takeume2 --domain=LocalDomain vpn.example.com:4433
NetExtender for Linux - Version 8.6.799
SonicWall
Copyright (c) 2017 SonicWall
User Access Authentication
Password:
If entering the password is also a hassle, redirect the input and read the connection information from the file. Create an arbitrary file and enter the connection information.
As an example, save a file with the following contents in the ~ / vpn file.
$ cat <<EOF > ~/vpn
vpn.example.com:4433
takeume2
hogehoge
LocalDomain
EOF
Make the permissions visible only to the owner, as it would be bad for other users to see.
$ chmod 0600 ~/vpn
$ ls -l ~/vpn
-rw-------1 takeume2 takeume2 51 October 30 23:17 /home/takeume2/vpn
Redirects the input of netExtender and reads it from ~ / vpn.
If you run it in the background with &, the Ctrl Z, bg operations are.
$ netExtender <~/vpn &
NetExtender for Linux - Version 8.6.799
SonicWall
Copyright (c) 2017 SonicWall
SSL VPN Server: User Access Authentication
User: Password: stdin is not tty terminal
stdin is not tty terminal
Domain: Connecting to vpn.example.com:4433...
Connected.
Logging in...
To disconnect, use fg to foreground and then type Ctrl-C.
$ fg
netExtender < .config/wts/vpntokyo
^C
Terminating pppd...
SSL VPN logging out...
SSL VPN connection is terminated.
Exiting NetExtender client
Alternatively, kill the process with the SIGTERM signal.
$ pgrep netExtener
1234
$ kill -SIGTERM 1234
pkill makes it easier to kill.
$ pkill -SIGTERM netExtender
Recommended Posts