https://github.com/clems71/globalprotect-saml

CLI to drive SAML based auth for Global Protect VPN
https://github.com/clems71/globalprotect-saml

cli globalprotect golang openconnect vpn

Last synced: 3 months ago
JSON representation

CLI to drive SAML based auth for Global Protect VPN

• Host: GitHub
• URL: https://github.com/clems71/globalprotect-saml
• Owner: clems71
• License: mit
• Created: 2021-11-17T23:08:27.000Z (over 3 years ago)
• Default Branch: main
• Last Pushed: 2023-10-11T23:23:28.000Z (over 1 year ago)
• Last Synced: 2024-10-24T06:28:50.630Z (8 months ago)
• Topics: cli, globalprotect, golang, openconnect, vpn
• Language: Go
• Homepage:
• Size: 10.7 KB
• Stars: 13
• Watchers: 3
• Forks: 2
• Open Issues: 4
• Metadata Files:
  • Readme: readme.md
  • License: LICENSE

Awesome Lists containing this project

README

        
# GlobalProtect VPN Helper

This tool is a CLI friendly tool used to perform POST based SAML authentication for GlobalProtect VPN. It displays a browser window to allow you to enter your credentials and perform the full SAML flow. When complete

it gives an openconnect compatible cookie, ready to be used.

## Usage

This tool is intended to be used before openconnect to get the authentication cookie, like so:

```bash

COOKIE=$(./vpn -gateway dublin-1.vpn.company.com)

echo $COOKIE | sudo openconnect --protocol=gp --cookie-on-stdin dublin-1.vpn.company.com

```

## Requirements

- OpenConnect 8+

- Google Chrome 70+

## Limitations

The tool works at the gateway level. It means that it specifically connects to a specific gateway from your VPN provider, instead of connected to the global portal which allows the selection of the gateway - and even dynamic switching sometimes.

It also works only for POST based SAML authentication.

## Known bugs

- Sometimes, if you close the browser window, the executable won't exit properly.