Mac OS X Version 15.6.1 (24G90)
# /opt/homebrew/bin/openfortivpn --version
1.23.1
I had some real issues and continue to have an issue with the --persistent option on mac os x
The persistent option, when it disconnects and reconnects - fails to reconfigure all the routes back. Not sure why that is.
Also with --no-routes, it doesn't actually stop all routes, particularly the default routed to ppp0 - I figured this is mac os x doing it, as i already had a go at trying to use a pppd wrapper and built openfortivpn with --with-pppd=/usr/local/bin/pppd with no success
From what I could see, the nodefaultroute option is passed from openfortivpn, but still - i end up with a default route to ppp0 ... which causes me issues when connecting with other vpns / networks.
This always gets created... Im not sure if anyone else having that issue;
# netstat -rn | grep default |grep ppp0
default link#23 UCSIg ppp0
Anyway, I made a bunch of wrapper scripts and ppp if-up + if-down that handles things
Got things to work nicely - except for the --persistent option - which seems to be broken.
openfortivpn doesn't open the browser
- Maybe this could be an option, also specifying user who to open the browser as, when you invoke as sudo,
--Note: sudo stat -f "%Su" ~/ returns the sudoing user, $SUDO_USER doesnt work on mac.
Also I had to use -vvvv as the debug log is the only place I could find the routes information, inside an XML response from the VPN server. Which I parse and add, dynamically - rather than setting routes statically...
i use the --pppd-ipparam to pass a "session id" from the wrapper, which ensures that the ip-up script uses the correct (most recent) xml routes ...
if you are using Mac OS X, with SAML or have trouble with routes,
this may help https://github.com/jseifeddine/openfortivpn-macosx
I prepared the wrapper to save the routes from the initial connection response - to be reused when it disconnects / reconnects (network outage) - but there seems to be a problem with --persistent which I will try and debug inside of openfortivpn and suggest a fix...
Mac OS X Version 15.6.1 (24G90)
# /opt/homebrew/bin/openfortivpn --version 1.23.1I had some real issues and continue to have an issue with the
--persistentoption on mac os xThe persistent option, when it disconnects and reconnects - fails to reconfigure all the routes back. Not sure why that is.
Also with
--no-routes, it doesn't actually stop all routes, particularly thedefaultrouted toppp0- I figured this is mac os x doing it, as i already had a go at trying to use apppdwrapper and builtopenfortivpnwith--with-pppd=/usr/local/bin/pppdwith no successFrom what I could see, the
nodefaultrouteoption is passed from openfortivpn, but still - i end up with a default route to ppp0 ... which causes me issues when connecting with other vpns / networks.This always gets created... Im not sure if anyone else having that issue;
# netstat -rn | grep default |grep ppp0 default link#23 UCSIg ppp0Anyway, I made a bunch of wrapper scripts and ppp
if-up+if-downthat handles thingsGot things to work nicely - except for the
--persistentoption - which seems to be broken.openfortivpndoesn't open the browser--Note:
sudo stat -f "%Su" ~/returns the sudoing user, $SUDO_USER doesnt work on mac.Also I had to use
-vvvvas the debug log is the only place I could find the routes information, inside an XML response from the VPN server. Which I parse and add, dynamically - rather than setting routes statically...i use the
--pppd-ipparamto pass a "session id" from the wrapper, which ensures that the ip-up script uses the correct (most recent) xml routes ...if you are using Mac OS X, with SAML or have trouble with routes,
this may help https://github.com/jseifeddine/openfortivpn-macosx
I prepared the wrapper to save the routes from the initial connection response - to be reused when it disconnects / reconnects (network outage) - but there seems to be a problem with
--persistentwhich I will try and debug inside ofopenfortivpnand suggest a fix...