In an XP Pro workstation, is there a way to start the native Windows VPN client and open/close a connection from the command line so it can be scripted in a batch file?
4 Answers
Yes, if the VPN connection is called "My VPN" then:
rasdial "My VPN"
will dial the connection. Helpfully it sets errorlevel to the RAS error code if it fails to connect, so your script can detect a connection failure. If you need to supply a username and password instead of using the saved credentials use:
rasdial "My VPN" username password
To disconnect a connection use:
rasdial "My VPN" /disconnect
JR
- 187
- 2
- 8
- 7,756
- 1
- 22
- 34
-
2+1. This is exactly what I am looking for in my build automation scripts. A lot easier than I anticipated. – Joseph Ferris Oct 09 '09 at 17:03
-
FWIW, also works in Vista (as expected) – Scott Isaacs Jan 23 '10 at 14:48
-
1See EM's answer if you're on **Windows 7**. You may need to use `rasphone` if `rasdial` doesn't work for you. – ADTC Mar 16 '15 at 02:26
An alternative that works under Windows 7 (not sure about XP) is:
rasphone -d "My VPN"
This brings up the "dialling" dialog, same as if you double-click on the connection. If you have the username and password saved it automatically dials.
rasdial
did not work for me (on Windows 7):
Verifying username and password...
Remote Access error 691 - The remote connection was denied because the user name
and password combination you provided is not recognized, or the selected authen
tication protocol is not permitted on the remote access server.
If you add empty strings under Windows 7 it works with cached credentials: rasdial "My VPN" "" "" (those are two pairs of double quotes with nothing in between)
-
I couldn't get rasdial to work on Windows 8.1 but this worked perfectly. +1 – Smalltown2k May 03 '14 at 16:54
-
I had to provide explicit credentials to get it to work on Windows 8.1. – Jake Edwards Jan 14 '15 at 06:15
-
I get the same error using `rasdial` with or without the empty strings. `rasphone -d` works. One thing to note is that if you run it from a command line manually, it returns to the command line immediately after executing (the connection connects in parallel). **But** if you place the command in a batch script (`.bat`) file and run the `.bat` file, it works serially - that is, it doesn't return control to the batch until the connection is complete. **The difference could be confusing to a new user testing the command out.** – ADTC Mar 16 '15 at 02:21
-
By using rasphone, a dialog popped up everytime I connect. Is there any way to make it automatic and avoid the dialog to pop up?I see in this thread (http://superuser.com/questions/106506/windows-7-default-vpn-single-click-to-connect) and people said we can go into the option tab of the properties for the VPN connection and uncheck "Prompt for name and password, certificate, etc.". However, I am using Windows 10 and I can't find such option. – Kit Ng Jan 16 '16 at 18:26
Run command-line: Control ncpa.cpl
Network Connections control
In first run, edit My VPN Settings
After setup, edit My VPN Settings
Save credentials
Destination VPN host settings
Silent VPN up settings
VPN networking
VPN TCP advanced
VPN gateway
Advanced network connection
Set priority interface
Set priority interface apply
Set priority network provider
Script Silent-dial.cmd
:
:: - comment in cmd) - REM alternative
:: disabled command output
@echo off
:: Silent dial "My VPN"
@rasphone -d "My VPN"
:: wait 10 sec W2K3 server test
::@SET waitsec=10
::@choice /T %waitsec% /N /D y /M "wait %waitsec% sec"
:: wait 10 sec - alternative - XP .. 7
@ping 127.0.0.1 -n 10 > NUL
:: ********************************************
:: get path
:: set route table
:: run application
:: ********************************************
@ping 127.0.0.1 -n 10 > NUL
:: silent close "My VPN" connection
@rasphone -h "My VPN"
:: END Silent-dial.cmd
Use powershell or WSH.
I have not seen a command line scheme for the client yet. But, that does not mean it cannot be automated in scripts. Here is a two step approach,
- Create the shortcut link for the VPN as is done normally for your VPN users
- Keep it configured with username and password
- Use AutoIt to script only,
- launching the shortcut, and
- pressing ENTER on the VPN login window (which is what a user does when everything is configured)
If I recollect correctly, the code for pressing enter on a window is simply,
Send ("{ENTER}")
Look at the Send command.
You can setup AutoIt on one of your administration machines, get the script working, make and executable for it, and give it to the users. It can then be launched from command line as an executable.
- 7,040
- 2
- 24
- 30