This project enables a linux host to run Cisco Anyconnect and Traps/Cortex in a docker container. The wrapper script then routes selected network ranges to the VPN. Currently all DNS traffic is sent through the VPN
All configuration is performed in the config/
directory
nameserver 10.200.64.2
search mycompany.com
systemd-resolved
for providing name resolution to local applications (check with systemctl is-active systemd-resolved.service
) create a config/systemd-resolved.template file with the following format:[Resolve]
DNS=10.200.64.2
Domains=mycompany.com ~.
routes=(10.0.0.0/8)
Additional routes are space separated (it is a normal bash array)
config/response.txt
. If present, the commands in this file will be read to work non-interactively. You will also be prompted separately to enter your password, which is then available as $VPN_PASSWORD
in the response file. For example:
connect vpn.mycompany.com
1
vpn-username
$VPN_PASSWORD
y
If you use multi-factor authentication, additional lines in the response file might be required. If the response file contains $VPN_TOTP
, you will be prompted for a "time-based one-time password" (e.g. from Google Authenticator). Example:
connect vpn.mycompany.com
5
vpn-username
$VPN_PASSWORD
$VPN_TOTP
y
This project is for informational use only. Do not use to bypass your company procedures or security policies. Use at your own risk. I can offer no support for this project