Connect Tunnelblick to VPN automatically after wake up

Need: Make sure that VPN is always running except when at work.

Partial solution: Make sure VPN is always running with "connect when computer starts" and using an AppleScript to connect after waking up from sleep. Disconnect manually when at work.

Future: Check the current location (wifi name? IP?) and do not connect when at work.



Tunnelblick config



Select "When computer starts" for the VPN config option "Connect".

(Re)Connect to VPN after wake up from sleep



Wake-up script



Create the AppleScript ~/wake.sh to connect VPN and display a notification about it (OS X 10.9+):


#!/usr/bin/osascript
# Start Tunnelblick VPN after wakeup (run via sleepwatcher)
# See /Users/me/Library/LaunchAgents/de.bernhard-baehr.sleepwatcher-20compatibility.plist

tell application "Tunnelblick" connect "MY_VPN" ## Uncomment v to wait until the connection is establieshed: # get state of first configuration where name = "MY_VPN" # repeat until result = "CONNECTED" # delay 1 # get state of first configuration where name = "MY_VPN" # end repeat end tell

display notification "(See ~/wake.sh)" with title "Tunneblick connecting..."


Running the wake-up script



We will use sleepwatcher, install it f.ex. via brew:

brew install sleepwatcher


And create a launch agent to start it with the wake script, based on the example provided by brew when installing (/usr/local/Cellar/sleepwatcher/2.2/de.bernhard-baehr.sleepwatcher-20compatibility-localuser.plist, renamed and modified) - ~/Library/LaunchAgents/de.bernhard-baehr.sleepwatcher.plist:


...
<!--string>-s ~/.sleep</string-->
<string>-w ~/wake.sh</string>


Testing it



Start the launch agent:

launchctl load ~/Library/LaunchAgents/de.bernhard-baehr.sleepwatcher.plist


Now make your computer sleep, wake it up and see if you get the notification (click on the notification icon if it doesn't show up) and if VPN starts.

Troubleshooting - run the wake.sh manually from the command line (provided that you chmod +x it first).

Resources




Tags: security


Copyright © 2020 Jakub Holý
Powered by Cryogen
Theme by KingMob