Linux cli client
Mezzano
Newbie ✭
in VPN Client
Hello everyone,
I'm currently exploring options for connecting to a SonicWall NSA 4600 firewall device via the command line in Linux. I've been searching for a command or utility that would allow me to establish this connection without the need for a GUI interface.
Could anyone in the community share their experience or provide insights into whether such a command-line tool exists for this purpose?
Thank you!
Tanguy
Category: VPN Client
Tagged:
0
Answers
@Mezzano are you talking about a text-gui (curses based) or api-wrapper-command or just a simple CLI? If it's the latter why not connecting via SSH to the appliance?
Probably not every aspect is configurable via CLI.
--Michael@BWC
Hello Michael,
Thank you for your response.
I apologize for any confusion. To clarify, I'm specifically looking for a method to establish a connection to a SonicWall VPN (not the firewall) using the command line interface (CLI) on Linux, rather than relying on SonicWall NetExtender or similar GUI-based tools.
Thank you for your help,
Tanguy
@Mezzano sadly NetExtender for Linux does not support CLI (at least that is what is documented), so you're stuck with a GUI.
But did you had a look at this (use at your own risk):
--Michael@BWC
It works absolutely fine from the CLI, been using it for years.
netExtender --help
NetExtender for Linux - Version 10.2.817
Copyright (c) 2020 SonicWall
Usage: netExtender [OPTIONS] [server[:port]]
-u, --username=USERNAME
-p, --password=PASSWORD
-d, --domain=DOMAIN
-t, --timeout Login timeout in seconds (default is 30 sec)
-e, --cipher=CIPHER SSL cipher to use
-C, --cipher-list Display list of available SSL ciphers and exit
-m, --no-routes Disable installation of remote routes
(testing option, not recommended for normal use)
-M, --mtu=MTU Specify MTU size in bytes
-s, --ppp-sync Select sync PPP mode
-a, --ppp-async Select async PPP mode
--auto-reconnect Automatically reconnect in case of failure
--no-reconnect Do not reconnect in case of failure
--dns-prefer-remote Try remote DNS first, then try local DNS
--dns-only-remote Only use remote DNS servers
--dns-only-local Only use local DNS servers
-r, --diag=FILENAME Generate a diagnostic report and exit
-v, --version Display full NetExtender version information and exit
-V, --version-num Display NetExtender version number and exit
-h, --help Display this usage information
server Specify the SSL VPN or UTM device either in
fully-qualified domain name (FQDN) or IP address
The default port for server is 443 if not specified.
Example:
netExtender -u u1 -p p1 -d LocalDomain sslvpn.company.com
@Arkwright for the win, documentation says otherwise, glad to be proven wrong.
The NetExtender command line interface is only available on Windows platforms.
--Michael@BWC
Confusingly, "Command Line Interface" is actually part of the name of the tool. The linux version seems to be a different implementation with different options. So, the documentation is technically correct in that the specific bit of software called "NetExtender Command Line Interface" [NECLI] isn't available on Linux. But there is a CLI version of NetExtender shipped with the linux installer, so if you want to use Netextender from the command line interface on linux, you'll be fine.
Hopefully this discussion will help anybody googling this in future!