Running a login script when connecting to VPN with Cisco client 4.8.01.0300
Hi,
We have recently change our firewall from a Sonicwall to Cisco device and as such the VPN end point has changed, as has the client in use.
We used to use the SonicWall GlobalVPN Client which had a setting to allow a domain login script to be run after connecting. Now with the Cisco client there doesn't seem to be the same sort of setting, and I am wondering if there is something in there that will allow us to run the login script. Alternatively just wanting to know what others do to maintain some level of simplicity for the user.
Anyway if anyone can suggest it would be appreciated, and if there is a setting in the Cisco client to allow a login script to run after logging in I would be glad to know.
Thanks
We have recently change our firewall from a Sonicwall to Cisco device and as such the VPN end point has changed, as has the client in use.
We used to use the SonicWall GlobalVPN Client which had a setting to allow a domain login script to be run after connecting. Now with the Cisco client there doesn't seem to be the same sort of setting, and I am wondering if there is something in there that will allow us to run the login script. Alternatively just wanting to know what others do to maintain some level of simplicity for the user.
Anyway if anyone can suggest it would be appreciated, and if there is a setting in the Cisco client to allow a login script to run after logging in I would be glad to know.
Thanks
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Yeah I had been thinking about a copy of the login script or a shortcut to the login script on the desktop, but was hoping to not have to do it this way. Users tend to manage to delete them, and I was hoping there might be a better way.
With relation to the group policy "Always wait for the network at computer startup and logon", this works well when connecting to wireless networks when a domain controller is available - when connecting via VPN your already logged in, and we need to initiate a connection to a domain controller to run the login script.
With relation to the group policy "Always wait for the network at computer startup and logon", this works well when connecting to wireless networks when a domain controller is available - when connecting via VPN your already logged in, and we need to initiate a connection to a domain controller to run the login script.
Regarding the Cisco VPN, there is no setting for "run logon script after vpn".
If you want network connectivity at logon for your VPN clients, then you should use the "Start Before Logon" components of the VPN client. This option lets the VPN client startup and connect before you use CTRL+ALT+DEL to logon, thus ensuing you have a network connection and can logon the right way and run your scripts, just as it you were on the physical LAN.
If you don't want to use SBL, then your only other option is to use the "Run command on connect" and keep a copy of the script on the local PC. Or, have the user run it manually.
If you want network connectivity at logon for your VPN clients, then you should use the "Start Before Logon" components of the VPN client. This option lets the VPN client startup and connect before you use CTRL+ALT+DEL to logon, thus ensuing you have a network connection and can logon the right way and run your scripts, just as it you were on the physical LAN.
If you don't want to use SBL, then your only other option is to use the "Run command on connect" and keep a copy of the script on the local PC. Or, have the user run it manually.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
This Logon is written with the Tool Kixtart (http://www.kixtart.org) for DomainLogon
That cmd ist Local on the Client, with the connection call the Script on the LogonServer
CiscoLogin.cmd...
@ECHO OFF
"%ProgramFiles%\cisco systems\vpn client\vpnclient.exe" connect sd <input hier the name of Profile without Extension>
if %errorlevel% neq 200 goto failed
%windir%\kix32.exe \\Servername\netlogon\_Cis
goto end
:failed
@echo.
@echo.
@echo failed to connect with error = %errorlevel%
@echo.
pause
:end
That cmd ist Local on the Client, with the connection call the Script on the LogonServer
CiscoLogin.cmd...
@ECHO OFF
"%ProgramFiles%\cisco systems\vpn client\vpnclient.exe" connect sd <input hier the name of Profile without Extension>
if %errorlevel% neq 200 goto failed
%windir%\kix32.exe \\Servername\netlogon\_Cis
goto end
:failed
@echo.
@echo.
@echo failed to connect with error = %errorlevel%
@echo.
pause
:end
http://www.boyce.us/gp/gpcontent.asp?ID=39