AnyConnect OnConnect scripts

hounshamp
Conversationalist

AnyConnect OnConnect scripts

Has anyone successfully got the AnyConnect OnConnect scripts working on a Meraki MX? 

 

The following states that Run script on connect and disconnect is supported however I cannot find any documentation to support this on an MX.

 

https://documentation.meraki.com/MX/AnyConnect_on_the_MX_Appliance/AnyConnect_on_ASA_vs._MX

 

I am going to assume the file name is scripts_OnConnect_myscript.bat and you would upload this where the profile is uploaded.

 

Any real world experience appreciated.

6 REPLIES 6
Inderdeep
Kind of a big deal
Kind of a big deal

@ : Everything is here for Anyconnect on MX

https://documentation.meraki.com/MX/AnyConnect_on_the_MX_Appliance 

Regards/Inder
Cisco IT Blogs awarded in 2020 & 2021
www.thenetworkdna.com

Thanks but that doesn't cover anything about running scripts on login. 

 

Looking for real world experience rather than the useless Meraki how-to guides.

PhilipDAth
Kind of a big deal
Kind of a big deal

I don't know the answer, but check out this section of the AnyConnect manual.  Note that this has nothing to do with Meraki.  This is an AnyConnect function.

https://www.cisco.com/c/en/us/td/docs/security/vpn_client/anyconnect/anyconnect40/administration/gui... 

JH7
New here

I was testing out OnConnect script as well (like OnConnect.bat as stated in the manual). Also, placed the script into here: %ALLUSERSPROFILE%\Cisco\Cisco AnyConnect Secure Mobility Client\Script

I've been having issue with script not executing at all. I ran my script manually and it worked.

Let me know if anyone can get it to run successfully. Appreciate it!

hounshamp
Conversationalist

Yes got it working. So created a batch file called OnConnect_login.bat and saved it to %ALLUSERSPROFILE%\Cisco\Cisco AnyConnect Secure Mobility Client\Script

 

Basically anything starting with OnConnect will be executed from the directory if the run script option is enabled in the profile - Profile Editor / Preferences (Part 2) / Enable Scripting.

 

I uploaded the new profile to the AnyConnect section on the dashboard so it will be pulled down when the users connect next.

 

In my batch file I had the following calling the logon.bat from the logon server.

--------------------------------------------------

@echo off
rem logon script for AnyConnect users
call %logonserver%\netlogon\logon.bat

--------------------------------------------------

Excellent! Thank you for your help! The only thing i was missing is i didn't upload the profile to AnyConnect section on the dashboard.

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels