Auto Connect to VPN on Boot & Login in Mac OS X

Aug 10, 2016 - 38 Comments

Auto connect to a VPN on Mac

If you use a VPN with a Mac for either work or personal reasons, you may wish to have the Mac automatically connect to the VPN service when the Mac is booted or upon login. Or maybe you just want the VPN to automatically reconnect if the connection drops and disconnects. This is easily accomplished with the help of a simple AppleScript, which will both automatically connect to the VPN upon system startup and login, and also check to see if the VPN is active, and reconnect if necessary.


Obviously you’ll need an active VPN service and VPN location setup in Mac OS for this script to work, otherwise the script will have nothing to connect to upon login and system boot. If you do not have or use a VPN (Virtual Private Network), then this trick will be of little use to a particular Mac.

How to Connect to VPN on Boot or Login in Mac OS X, Automatically

This auto-connect VPN script should work on any version of macOS or Mac OS X system software. Essentially what we’re doing is placing a connection script into Login Items so that it loads automatically on system start and user login events:

  1. Open “Script Editor” on the Mac, it is found within the /Applications/Utilities/ folder
  2. Go to the File menu and choose “New”
  3. Copy and paste the following AppleScript syntax into the new blank script editor:
  4. on idle
    tell application "System Events"
    tell current location of network preferences
    set myVPN to the service "VPN NAME"
    if myVPN is not null then
    if current configuration of myVPN is not connected then
    connect myVPN
    end if
    end if
    end tell
    return 60
    end tell
    end idle

  5. Replace “VPN NAME” with the name of the accompanying VPN network location as found in System Preferences Network control panel (you can also change the return number to check the network more or less often, in seconds)
  6. Auto connect VPN script for Mac

  7. Go to the “File” menu again and choose “Save”
  8. Under the ‘File Format’ pulldown menu, choose “Application”
  9. Check the box next to “Stay open”
  10. Save the VPN script as application on Mac

  11. Now choose “Save” and give the VPN script and obvious name (like ‘AutoVPN’) and put it somewhere easy to locate, like the Desktop or users home directory
  12. Next go to the  Apple menu and select “System Preferences” and go to the “Users & Groups” control panel
  13. Choose the active user name, then select “Login Items”
  14. Drag and drop the ‘AutoVPN’ AppleScript application you created into the Login Items section so that it loads automatically on login and system start
  15. auto connect VPN script in login items Mac

Now anytime you reboot the Mac or login after being logged out, the VPN service will connect automatically. Likewise, if the service is disconnected for some reason or another, it will attempt to reconnect to the VPN automatically.

Variations of this handy AppleScript have been around for ages and for a variety of purposes, and while here it demonstrates how to automatically connect to a VPN on login and reconnect to a VPN if it loses connection, it can be adjusted to perform other actions or automatically connect and reconnect to other services, including wi-fi or ethernet networks.

Know of another useful trick to automatically connect to a VPN network on a Mac? Or have a better solution or script? Let us know in the comments.

.

Related articles:

Posted by: Paul Horowitz in Mac OS, Tips & Tricks

38 Comments

» Comments RSS Feed

  1. starlight0901 says:

    It’s just that the system starts. Can the VPN be connected successfully before the user logs in? The VPN protocol used is IKEv2

  2. kevin says:

    This failed on latest update of macOS Catalina today. It used to work before the update.

    • Paddy says:

      Any idea how to use it on Catalina?

      • I have this same issue. MacOS Catalina. I get this error:

        Can’t get «class svce» “VPN Name” of «class locc» of «class netp» of application “System Events”.

        System Events got an error: Can’t get service “VPN Name” of current location of network preferences. (-1728)

    • UPDATE: I found a solution that worked for me:

      The Problem:
      The issue was I got this error.

      =====
      Can’t get «class svce» “MY VPN” of «class locc» of «class netp» of application “System Events”.

      System Events got an error: Can’t get service “My VPN” of current location of network preferences. (-1728)

      =====

      The Reason:
      I am using IKEv2 services. It seems the Apple Script (which I found all over the internet) fails to work with this. You can find details in the link below.

      The solution:
      Timac wrote a script to solve this problem. I simply downloaded the precompiled app here.
      https://blog.timac.org/2018/0719-vpnstatus/

      If you are interested in the source code that makes it work, you can find it on GitHub here: https://github.com/Timac/VPNStatus

      You can also dig deeper into the problem if you are that sort of person on that link. It gives details.

      If you are simply looking for a solution to Auto Connect your VPN, the VPNstatus app worked for me.

  3. TS says:

    Hello,

    This is a fantastic program but we want the opposite way of working. Now your always connect and you can choose for a pause of x time.
    What we looking for is the same program where the user can choose how long he want to connect. 10 minutes, 1 till 8 hours. We work with people in an other country and the make a VPN connection. The standard Apple time is 1 hour. So we want that they can choose till max 8 hours. Because if you configure ‘Always connect’ security wise we find this not idle. Therefore the user has to choose the many hours connections time. Is this possible ? Thx

  4. Steve says:

    The NordVPN client for Mac & other platforms has checkboxes for “Auto-connect on launch [of the client]” and “Auto-connect when computer starts”

  5. Evgenii says:

    How to connect to vpn with auth ?

  6. Rohit says:

    Thanks WORKED Simply

  7. Scott says:

    One has to ask, why is this not built into the OS? Jesus apple, get your stuff together.

  8. Anas says:

    I am getting this error

    error “System Events got an error: Can’t get current configuration of service id \”138153F8-4578-4C84-A9D6-0E64112566D9\” of network preferences.” number -1728 from current configuration of service id “138153F8-4578-4C84-A9D6-0E64112566D9” of network preferences

    Why is that?!

  9. amandeep.sadioura says:

    Hi All,
    Below script will work on High Sierra:

    delay 15 –time in seconds
    set ethernet to do shell script “ipconfig getifaddr en0; exit 0”
    if ethernet is not “” then
    set mySSID to do shell script “/System/Library/PrivateFrameworks/Apple80211.framework/Versions/Current/Resources/airport -I | awk ‘/ SSID/ {print substr($0, index($0, $2))}'”
    if ((mySSID as string) is not equal to “Your SSID”) then
    set vpnServiceName to “Your VPN Name”
    set status to do shell script “scutil –nc status \”” & vpnServiceName & “\” | sed -n 1p”
    if status is “Disconnected” then
    do shell script “scutil –nc start \”” & vpnServiceName & “\””
    end if
    end if
    return 120
    else
    display alert “Please connect to internet and start VPN manually”
    end if

    Please enter the “Your SSID” that you don’t need to have VPN and “Your VPN Name” that you need to connect by checking the exact name in Network preferences.
    Thanks

    Amandeep

  10. Matt says:

    I made a new script from scratch for connecting IKEv2/IPSEC VPN’s, which cannot be connected using this older script. http://matt.coneybeare.me/how-to-setup-an-auto-reconnect-script-for-an-ikev2-vpn-service-on-your-mac/

  11. Michael Illingby says:

    is there a way that this can be modified to only start the vpn if connected to a network NOT specified?

    meaning if home network is “homeNet” and work network is “workNet” and I connect to one of those, then NO vpn, but if I connect to something other than those two then the vpn would be started?

    my vpn isn’t terribly fast, but its secure so id only like to use it when on a “public” wifi.

    is this doable? I would love a script to do that!

    Running macOS Sierra 10.12.4 (16E195) fyi

    thanks in advance if you can help

  12. Louis LIETAER says:

    this one works on Sierra.

    on idle
    set vpn_name to “‘cloud.lietaer.net'”
    tell application “System Events”
    set rc to do shell script “scutil –nc status ” & vpn_name
    if rc starts with “Disconnected” then
    do shell script “scutil –nc start ” & vpn_name
    end if
    end tell
    return 10
    end idle

  13. On mac os X Sierra
    you just have to delete the line ‘on idle’ and ‘end idle’

    after that the script works again !! :)

    try it

    tell application “System Events”
    tell current location of network preferences
    set VPN to the service “VPN”
    if VPN is not null then
    if current configuration of VPN is not connected then
    connect VPN
    end if
    end if
    end tell
    return 120
    end tell

  14. OSX2017 says:

    Thanks for this script!

    Is it possible to build a kill switch in the script and can you show it how you must do that…

  15. Botte says:

    Hello,

    this script does not work in macOS sierra. I get the following error message:

    „«class cnfg» of «class svce» id “31D3545C-9165-455E-ADA2-365D3CCDBE74” of «class netp» of application “System Events”“ kann nicht gelesen werden.

    „System Events“ hat einen Fehler erhalten: „current configuration of service id “31D3545C-9165-455E-ADA2-365D3CCDBE74” of network preferences“ kann nicht gelesen werden. (-1728)

    Anybody has the same and knows a solution?

    Thanks

    • Wong says:

      VPN works fine in macOS Sierra and so does System Events, it’s a system level process on Mac, perhaps your issue is that it looks German when the guidelines are in English.

  16. olmo47 says:

    hey I like to submit the two small clips to show you my error?

    how could attach a two small clips?

    thanks

  17. olmo47 says:

    OK, the first try didn’t work.

    I follow your instruction, “but” AirVPN didn’t start, I had to manually open it and sing to a screen before it opens.

    Any suggestions are welcome ?

    thanks

  18. olmo47 says:

    thanks.

    I was wondering how my VPN didn’t connect on booting, and I have check mark on is preferences, will try to see if this will do the job.

    I am not familiar with ‘script’ but like to learn more.

    thanks

  19. Turquoise says:

    Thanks for the tip, but I’m already stuck at step 4. Where can I see my VPN name in the network pref panel? I browsed thru any of the tabs and found nothing although my VPN is currently active. There’s nothing in my network pref panel signalling a VPN is turned on. Is it because the VPN I use is launched by a separate app?

    Thanks.

  20. RG says:

    @Paul…Thank you Sir

  21. RG says:

    Never worked with scripts. Are the quotes used in a real script?

    • Paul says:

      Good question, yes, the quotes go around the network location name and System Events.

      When pasted into Script Editor, it should look like this:

      http://cdn.osxdaily.com/wp-content/uploads/2016/08/connect-vpn-applescript-mac.jpg

      For example, if the VPN is called ChocolateVPN it would be:

      on idle
      tell application "System Events"
      tell current location of network preferences
      set myVPN to the service "ChocolateVPN"
      if myVPN is not null then
      if current configuration of myVPN is not connected then
      connect myVPN
      end if
      end if
      end tell
      return 60
      end tell
      end idle

      The quotes go around the items in macOS that AppleScript interacts with.

  22. Pole says:

    Thank you for this script

    for anonymity reasons it would be fine to change every xx minutes the server country or the ip

    can anyone can write a script doing that ?

    thanks

  23. Pole says:

    Thank you for this script

    for anonymity reasons it would be fine to change every xx minutes to change server or ip

    can anyone can write a script doing that ?

    thanks

    • Paul says:

      Many VPN services assign a new or different IP with each established connection, so perhaps the easiest way to accomplish a continuously changing IP address would be to disconnect and reconnect the VPN. You’d want to do this manually though since when the VPN is disconnected, the true IP would be exposed to any online services while active.

      There may be another better way that I am not thinking of at the moment. Of course, using TOR would be another option to be anonymous.

      • Pole says:

        Thank you , i know that, but with the killswitch option often avaliable with many provider, it do so, safely, so i repaet my question about to add that option disconnect/reconnect vpn is possible ?

        best regards

  24. Hamza Sheikh says:

    This works awesome. I am totally new to Apple Scripts. Lately, I was experimenting some Photoshop Apple Scripts to automate some of my work. It’s good.

  25. Chad says:

    I have had this similar script handy for ages:

    ***
    tell application “System Events”
    tell current location of network preferences
    set VPNservice to service “VPN Location”
    if exists VPNservice then connect VPNservice
    end tell
    end tell
    ***

    • JBRodrick says:

      I like this one, it is shorter.

      If you add “return 120” it should check every two minutes for the connection right?

Leave a Reply

 

Shop on Amazon.com and help support OSXDaily!

Subscribe to OSXDaily

Subscribe to RSS Subscribe to Twitter Feed Follow on Facebook Subscribe to eMail Updates

Tips & Tricks

News

iPhone / iPad

Mac

Troubleshooting

Shop on Amazon to help support this site