Auto Connect to VPN on Boot & Login in Mac OS X
If you use a VPN with a Mac for either work or personal reasons, you may wish to have the Mac automatically connect to the VPN service when the Mac is booted or upon login. Or maybe you just want the VPN to automatically reconnect if the connection drops and disconnects. This is easily accomplished with the help of a simple AppleScript, which will both automatically connect to the VPN upon system startup and login, and also check to see if the VPN is active, and reconnect if necessary.
Obviously you’ll need an active VPN service and VPN location setup in Mac OS for this script to work, otherwise the script will have nothing to connect to upon login and system boot. If you do not have or use a VPN (Virtual Private Network), then this trick will be of little use to a particular Mac.
How to Connect to VPN on Boot or Login in Mac OS X, Automatically
This auto-connect VPN script should work on any version of macOS or Mac OS X system software. Essentially what we’re doing is placing a connection script into Login Items so that it loads automatically on system start and user login events:
- Open “Script Editor” on the Mac, it is found within the /Applications/Utilities/ folder
- Go to the File menu and choose “New”
- Copy and paste the following AppleScript syntax into the new blank script editor:
- Replace “VPN NAME” with the name of the accompanying VPN network location as found in System Preferences Network control panel (you can also change the return number to check the network more or less often, in seconds)
- Go to the “File” menu again and choose “Save”
- Under the ‘File Format’ pulldown menu, choose “Application”
- Check the box next to “Stay open”
- Now choose “Save” and give the VPN script and obvious name (like ‘AutoVPN’) and put it somewhere easy to locate, like the Desktop or users home directory
- Next go to the Apple menu and select “System Preferences” and go to the “Users & Groups” control panel
- Choose the active user name, then select “Login Items”
- Drag and drop the ‘AutoVPN’ AppleScript application you created into the Login Items section so that it loads automatically on login and system start
on idle
tell application "System Events"
tell current location of network preferences
set myVPN to the service "VPN NAME"
if myVPN is not null then
if current configuration of myVPN is not connected then
connect myVPN
end if
end if
end tell
return 60
end tell
end idle
Now anytime you reboot the Mac or login after being logged out, the VPN service will connect automatically. Likewise, if the service is disconnected for some reason or another, it will attempt to reconnect to the VPN automatically.
Variations of this handy AppleScript have been around for ages and for a variety of purposes, and while here it demonstrates how to automatically connect to a VPN on login and reconnect to a VPN if it loses connection, it can be adjusted to perform other actions or automatically connect and reconnect to other services, including wi-fi or ethernet networks.
Know of another useful trick to automatically connect to a VPN network on a Mac? Or have a better solution or script? Let us know in the comments.
It’s just that the system starts. Can the VPN be connected successfully before the user logs in? The VPN protocol used is IKEv2
This failed on latest update of macOS Catalina today. It used to work before the update.
Any idea how to use it on Catalina?
I have this same issue. MacOS Catalina. I get this error:
Can’t get «class svce» “VPN Name” of «class locc» of «class netp» of application “System Events”.
System Events got an error: Can’t get service “VPN Name” of current location of network preferences. (-1728)
UPDATE: I found a solution that worked for me:
The Problem:
The issue was I got this error.
=====
Can’t get «class svce» “MY VPN” of «class locc» of «class netp» of application “System Events”.
System Events got an error: Can’t get service “My VPN” of current location of network preferences. (-1728)
=====
The Reason:
I am using IKEv2 services. It seems the Apple Script (which I found all over the internet) fails to work with this. You can find details in the link below.
The solution:
Timac wrote a script to solve this problem. I simply downloaded the precompiled app here.
https://blog.timac.org/2018/0719-vpnstatus/
If you are interested in the source code that makes it work, you can find it on GitHub here: https://github.com/Timac/VPNStatus
You can also dig deeper into the problem if you are that sort of person on that link. It gives details.
If you are simply looking for a solution to Auto Connect your VPN, the VPNstatus app worked for me.
Hello,
This is a fantastic program but we want the opposite way of working. Now your always connect and you can choose for a pause of x time.
What we looking for is the same program where the user can choose how long he want to connect. 10 minutes, 1 till 8 hours. We work with people in an other country and the make a VPN connection. The standard Apple time is 1 hour. So we want that they can choose till max 8 hours. Because if you configure ‘Always connect’ security wise we find this not idle. Therefore the user has to choose the many hours connections time. Is this possible ? Thx
Cant get this script to work in High Sierra
The NordVPN client for Mac & other platforms has checkboxes for “Auto-connect on launch [of the client]” and “Auto-connect when computer starts”
How to connect to vpn with auth ?
Thanks WORKED Simply
One has to ask, why is this not built into the OS? Jesus apple, get your stuff together.
I am getting this error
error “System Events got an error: Can’t get current configuration of service id \”138153F8-4578-4C84-A9D6-0E64112566D9\” of network preferences.” number -1728 from current configuration of service id “138153F8-4578-4C84-A9D6-0E64112566D9” of network preferences
Why is that?!
Hi All,
Below script will work on High Sierra:
delay 15 –time in seconds
set ethernet to do shell script “ipconfig getifaddr en0; exit 0”
if ethernet is not “” then
set mySSID to do shell script “/System/Library/PrivateFrameworks/Apple80211.framework/Versions/Current/Resources/airport -I | awk ‘/ SSID/ {print substr($0, index($0, $2))}'”
if ((mySSID as string) is not equal to “Your SSID”) then
set vpnServiceName to “Your VPN Name”
set status to do shell script “scutil –nc status \”” & vpnServiceName & “\” | sed -n 1p”
if status is “Disconnected” then
do shell script “scutil –nc start \”” & vpnServiceName & “\””
end if
end if
return 120
else
display alert “Please connect to internet and start VPN manually”
end if
Please enter the “Your SSID” that you don’t need to have VPN and “Your VPN Name” that you need to connect by checking the exact name in Network preferences.
Thanks
Amandeep
“Please enter the “Your SSID” that you don’t need”
What does this mean?
I made a new script from scratch for connecting IKEv2/IPSEC VPN’s, which cannot be connected using this older script. http://matt.coneybeare.me/how-to-setup-an-auto-reconnect-script-for-an-ikev2-vpn-service-on-your-mac/
is there a way that this can be modified to only start the vpn if connected to a network NOT specified?
meaning if home network is “homeNet” and work network is “workNet” and I connect to one of those, then NO vpn, but if I connect to something other than those two then the vpn would be started?
my vpn isn’t terribly fast, but its secure so id only like to use it when on a “public” wifi.
is this doable? I would love a script to do that!
Running macOS Sierra 10.12.4 (16E195) fyi
thanks in advance if you can help
this one works on Sierra.
on idle
set vpn_name to “‘cloud.lietaer.net'”
tell application “System Events”
set rc to do shell script “scutil –nc status ” & vpn_name
if rc starts with “Disconnected” then
do shell script “scutil –nc start ” & vpn_name
end if
end tell
return 10
end idle
I think that you missed a “-” in the shell script command, eg. “scutil –nc status “, right?
Yes —
On mac os X Sierra
you just have to delete the line ‘on idle’ and ‘end idle’
after that the script works again !! :)
try it
tell application “System Events”
tell current location of network preferences
set VPN to the service “VPN”
if VPN is not null then
if current configuration of VPN is not connected then
connect VPN
end if
end if
end tell
return 120
end tell
Thanks for this script!
Is it possible to build a kill switch in the script and can you show it how you must do that…
Hello,
this script does not work in macOS sierra. I get the following error message:
„«class cnfg» of «class svce» id “31D3545C-9165-455E-ADA2-365D3CCDBE74” of «class netp» of application “System Events”“ kann nicht gelesen werden.
„System Events“ hat einen Fehler erhalten: „current configuration of service id “31D3545C-9165-455E-ADA2-365D3CCDBE74” of network preferences“ kann nicht gelesen werden. (-1728)
Anybody has the same and knows a solution?
Thanks
VPN works fine in macOS Sierra and so does System Events, it’s a system level process on Mac, perhaps your issue is that it looks German when the guidelines are in English.
hey I like to submit the two small clips to show you my error?
how could attach a two small clips?
thanks
OK, the first try didn’t work.
I follow your instruction, “but” AirVPN didn’t start, I had to manually open it and sing to a screen before it opens.
Any suggestions are welcome ?
thanks
thanks.
I was wondering how my VPN didn’t connect on booting, and I have check mark on is preferences, will try to see if this will do the job.
I am not familiar with ‘script’ but like to learn more.
thanks
Thanks for the tip, but I’m already stuck at step 4. Where can I see my VPN name in the network pref panel? I browsed thru any of the tabs and found nothing although my VPN is currently active. There’s nothing in my network pref panel signalling a VPN is turned on. Is it because the VPN I use is launched by a separate app?
Thanks.
@Paul…Thank you Sir
Never worked with scripts. Are the quotes used in a real script?
Good question, yes, the quotes go around the network location name and System Events.
When pasted into Script Editor, it should look like this:
http://cdn.osxdaily.com/wp-content/uploads/2016/08/connect-vpn-applescript-mac.jpg
For example, if the VPN is called ChocolateVPN it would be:
on idletell application "System Events"
tell current location of network preferences
set myVPN to the service "ChocolateVPN"
if myVPN is not null then
if current configuration of myVPN is not connected then
connect myVPN
end if
end if
end tell
return 60
end tell
end idle
The quotes go around the items in macOS that AppleScript interacts with.
Hi,
On mac os Sierra you just have to remove
“on idle” and “end idle” from the script
It works great !
Thank you for this script
for anonymity reasons it would be fine to change every xx minutes the server country or the ip
can anyone can write a script doing that ?
thanks
Thank you for this script
for anonymity reasons it would be fine to change every xx minutes to change server or ip
can anyone can write a script doing that ?
thanks
Many VPN services assign a new or different IP with each established connection, so perhaps the easiest way to accomplish a continuously changing IP address would be to disconnect and reconnect the VPN. You’d want to do this manually though since when the VPN is disconnected, the true IP would be exposed to any online services while active.
There may be another better way that I am not thinking of at the moment. Of course, using TOR would be another option to be anonymous.
Thank you , i know that, but with the killswitch option often avaliable with many provider, it do so, safely, so i repaet my question about to add that option disconnect/reconnect vpn is possible ?
best regards
This works awesome. I am totally new to Apple Scripts. Lately, I was experimenting some Photoshop Apple Scripts to automate some of my work. It’s good.
I have had this similar script handy for ages:
***
tell application “System Events”
tell current location of network preferences
set VPNservice to service “VPN Location”
if exists VPNservice then connect VPNservice
end tell
end tell
***
I like this one, it is shorter.
If you add “return 120” it should check every two minutes for the connection right?