Global VPN Client 4.10 Admin Guide

Using the Global VPN Client CLI

About the Global VPN Client CLI

The SonicWall Global VPN Client can run from the Command Line Interface (CLI). This interface allows for the programmatic or script-based initiation of certain Global VPN Client functions without requiring the user to directly act in the Global VPN Client application. The Global VPN Client CLI enables the setting up of scripts that automatically initiate a secure tunnel anytime a particular application or connection method is started.

The CLI commands require the use of a complete path name to the Global VPN Client application followed by various flags and variable information such as username or password.

CAUTION: Embedding a user’s password directly in a script is a security risk. Anyone who can gain access to the script can read the password to circumvent security. It is recommended that scripts or programmatic dashboards ask for the password before initiating a connection and then clear the variable.

Command Line Options

You can use the following options to perform a variety of Global VPN Client actions from the command line.

/E “Connection Name – Enables the specific connection.
/D “Connection Name – Disables the specific connection.
/Q - Quits a running an instance of the program. Ignored if program is not already running.
/A [filename] - Starts the program and sends all messages to the specified log file. If no log file is specified, the default file name is gvcauto.log. If the program is already running, this option is ignored.
/U “Username - Username to pass to XAUTH. Must be used in conjunction with /E.
/P “Password - Password to pass to XAUTH. Must be used in conjunction with /E.

Command Line Examples

<path>\swgvpnclient - runs/starts application. If application is already running, it does not create another instance.
<path>\swgvpnclient /E <connection name> /U <username> and /P <password> - runs/starts the application and enables the named connection and use the <username> and <password> for user authentication. If you do not include a username and password. the Global VPN Client presents a dialog asking for the information in order to continue.
<path>\swgvpnclient /A <path\filename> - runs/starts the application and enables auto logging of all events to a log file. If the filename is not specified, then the log file is created with the default name <gvcauto.log>. If you want to save the autolog for each Global VPN Client session, you can use the filename option and specify a different filename each time the application is started. If the path is not specified, this file is created in the same directory where the Global VPN Client application is started.