Shrewsoft VPN Client connection automated

I’m lucky enough to have an unlocked Fritz!Box as a DSL router provided by Sunrise at home. Recently, I have setup an office in a different building, and I wanted to have an easy way to connect my small Windows 10 NUC as a Squeezebox server (or Logitech Media Server) from my office to my home.

This requires a VPN server somewhere, and a VPN client somewhere else. The struggle starts. Long story short, I finally setup the VPN server on the Fritz!Box. It’s easy: Just create a user with a password, and set it as “Remote Access”. You will then get the details for the connection.

Unfortunately, Windows 10 is unable to make IKE v1 transactions therefore it’s not possible to use the embedded VPN client. Fritz was providing a client for Windows up to 8. Seems things changed for Windows 10 and now they recommend using Shrewsoft VPN client which I confirm works fine. However, if you want the connection to start automatically at boot and reconnect when the connection is lost, there are none of these features in the GUI. So here is a batch script which will do exactly that. Just create adapt to your folders, and create a “run at session start” task in the scheduler. I had to ask windows to log me in automatically to have this work. Beware. It may be possible to make it work without a session, but this would require more digging.

The script below does the following. Yes, having twice the same loop is voluntary. I try only twice to connect. If twice the connection fails, I give up and log an error in the C:\vpn.txt file (which get deleted at boot by the way).

The script will create a log file in C:\vpn.txt. Make your choices, you can put it somewhere else if you wish.

[14.03.2020, 20:55:02,51] VPN Client is not running. Starting connection.
[14.03.2020, 20:55:07,31] No connection. Connecting...
[14.03.2020, 20:55:07,32] Waiting 5 seconds for negotiation
[14.03.2020, 20:55:12,31] Connection not established. Waiting 5 more seconds
[14.03.2020, 20:55:12,42] Connection established
[14.03.2020, 21:48:23,81] No connection. Connecting...
[14.03.2020, 21:48:23,94] Waiting 5 seconds for negotiation
[14.03.2020, 21:48:28,81] Connection not established. Waiting 5 more seconds
[14.03.2020, 21:48:28,92] Connection established
[15.03.2020,  0:44:45,83] No connection. Connecting...
[15.03.2020,  0:44:45,94] Waiting 5 seconds for negotiation
[15.03.2020,  0:44:50,83] Connection not established. Waiting 5 more seconds
[15.03.2020,  0:44:50,94] Connection established
[15.03.2020,  3:57:07,84] No connection. Connecting...
[15.03.2020,  3:57:07,95] Waiting 5 seconds for negotiation
[15.03.2020,  3:57:12,85] Connection not established. Waiting 5 more seconds
[15.03.2020,  3:57:12,98] Connection established
[15.03.2020, 11:57:49,84] No connection. Connecting...
[15.03.2020, 11:57:49,96] Waiting 5 seconds for negotiation
[15.03.2020, 11:57:54,85] Connection not established. Waiting 5 more seconds
[15.03.2020, 11:57:54,94] Connection established

And anything in this script can be changed to your needs or willing obviously.

@echo off

del C:\vpn.txt

:START
TIMEOUT /T 1 /NOBREAK > nul
  CALL :CHECKRUNNING
  if %ERRORLEVEL == 1 (
  echo [%date%, %time%] VPN Client is not running. Starting connection. >> C:\vpn.txt
  )

  CALL :CHECKCONN
  if %errorlevel% == 1 (
    echo [%date%, %time%] No connection. Connecting... >> C:\vpn.txt    
    CALL :CONNECT
  )
  goto :START


:CHECKRUNNING
  tasklist /FI "IMAGENAME eq ipsecc.exe" | find /I /N "ipsecc.exe" 2>NUL | find /I /N "ipsecc.exe">NUL
  if %ERRORLEVEL% == 1 (
  exit /b 1
  ) else (
  set running=ok
  exit /b 0
  ) 
  EXIT /B

:CHECKCONN
  ping 172.30.47.1 -n 1 -w 5000 > nul
  if %ERRORLEVEL% == 0 (   
    exit /B 0
    ) else (
    exit /B 1
    ) 
  exit /b 0

:CONNECT
  if "%running%"=="ok" start /WAIT taskkill /f /im "ipsecc.exe"
  start ipsecc.exe -r fritz -u  -p  -a
  echo [%date%, %time%] Waiting 5 seconds for negotiation >> C:\vpn.txt

  CALL :CHECKCONN

  if %ERRORLEVEL% == 0 (
    echo [%date%, %time%] Connection established >> C:\vpn.txt
    exit /B 0
  ) else (
    echo [%date%, %time%] Connection not established. Waiting 5 more seconds >> C:\vpn.txt
  )

  CALL :CHECKCONN

  if %ERRORLEVEL% == 0 (
    echo [%date%, %time%] Connection established >> C:\vpn.txt
    exit /B 0
  ) else (
    echo [%date%, %time%] Connection failed. Exiting >> C:\vpn.txt    
    exit /B 1 
  )
  EXIT /B 1

:EOF 
exit /B

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.