Scroll to navigation

gp-saml-gui(8) System Manager's Manual gp-saml-gui(8)

NAME

gp-saml-gui - login to a GlobalProtect VPN that uses SAML authentication

SYNOPSIS

gp-saml-gui [-h] [--no-verify] [-C COOKIES] [-K] [-p] [-g] [-c CERT]] [--key KEY] [-v] [-q] [-x] [-P] [-S] [-u] [--clientos {Windows,Linux,Mac}] [-f EXTRA] server [--] [openconnect_extra ...]

DESCRIPTION

This is a helper script to allow you to interactively login to a GlobalProtect VPN that uses SAML authentication, so that you can subsequently connect with OpenConnect.

Some GlobalProtect VPNs which use SAML authentication are amenable to automated login, using tools such as openconnect-gp-okta, however interactive login is useful for debugging and is a necessary alternative for some VPNs.

OPTIONS

server Hostname or IP address of GlobalProtect server (portal or gateway)
openconnect_extra Extra arguments to include in output OpenConnect command-line (these should be preceded by -- so that they are not parsed as gp-saml-gui's own options).
--h, --help Show help message and exit
--no-verify Ignore invalid server certificate
-C, --cookies Use and store cookies in this file
-K, --no-cookies Don't use or store cookies at all
-g, --gateway SAML auth to gateway
-p, --portal SAML auth to portal (default)
-v, --verbose Increase verbosity of explanatory output to stderr
-q, --quiet Reduce verbosity to a minimum
-x, --external Launch external browser (for debugging)
-P, --pkexec-openconnect Use PolicyKit (pkexec) to exec openconnect
-S, --sudo-openconnect Use sudo to exec openconnect
-f, --field Extra form field(s) to pass to include in the login query string (e.g. "-f magic-cookie-value=deadbeef01234567")
-c, --cert PEM file containing client certificate (and optionally private key)
--key PEM file containing client private key (if not included in same file as certificate)
-u, --uri Treat server as the complete URI of the SAML entry point, rather than GlobalProtect server
--clientos {Mac,Linux,Windows} clientos value to send

SEE ALSO

openconnect(8)

openconnect-gp-okta (https://github.com/zdave/openconnect-gp-okta)

COPYRIGHT

This manual page is Copyright 2020 Luca Falavigna <dktrkranz@debian.org> and Daniel Lenski <dlenski@gmail.com>. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU General Public License, Version 3 or any later version published by the Free Software Foundation.

2020-12-28 gp-saml-gui