I connect to a work
Virtual Private Network (VPN) from home using a
MacBook Pro
laptop running
OS X El
Capitan (10.11.6) and was curious if there was a way that I could determine
whether the system was connected to the VPN or disconnected from a VPN using a
command-line
interface (CLI), i.e., a
Terminal window, other than by checking the IP address that
external systems see for the system, e.g., by visiting
WhatIsMyIP.com. At
How can I tell if OS X is connected to a VPN network from the command line?,
I found someone suggesting using the
scutil command
scutil --nc list
and
piping
the output to the grep command looking for the word "Connected", i.e.,
scutil --nc list | grep Connected
. However, that didn't work
when I attempted to discern whether the laptop was connected to the VPN via
that method, since the scutil command always produced the following output
whether or not the system was connected to the VPN:
$ scutil --nc list Available network connection services in the current set (*=enabled): $
However, I was able to determine if the system was connected to the VPN by using the method listed in the post by the person who posed the question. I.e., I could use the ifconfig command and count the number of occurences of "utun0," since the count was zero if the system was not connected to the VPN and one if it was connected to the VPN. E.g., if the system was not connected to the VPN, I would see the following output.
$ ifconfig | grep utun0 $ ifconfig | grep -c utun0 0 $
When the system was connected to the VPN, I would see the following output:
$ ifconfig | grep utun0 utun0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1400 $ ifconfig | grep -c utun0 1 $
I.e., when connected to the VPN, I would see "utun0:" followed by
"flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST>" and a
maximum transmission unit (MTU) size of 1,400 bytes.
I could use the scutil command to make the determination, if I used
scutil --nwi
and looked for "utun0" in its output.
E.g., when I wasn't connected to the VPN, I would see the following
output:
$ scutil --nwi Network information (generation 83217872608522) IPv4 network interface information en0 : flags 0x5 (IPv4,DNS) reach 0x00000002 (Reachable) Signature Hash: <data> 0x69483ec13a29ac154aa31dd39b6ec294f5cbe02d generation 82648601556353 REACH : flags 0x00000002 (Reachable) IPv6 network interface information No IPv6 states found REACH : flags 0x00000000 (Not Reachable) Network interfaces: en0 $ scutil --nwi | grep "utun0" $ $ scutil --nwi | grep -c "utun0" 0 $
However, when I was connected to the VPN, I would see the following output:
$ scutil --nwi Network information (generation 8661702448046) IPv4 network interface information utun0 : flags 0x5 (IPv4,DNS) reach 0x00000002 (Reachable) Signature Hash: <empty> generation 8661702448046 en0 : flags 0x5 (IPv4,DNS) reach 0x00000002 (Reachable) Signature Hash: <data> 0x2d4e225ada4dd5b1d9f123b7781d7f6724df49d8 generation 8661702448046 REACH : flags 0x00000002 (Reachable) IPv6 network interface information No IPv6 states found REACH : flags 0x00000000 (Not Reachable) Network interfaces: utun0 en0 $ scutil --nwi | grep -c "utun0" 2 $
So, if I count the number of instances of "utun0" with "grep -c", I will see zero if the VPN connection isn't active and two if it is. Note: those using Back to my Mac may see "utun0" without a VPN connection being active according to an answer posted in response to the question Who creates utun0 adapter?. The respondent noted:
utun0 is created by macOS for VPN and Back to My Mac, regardless of whether these features are enabled. This is not indicative of any unwanted application being installed; utun0 is expected on macOS Sierra and later.
In my case macOS Sierra (version 10.12) is a later version of the operating system what is on the corporate laptop I'm using.
Related Articles: