I recently needed to figure out how to make a Windows XP machine connect to a particular VPN automatically on reboot, before anyone logged into the machine. I eventually managed to assemble bits and pieces of information floating around the net into a working solution to the problem, but it wasn’t completely addressed in any single location, so I thought I’d stick the details in my blog for other people to Google and use (if you found this blog entry useful, please add a comment and let me know!).
The first thing I tried was to look for a property I could set on the VPN network connection to tell Windows that I wanted this connection to start automatically when the machine boots. I couldn’t find one; I doubt there is one.
After that, I considered setting the “Set as Default Connection” checkbox for the connection, but I couldn’t find any documentation of exactly what that would do, and I was worried that another user of the machine might muck with that setting, perhaps with good reason.
All I could think of at this point was to write a batch file that would start the VPN and then tell Windows to run that batch file on reboot.
The key to the first part, starting a VPN from a batch file, is a Windows command-line tool called “rasdial”. If you run “rasdial connection-name username password” from the command line or a batch file, the specified connection will be started with the specified username and password. Dandy!
The key to the second part, getting Windows XP to run a batch file during reboot, is a utility called AutoExnt that Microsoft distributes for free but doesn’t include with Windows. The utility is described at http://support.microsoft.com/kb/243486/en-us, and although that article doesn’t mention Windows XP, it works just fine for XP as well. You can download it from http://download.microsoft.com/ by searching for “Windows Server 2003 Resource Kit Tools”, which may or may not still be available at http://www.microsoft.com/downloads/details.aspx?FamilyID=9d467a69-57ff-4ae7-96ee-b18c4790cffd when you read this blog entry. This should give you a file called rktools.exe, which when executed will install the tools on your hard disk, including the three files you need which are mentioned in the KB article referenced above.
With this knowledge in hand, here’s what you do to start a VPN when the machine boots:
- Put “rasdial connection-name username password” in the file c:\windows\system32\autoexnt.bat which you create.
- Copy the files autoexnt.exe, servmess.dll, and instexnt.exe from the resource kit tools folder you unpacked from the download mentioned above into c:\windows\system32.
- Run “instexnt install”.
Pingback: starting VPN connection before user login | DareIT
great tip, google is the biz
well done on pulling this together
Ha! Finally, the answer I’ve been looking for that actually works. Thanks a ton jik!
Thanks a million!
I used this to auto-redial lost VPN connection. What? I have an application that monitors (pings across) a VPN link over which important data passes. The application allows the option to “call” a batch file as “action” to take if connectivity lost is detected.
I pointed the action to a batch file containing the rasdial script in this blog. After 5minutes of lost connectivity, my ping application invokes the batch file and VPN is restored again!
This is just what I needed, thank you a million!
You mentioned that you have an application that monitors for the VPN connection to get lost and then runs the batch to reconnect. Any info you can provide on that application?
I am trying to find a program I can run, either as a scheduled task or automatically when connection is lost, that will log me back into my VPN connection through Cisco. I loose the connections after a certain number of hours and need it to auto log me back in.
That starts the VPN when a user logs in. The solution posted above is to start the VPN when Windows starts up. The article at that link claims that it starts the VPN when Windows starts up, but it really doesn’t.
Awesome. Little tinkering to suit my needs but did the job. Bravo.
Found it and Happy Me!
Remote Access error 718 – The connection was terminated because the re
ter did not respond in a timely manner. For further assistance, click
or search Help and Support Center for this error number.
For more help on this error:
Type ‘hh netcfg.chm’
In help, click Troubleshooting, then Error Messages, then 718
but the server and username and password is working … where is the problem ??? Pls HELP ..F1 F1F1F1F1F1F1F1F1F1F1F1
Maybe your internet connection isn’t up yet when the script runs at boot time?
See the comment below for a more elaborate script which handles that possibility.
Well you can actually simplify it, by using built in windows task scheduler (has an option: when system starts), and instead of using ping to delay you can use sleep.
would wait 30 seconds before continuing executing the batch file.
An improved batch file would be:
ping http://www.google.com -n 1 || goto Loop
“C:\windows\system32\rasdial.exe VPN-CONNECTION-NAME” && goto Connected || goto Failed
echo Connection failed on %date% %time% > c:\vpnlog.txt
echo Connection completed on %date% %time% > c:\vpnlog.txt
That script would wait 30 seconds after execution, and then will keep pinging google until a good response is received. After the response is received (that will mean that you now have internet) will attempt to dial, if successful will log the output to c:\vpnlog.txt, if failed will log the output and will reattempt after 120 seconds. Beware to set under “settings” in the scheduled task to stop the task if it hasn’t finished after… 1 hour.
Hope this is useful! cheers.
Very helpful, thank you very much!
Thanks this works great!
Works great! use quotaion marks if connection name has spaces.
This positively does NOT work. On reboot, xp tries to run this before other necessary services are running. Thus, the VPN never connects automatically on reboot. Sorry.
This problem can be fixed by creating a delay between the time this service runs, and the time it actually runs rasdial. Edit the .bat file and issue a ping command to some host followed by -n 30. This will make it ping 30 times and then run rasdial. 30 pings gives a good enough delay for all necessary services to be fully up and running.
I’ve never had the timing problem you described, and judging from all the other comments here from people who got it to work using my instructions, it doesn’t look like most other people have either. In any case, I’m glad you found a workaround for the problem.
yeah.. i googled and this is 1st result.
very useful.. thanks a lot!