Mount and umount triggered by VPN

Hi all,

System = Workstation 39
VPN = OpenConnect (Shows as Multi-protocol VPN client in Gnome Settings)

I’m trying to find a way to trigger a script that will run each time it detects my work VPN connecting, so it auto mounts my drives at work, and umounts during the disconnection process of the VPN. I activate the VPN via the drop down menu in the top right corner of Gnome.

Please note I do also have a tailscale VPN which I leave on 24/7, but this has nothing to do with work, but might need to be kept in consideration when detecting the VPN work activation.

I’ve been trying to create a udev rule after reading an idea of "KERNEL==“vpn0” but I wasn’t able to get it working, most likely due to my lack of knowledge on udev, or maybe it’s no longer possible if Network Manager doesn’t signal to it?

I have setup Systemd to automount my home network shares when I might change directory into the mount destination, this works a treat over tailscale which is always on.

But for work, this technique won’t be effective. I switch on the work VPN as-and-when needed, I am forgetful to umount the shares before disconnecting my work VPN and this causes issues that slows both cli and in Gnome (files) when I might still have an interface open in the directory where work drives were mounted before I disconnected the work VPN.

Is anyone familiar with an idea which might work please?

thanks for your thoughts.

While KERNEL=="vpn0" might have worked in the past, it’s not reliable anymore with NetworkManager.

NetworkManager dispatcher scripts allow you to execute custom scripts when network events occur, such as when a network interface is brought up or down. You can use this feature to trigger your script whenever your work VPN connection is established or terminated.

I would take the approach of creating 2 scripts, 1 for connect & 1 for disconnect.

Place the scripts in /etc/NetworkManager/dispatcher.d/ and make them executable.

I don’t know the Fedora Forum rules on writing scripts and extensive code so i will refrain from that for the moment. Your project is very doable. :handshake:t5:


Thanks @hamrheadcorvette - I was not aware of NM dispatcher and will go take a look into this to learn what I can do with it.

Do we have rules for that, or is it mere guidelines/suggestions? I’ve not really seen any, except the one about please post the text not the graphic?!?

1 Like

I don’t know, and lackadaisically did not look. I have scripts for this type of thing, as I am a long time VPN user, and from my work history. I’m especially cautionus about Mount scripts, NM and VPN.


I think there is a how to section/topic tag in ask that would be an appropriate place for what you are describing. Using the pagure repo you can create as a Fedora user would be a place to put the actual files, if they’re too large. Or create a COPR repo. Just a suggestion, others could potentially benefit from your experiences.

1 Like

AFAIK there are no hard and fast rules. We obviously are not in the ‘do the work for them’ mode, but suggestions using the code or preformatted text blocks with code snippets should be OK.

Also, if it will be extended communications, or a full script to assist, it may be better to use the PM feature here so the conversation would be between 2 persons and not spread to the whole world. I am aware of several instances where such extended solutions were taken off the public forum and done by private PMs.

Just wanted to say thanks to @hamrheadcorvette again.
I now have a working solution, which was very fun to learn and put into place.

Granted I use DDG rather than google, but I searched this a few times over recent weeks and never once got a lead to look into dispatch.d until your post.

Once I added “dispatch” to my search terms I even found posts from 2015 covering this topic. Either everyone knows how to do it and never posts about it, or it’s maybe more rare of a situation then I realised.

In the event of anyone else stumbling over this post with similar issues, I’d recommend this guide as a great starting point.

1 Like

It’s actually, Everyone who knows how to do it, assumes everyone else does as well :laughing: .

I have some bash scripts to accomplish this, There are many ways to do it. many more things that can be done like Traffic Shaping, Dynamic VPN Routing, Trigger Backups, DNS, Firewall, Proxy Configs, Failover, Bonding to name a few.

Glad you have a solution. :handshake:t5: