Rasdial - vpn connection

Warnings: [
2019-04-04 21:01:25 +02 - [Warning-Duplicati.Library.Main.Controller-OptionValidationError]: The value “rasdial.exe “xxx” “yyy” “zzz”” supplied to --run-script-before does not represent a valid path,

Why not valid path? If I run this script in cmd, vpn connection works fine.

Any ideas?

I’m guessing you need to provide the full path to rasdial.exe.

You can probably locate it with where rasdial.exe

where <executable>

c:\ where
The syntax of this command is:

WHERE [/R dir] [/Q] [/F] [/T] pattern...

    Displays the location of files that match the search pattern.
    By default, the search is done along the current directory and
    in the paths specified by the PATH environment variable.

I allrady try with full path C:\Windows\System32\rasdial.exe but I get the same error --run-script-before does not represent a valid path.

I guess --run-script-before accepts a filename only, arguments are not allowed AFAIK.
Try creating a batchfile containing rasdial.exe "xxx" "yyy" "zzz" and call this batchfile instead of rasdial.exe in your backup config.

batchfile created and VPN is successfuly opened. But here comes another problem. At that time iSCSI is not mounted yet and I get error - it takes xx seconds to get access to backup server.

How can program start doing backup after xx seconds? Becouse if I do this manualy (open VPN and wait xx seconds) everything works fine.

Add this line to your batch script to wait 10 seconds:
ping -n 10 > nul
You can change value 10 to increase/decrease the delay.


Could also try loop with suggested ping that also checks if device mounted yet.

Im not programer. How can i do that?

If the device is being mounted as a drive letter and it’s always the same letter you could use something like this to check for drive availability every 2 seconds for a total of 10 seconds:

@echo off
set waitSecs=2
set maxSecs=10
vol w: >nul 2>nul
if errorlevel 1 (
    echo Drive not ready - waiting %waitSecs% seconds before retry...
	set /a maxSecs=%maxSecs%-%waitSecs%
	if %maxSecs% leq 0 goto :end
	ping -n %waitSecs% >nul
	goto :checkDrive
) else (
	echo Drive ready - starting Duplicati...
	echo insert Duplicati command line here
1 Like

That should work. This script does the same, but is shorter:

@echo off
rasdial.exe entryname username password
for /l %%a in (1 1 20) do (
  ping -n 2 > nul
  if exist W:\. exit 0
echo iSCSI drive not mounted, backup aborted.
exit 5

Modify 20 in the for /l... line to adjust the number of times the check is performed.
Modify 2 in the ping -n line to set the wait time between checks.
Modify W:\. to an existing path on your iSCSI drive.

If the path is found, the script exits and the backup will start.
If the path is not found after 20 attempts, the script exits with error level 5 and the backup aborts.

1 Like

is there a way to hide password? instead of letters and numbers is *********

To paraphrase Pascal… “If I had more time, I would have written a shorter script.” :slight_smile:

Your use of exit codes is a much better process than mine.

Probably not if it’s coming out of a batch script. Unless RASDIAL supports a parameter file or using variables or something like that, you may be stuck with the plain text. :frowning:

There MIGHT be a way to abuse Duplicati into storing the password and passing it through a Duplicati environment variable, but that’s just a wild guess.

I guess that isn’t possible.

Unfortunately the username and password don’t seem to propagate to the %DUPLICATI__AUTH_USERNAME% and %DUPLICATI__AUTH_PASSWORD% environment variables, but the passphrase does.

So the only workaround I can think of is creating a local user that has the same password as the encryption passphrase you use for your backup. Give that user RW permissions to your iSCSI volume and change the first line to:

rasdial.exe entryname username %DUPLICATI__PASSPHRASE%

what if I run script in powershell?

I don’t think that will make any difference. Backend credentials don’t seem to be exposed to the host OS by Duplicati and PowerShell scripts are also plain text.

ok, but in powershell I can call rasphone (that does not require user/pass in plain text)

My question is: how to program it, so duplicity will wait till iSCI volume is connected?

Something like this?

foreach($i in 1..10) {if (!(Test-Path "W:\")) { Start-Sleep 2 }}

This will loop 10 times the check if W:\ exists. If W:\ doesn’t exist, a 2 seconds delay is inserted.

1 Like

I guess that you provided the wrong path to rasdial.exe. Have you tried to change it?

I don’t know what to think because I launched the same script and everything works fine. Maybe the problem is in VPN in this case. I heard that some of them don’t work with Rasdial and that’s why the connection can’t be loaded. I had almost the same problem with NordVPN and some other software. But maybe it’s gonna work with another one? I’ve recently read a VyprVPN detailed review and it seems that it has the necessary option to work with other devices/soft without any problems. I don’t know exactly about this, but gonna check it and report soon.