Hi Anil,

I testet the provided script, but it did not solve the issue. When the script is executed manually after the connection is established it works as expected. But executed inside the `on_connect` the connection is never established as the script never finishes. This could be fixed with a retry counter for the reachability check.

But my core problem is the execution of the script before a connection is made. As I would assume that the `on_connect` script should be executed after the connection is established and not while the process is still ongoing. Currently the script is executed after the external browser (or internal) is used to authenticate the saml user.

Script:

#!/bin/bash
SMB_Addr="smb://ssldemo.fortinet.com/installers"
MOUNT_CMD='/usr/bin/osascript -e "mount volume \"$SMB_Addr\""'

check_connection() {
if ping -c 1 ssldemo.fortinet.com &>/dev/null; then
return 0 # Success
else
return 1 # Failure
fi
}

while ! check_connection; do
echo "Waiting for SMB share to become accessible..."
sleep 4
done

echo "SMB share is accessible. Mounting..."
eval $MOUNT_CMD

forticlient_settings.xml:

<on_connect>
                        <script>
                            <os>mac</os>
                            <script>
                                ~/mountShare.sh
                            </script>
                        </script>
                    </on_connect>

I also tried executing the script in the background. Which did not block the connection, but also did not connect the smb share.
forticlient_settings.xml :

<on_connect>
                        <script>
                            <os>mac</os>
                            <script>
                                ~/mountShare.sh &amp;
                            </script>
                        </script>
                    </on_connect>

Hello, 

I made a bit of adjustment based on the retry counter. 

#!/bin/bash

SMB_URL="smb://ssldemo.fortinet.com/installers"
MOUNT_CMD='/usr/bin/osascript -e "mount volume \"$SMB_URL\""'

MAX_RETRIES=10

check_connection() {
if ping -c 1 ssldemo.fortinet.com &>/dev/null; then
return 0 # Success
else
return 1 # Failure
fi
}

retry_count=0
while ! check_connection; do
if [ $retry_count -ge $MAX_RETRIES ]; then
echo "Maximum retries reached. Exiting..."
exit 1
fi
echo "Waiting for SMB share to become accessible... (Attempt $((retry_count + 1))/$MAX_RETRIES)"
sleep 4
retry_count=$((retry_count + 1))
done
echo "SMB share is accessible. Mounting..."
eval $MOUNT_CMD

Have you ever tried to recreate from stratch the applied remote access profile from the EMS server and check the results? 

The issue arises because the on_connect script in FortiClient executes prematurely, before the VPN connection is fully established. To resolve this, you can implement a script that checks the VPN connection's readiness, such as monitoring the interface status, and delays execution until the connection is active. Upgrading to FortiClient 7.2.5 or newer, which addresses synchronization issues with on_connect scripts, is also recommended. If the issue persists, use external tools like macOS launchd to better control script execution timing. Additionally, tools like ZArchiver available for PC on https://zarchiverapk.com/zarchiver-pc/ can aid in managing SMB shares and debugging network automations. Collect detailed logs to further investigate and ensure alignment between script execution and connection establishment.