locked
Managing VPN Programmatically - C# RRS feed

  • Question

  • Hi,

    Maybe, I've searched the whole internet but didn't found any project that fulfill my needs. Basically, I'm thinking to create a VPN software for Windows, and Mobile; but right now, I'm not gonna talk about Mobile apps here. I'm just a student and not a professional programmer. Let me explain, I'm creating a VPN software (like Hotspot, other ..etc) but at start, I'm stuck with some important parts, like I've noticed that whenever we install a VPN, it also installs an external Network Adapter and I really don't know how it works and how to create my own. I want to know about creating/managing external Network Adapter in C# (Is it possible, ehh?). The second is, I want to manage the whole VPN directly from my application and don't want users to manual configure anything.

    I'll be happy, if anyone will give me an explanation on this or maybe will help me out to complete it. I've actually got VPN servers but now I want to create an application.

    Thanks,


    Thursday, January 28, 2016 7:19 AM

Answers

  • You can't really do a usefull VPN client without some form of TCP Hole Punching. It is doubly true now that Carrier Grade NAT is a thing to consider on top of Router NAT.
    Wich requires you to have a server on the internet. If someone asks how to let clients communicate via the internet my usual answer is: "Give them LAN ability and use an existing VPN solution, because you propably cannot afford or programm the server you need for the Hole Punching anyway."

    Writing your own VPN software is not a trivial or cost free task:
    It costs money to have the server and it's DNS entry avalible.
    It requires actions below what managed code is able to acomplish (adding a virtual Network Device for example)
    It reqires complete set of knowledge of Network administration on top of all the programming.
    It requries work on two widly different pieces of software (the server and the client)

    This is not a good project to start learning stuff.
    It is not a good project to get into programming or networking. You need to be solid in both before you even have a chance.
    It is the kind of project where I can barely grasp all the issues and all resolve to try to make it gives way to the realisation that it is beyond a single programmer.

    If a VPN solution does not do exactly what you want that means either:
    It can't be done.
    It can be done, but is infeasible complicated and/or unreliable.
    You are on a totally wrong track to solve a problem, and there is a million times easier solution you have not even considered (or thought you could do better).

    Friday, January 29, 2016 11:16 AM

All replies

  • Hi Ismail ,

    This forum is discuss and ask questions about the C# programming language, IDE, libraries, samples, and tools. Based on your description, your case related to manage the whole VPN directly from C# application, 

    The following article talks about How to programmatically connect to a VPN

    How can I programmatically connect to a VPN?

    http://geekswithblogs.net/thibbard/articles/CSharpCodeToMaintainVPNConnectionProgramatically.aspx

    Best regards,

    Kristin

    Note: This response contains a reference to a third party World Wide Web site. Microsoft is providing this information as a convenience to you. Microsoft does not control these sites and has not tested any software or information found on these sites;Therefore, Microsoft cannot make any representations regarding the quality, safety, or suitability of any software or information found there.

    There are inherent dangers in the use of any software found on the Internet, and Microsoft cautions you to make sure that you completely understand the risk before retrieving any software from the Internet.


    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click HERE to participate the survey.

    Friday, January 29, 2016 7:13 AM
  • Hi Ismail,

    I recommend you check Azure's VPN documentation (https://azure.microsoft.com/en-gb/documentation/articles/vpn-gateway-about-vpngateways/) for possible guidance. This might cause you to rethink your approach but the good thing about Azure is that it relieves you of some configurations.

    Friday, January 29, 2016 7:53 AM
  • Hi Kristin,

    Thank you for replying and it really helped me but there are some other things which are not yet cleared. I mean, I was also asking about external Network Adapter used by other VPN services. What is the purpose of that adapter if we can directly link VPN using 'rasdial'? If external adapter is an important part to create a VPN software then how to create one for my software, is that even possible using C#? The link you've provided seems to be great and I'll test the 'rasdial' thingy today and will tell you that if it goes well or not.

    At last, I'd like to say that your service, the MSDN Forum, is really great and I'm glad to see that I've instantly got an answer. Thank you again.

    Regards,
    Ismail

    Friday, January 29, 2016 10:50 AM
  • You can't really do a usefull VPN client without some form of TCP Hole Punching. It is doubly true now that Carrier Grade NAT is a thing to consider on top of Router NAT.
    Wich requires you to have a server on the internet. If someone asks how to let clients communicate via the internet my usual answer is: "Give them LAN ability and use an existing VPN solution, because you propably cannot afford or programm the server you need for the Hole Punching anyway."

    Writing your own VPN software is not a trivial or cost free task:
    It costs money to have the server and it's DNS entry avalible.
    It requires actions below what managed code is able to acomplish (adding a virtual Network Device for example)
    It reqires complete set of knowledge of Network administration on top of all the programming.
    It requries work on two widly different pieces of software (the server and the client)

    This is not a good project to start learning stuff.
    It is not a good project to get into programming or networking. You need to be solid in both before you even have a chance.
    It is the kind of project where I can barely grasp all the issues and all resolve to try to make it gives way to the realisation that it is beyond a single programmer.

    If a VPN solution does not do exactly what you want that means either:
    It can't be done.
    It can be done, but is infeasible complicated and/or unreliable.
    You are on a totally wrong track to solve a problem, and there is a million times easier solution you have not even considered (or thought you could do better).

    Friday, January 29, 2016 11:16 AM