[UWP] Questions about VPN plugin RRS feed

  • Question

  • Hello,
    Recently I am developing a VPN plugin for our team. After reading the API documentation and attempting several times, I still have some questions that remain to be answered.

    1. How does the VPN profile locate my VpnPlugin class? The property VpnPluginPackageFamilyName refers to an app package, not including namespaces, which confuses me a lot. Do I need to ‘expose’ the VpnPlugin class in a certain way?
    2. Is it possible to establish multiple TCP connections between the client machine and the VPN server? Our protocol is based on TCP and each connection to the remote server occupies a TCP connection to the VPN server. However a VpnChannel only supports two transport sockets. 

    3. How can I get in touch with msftvpn team? 'msftvpnapi@microsoft.com' seems invalid. 

    Our team is looking forward to your kindly answers 😊
    Best regards,

    • Edited by 包布丁 Sunday, May 7, 2017 5:01 AM Add tag
    Sunday, May 7, 2017 4:08 AM

All replies

  • Hello,

    >>1. How does the VPN profile locate my VpnPlugin class?

    Is your VpnPlugin class your own custom class or the Vpn​Plug​In​Profile Class? If it is the Vpn​Plug​In​Profile Class, what is the mean ‘expose’ the VpnPlugin class in a certain way?  Do you want to identify the Vpn​Plug​In​Profile Class? I think the class also has some other properties, such as ProfileName.

    >>2. Is it possible to establish multiple TCP connections between the client machine and the VPN server?

    No, it only supports two transport sockets. 

    >>3. How can I get in touch with msftvpn team? 'msftvpnapi@microsoft.com' seems invalid. 

    As Windows.​Networking.​Vpn Namespace, "If you have any questions about the VPN API, contact msftvpnapi@microsoft.com". I will reported it in our channel. If it is very urgent, please use your developer account to open a support case by visiting this URL:


    Best regards,


    MSDN Community Support
    Please remember to click "Mark as Answer" the responses that resolved your issue, and to click "Unmark as Answer" if not. This can be beneficial to other community members reading this thread. If you have any compliments or complaints to MSDN Support, feel free to contact MSDNFSF@microsoft.com.

    • Edited by Breeze Liu Wednesday, May 10, 2017 11:34 AM
    Tuesday, May 9, 2017 2:16 AM
  • Hello,

    thanks for your detailed answer. 

    One thing I want to clarify is that 'VpnPlugin' in the post represents a class which implements IVpnPlugin interface. To put it another way, how to associate a VpnPluginProfile with my VpnPlugin implementation? Thus Windows would initialize an instance from VpnPlugin class and call the methods defined in it when users click 'Connect' in their VPN Settings panel. 



    • Edited by 包布丁 Tuesday, May 9, 2017 12:24 PM Add another link
    • Proposed as answer by defaultshr Monday, April 8, 2019 12:23 PM
    • Unproposed as answer by defaultshr Monday, April 8, 2019 12:23 PM
    Tuesday, May 9, 2017 12:17 PM
  • Since I was exploring the same answer, putting down my observations, which might be helpful. 

    UWP documentation mentions that there can be only 1 VpnPlugin and 1 PluginProfile per application. This means, If we somehow associate a profile with the application, we are done. Profile is necessary to connect/disconnect to VPN server. 

    How to associate a profile with your application's custom VPN plugin which communicates to VPN server. This can be done 2 says.

    1. Administratively - Go to VPN settings -> Add a VPN Connection -> Choose your application as "VPN Provider" and fill server detail -> Save. This will create a new profile which is linked to your application. Now if you say "connect" on the same profile from the VPN settings, it shall invoke your application's background task which implements VPN Client and your own custom plugin. 

    2. Programmatically - You may write a GUI application for your VPN background task which does following. 

       a. Instantiate a VpnPluginProfile (or I think it is possible to derive your own class from IVpnProfle. However, I have not tried inheriting my own class). Initialize plugin object's ProfileName, VpnPluginPackageFamilyName(available from Package.appxmanifest), ServerUri, AlwaysOn(this may be optional).

       b. Instantiate a VpnManagementAgent object. Now you may use AddProfileFromObjectAsync to add this as new profile, ConnectProfileAsync to connect to same profile. ConnectProfileAsync/DisconnectProfileAsync will trigger the background VpnClient task and corresponding plugin methods to handle VPN tunnel. DeleteProfileAsync method can be used to programmatically delete the profile. 

    Note: VpnPluginProfile appears to be essential to trigger connect/disconnect operations. However, actual characteristics of the VPN connection may be controlled by other means too. E.g. server-URI can be supplied via ApplicationData::Current->LocalSettings as well. 

    These are my observations from the investigation which I had to do for our requirements. However, MSDN may provide better clarification/expert inputs over same as necessary. 

    • Proposed as answer by defaultshr Monday, April 8, 2019 12:42 PM
    Monday, April 8, 2019 12:41 PM
  • I am glad to see that someone is still working on UWP VPN Platform. From my experiments, I hold similar conclusions as yours. What varies is that there may be several VPN profiles sharing the same VpnPlugIn. For my second problem, the system-provided transport tunnels should not connect to remote servers directly, otherwise only 2 connections is far from enough. Here we could use tun2socks and manipulate the route table a bit to take control of connections to remote servers. Obviously, things would become easier if we use a packet-based protocol instead of a connection-based protocol, where some implementations are available on GitHub for the former one.
    Friday, April 19, 2019 5:26 PM
  • Hi, Have a question.

    Will the background task be triggered when connection is established using VpnNativeProfile?


    Tuesday, November 12, 2019 7:11 AM