Programatially determine if Cisco VPN Client is co

2019-03-30 09:37发布

站内问答 / 前端开发
835 6 4

I am working with the basic Cisco VPN client (v.5 I believe). Is there anyway to determine programatically if a partciular profile (or any profile for that matter) is connected?

I'm looking to somehow get a status from the client itself. I don't want to have to try to ping some IP on the other end of the VPN to see if I get a response.

标签: vpn cisco
举报
6条回答
霸刀☆藐视天下
2楼-- · 2019-03-30 09:59

There are several ways, actually, without using the API (which I still cant find/DL)

One of the easiest ways is to check a registry setting found at: HKEY_LOCAL_MACHINE\SOFTWARE\Cisco Systems\VPN Client\AllAccess\TunnelEstablished (0 or 1)

Another way is to do it is to detect it by the name of the network interface it establishes via using ManagementObjectSearcher, sample code below:

  ManagementObjectSearcher query = null;
                try { query = new ManagementObjectSearcher("SELECT * FROM Win32_NetworkAdapterConfiguration WHERE IPEnabled = 'TRUE'"); }
                catch (Exception ex)
                {

                }
                // "native code call stack error" 
                try { queryCollection = query.Get(); }
                catch (Exception ex)
                {

                }
                int i = 0;
                try
                {
                    foreach (ManagementObject mo in queryCollection)
                    {
                        MojPopisDostupnih[i] = mo["Description"].ToString();
                        // networksListBox.Items.Add(mo["Description"].ToString());
                        i = i + 1;
                    }
                    for (int j = 0; j <= MojPopisDostupnih.Length - 1; j++)
                    {
                        if (MojPopisDostupnih[j] != null)
                        {
                            if (MojPopisDostupnih[j].IndexOf("Cisco Systems VPN Adapter") != -1)
                            {  }
                            else 
                             {  }
                        }
                    }
                }
                catch (Exception ex)
                {

                }

Yet another way is to use process.start to run a CLI (command line) of "vpnclient stat", redirect standard output to a stringbuilder in your app and then check the string whether it contains appropriate data - for more info on this see here:

http://www.cisco.com/en/US/docs/security/vpn_client/cisco_vpn_client/vpn_client46/administration/guide/vcAch5.html

查看更多
0人赞 添加讨论(0) 举报
可以哭但决不认输i
3楼-- · 2019-03-30 10:00

Below a vbs script to check the connection status:

bIsVPNConnected = False

Set objWMIService = GetObject("winmgmts:\\.\root\CIMV2") 
Set colItems = objWMIService.ExecQuery("SELECT * FROM Win32_NetworkAdapterConfiguration",,48) 

For Each objItem in colItems 
   strConnection = LCase(objItem.Description)

   If(InStr(strConnection, "cisco") > 0) Then
      wscript.echo (strConnection)
      bIsVPNConnected = objItem.IPEnabled
   End If
Next

If(bIsVPNConnected) Then
   WScript.echo  "VPN connected"
Else
   WScript.echo  "Not VPN connected"
End If
查看更多
0人赞 添加讨论(0) 举报
乱世女痞
4楼-- · 2019-03-30 10:01

As "diciu" wrote, you can query the System Configuration framework. The programmatic equivalent of the scutil command that he gave is something like

#import <SystemConfiguration/SystemConfiguration.h>

- (void)printPrimaryService {

    SCDynamicStoreRef dynamicStoreDomainState = SCDynamicStoreCreate(NULL,
                                                                     CFSTR("myApplicationName"),
                                                                     NULL,
                                                                     NULL);
    if (dynamicStoreDomainState) {
        NSString *netIPv4Key = [NSString stringWithFormat:@"%@/%@/%@/%@",
                                kSCDynamicStoreDomainState,
                                kSCCompNetwork,
                                kSCCompGlobal,
                                kSCEntNetIPv4];
        NSMutableDictionary *netIPv4Dictionary = (NSMutableDictionary *) SCDynamicStoreCopyValue(dynamicStoreDomainState, (CFStringRef)netIPv4Key);
        if (netIPv4Dictionary ) {
            NSString *primaryService = [netIPv4Dictionary objectForKey:(NSString *)kSCDynamicStorePropNetPrimaryService];
            if (primaryService) {
                NSLog(@"primary service = \"%@\"\n", primaryService);   /* When the Cisco VPN is active, I get "com.cisco.VPN" here */
            }
            [netIPv4Dictionary release];
        }
        CFRelease(dynamicStoreDomainState);
    }
}

Using the above, you can tell if the Cisco VPN client is connected. You can then do something similar to get the DNS servers associated with the VPN connection. I compare the resulting DNS servers to the DNS server of my company to tell if I'm VPN'd into my company. Klunky, but it works and it's fast - no waiting for a ping to timeout.

Note that with the recent version of the Cisco VPN Client, Cisco published an API. Unfortunately, it's only for Microsoft Windows. Maybe they'll produce one for Macs some day.

查看更多
0人赞 添加讨论(0) 举报
该账号已被封号
5楼-- · 2019-03-30 10:08

There is an API for Cisco VPN (vpnapi.dll).

查看更多
0人赞 添加讨论(0) 举报
放荡不羁爱自由
6楼-- · 2019-03-30 10:10

I am unaware of any APIs for Cisco VPN client but you could use the underlying OS.

On Mac OS X, you can query the System Configuration framework because when Cisco VPN client connects it creates a number of keys in the configuration directory (DNS and stuff):

$ printf "get State:/Network/Service/com.cisco.VPN" | sudo scutil

The programmatic equivalent of the above can be achieved in plain C Carbon or ObjC Cocoa.

查看更多
0人赞 添加讨论(0) 举报
Emotional °昔
7楼-- · 2019-03-30 10:19

Well if all else fails, parse the output of "route". The routing used by CiscoVPN has a telltale mark there.

查看更多
0人赞 添加讨论(0) 举报
登录 后发表回答
相关问题
查看全部
相关文章
查看全部
收藏的人(4)