Creating a PPTP Client using .Net

Question

0.00/5 (No votes)

See more:

This is something I've been pondering, if there is a better way to solve this please feel free to say so.

We have a country-wide VPN network running on leased lines. Our server is hosted on one site, and our windows-based application (using WCF) connects to our server over the VPN.

Some of our (trusted)users need access from outside the physical locations of our sites, for this they have a username and password to connect their PC's to the VPN via the internet cloud.

However, we now have a few people wanting to use our application and access the data through their internet connections. But for these users specifically we do NOT want to give out our VPN's usernames and passwords. Neither do we want to use port-forwarding.

I think this should technically be possible... can I make a TCP connection to our PPTP server and create a secure VPN connection from WITHIN the application (NOT a Windows connection), thereby granting VPN access to the application, but not the user's entire computer. This username-password can be hardcoded or dynamic or whatever.

Good Idea? Bad Idea?
Possible?
Can this type of connection be hijacked? (this will grant access to our entire VPN)

Posted 12-Jan-11 3:01am

MatthysDT

Add a Solution

1 solution

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

#realJSOP · Accepted Answer · 2011-01-12T03:10:00

Solution 1

You probably want to use the Process object to execute rasdial (comes with windows) with the appropriate commandline parameters.

Google is your friend.

EDIT (for your comment) =============

Once the connection is made, the connection is made. You're simply doing it from inside the app so that you don't have to reveal the userid/password (which is what I thought you wanted to do). I put it to you that my answer is correct, and shouldn't be 1-voted. Even if it's not the answer you wanted, it's not like I'm saying you're an idiot or anything, and I made an honest effort to give you a solution.

Lastly, I asked the system guys here where I work, and they said they aren't aware of any way to restrict a VPN connection to a single application.

Posted 12-Jan-11 3:10am

#realJSOP

Updated 12-Jan-11 3:53am

v7

Comments

MatthysDT 12-Jan-11 9:29am

Thanks, will check this out. Will I be able to control access to this connection? I.e. the rest of the client PC shouldn't be able to access that connection. I want to connect the application only. If it were as simple as establishing a VPN connection I wouldn't have posted it here.

Yusuf 12-Jan-11 9:50am

While I didn't read all the question/answer, by the face of it, the answer does not merit uni-vote. Countering it with +5 to as way of flexing my muscle.

Espen Harlinn 12-Jan-11 10:00am

5+ Seems like it's the day of the univoter, and your answer is sensible. The number of possible solutions is mind boggling. Set up a DMZ and route request to the WCF service, is another possible solution.

MatthysDT 12-Jan-11 10:50am

Thanks for your edit. ""Lastly, I asked the system guys here where I work, and they said they aren't aware of any way to restrict a VPN connection to a single application."" - this is what I was looking for, something to tell me that it probably can't be done.

As for my vote, my apologies, I acted om impulse, but for this reason: My question is long-winding and very specific, I'd rather have no answer at all than someone half-reading it, "Googling" for an answer and then have the audacity to say "Google is your friend" implying that I didn't search for this at all. Ideally I would have liked to discuss this with someone who have worked with PPTP connections before, as I'm sure there are many such people here. As Espen Harlinn mentioned, the number of possible solutions are mind boggling, and THOSE are the solutions I wish to discuss!

True, your answer doesn't merit a uni-vote, your attitude and "Google" comment however, does. If "Google is your friend" is in some way your signature to all posts, please accept my sincere apologies.

#realJSOP 14-Jan-11 5:23am

Most of the questions posted here can be answered with a simple google search. I wasn't trying to give anyone "attitude" - I simply don't know (and don't really care) what the rasdial command line parameters are, thus, "google is your friend". Since you're the one that needs the answer, it only seems fair that *you* should research the info you need.