问题
I am working with the basic Cisco VPN client (v.5 I believe). Is there anyway to determine programatically if a partciular profile (or any profile for that matter) is connected?
I'm looking to somehow get a status from the client itself. I don't want to have to try to ping some IP on the other end of the VPN to see if I get a response.
回答1:
There is an API for Cisco VPN (vpnapi.dll).
回答2:
Below a vbs script to check the connection status:
bIsVPNConnected = False
Set objWMIService = GetObject("winmgmts:\\.\root\CIMV2")
Set colItems = objWMIService.ExecQuery("SELECT * FROM Win32_NetworkAdapterConfiguration",,48)
For Each objItem in colItems
strConnection = LCase(objItem.Description)
If(InStr(strConnection, "cisco") > 0) Then
wscript.echo (strConnection)
bIsVPNConnected = objItem.IPEnabled
End If
Next
If(bIsVPNConnected) Then
WScript.echo "VPN connected"
Else
WScript.echo "Not VPN connected"
End If
回答3:
I am unaware of any APIs for Cisco VPN client but you could use the underlying OS.
On Mac OS X, you can query the System Configuration framework because when Cisco VPN client connects it creates a number of keys in the configuration directory (DNS and stuff):
$ printf "get State:/Network/Service/com.cisco.VPN" | sudo scutil
The programmatic equivalent of the above can be achieved in plain C Carbon or ObjC Cocoa.
回答4:
As "diciu" wrote, you can query the System Configuration framework. The programmatic equivalent of the scutil command that he gave is something like
#import <SystemConfiguration/SystemConfiguration.h>
- (void)printPrimaryService {
SCDynamicStoreRef dynamicStoreDomainState = SCDynamicStoreCreate(NULL,
CFSTR("myApplicationName"),
NULL,
NULL);
if (dynamicStoreDomainState) {
NSString *netIPv4Key = [NSString stringWithFormat:@"%@/%@/%@/%@",
kSCDynamicStoreDomainState,
kSCCompNetwork,
kSCCompGlobal,
kSCEntNetIPv4];
NSMutableDictionary *netIPv4Dictionary = (NSMutableDictionary *) SCDynamicStoreCopyValue(dynamicStoreDomainState, (CFStringRef)netIPv4Key);
if (netIPv4Dictionary ) {
NSString *primaryService = [netIPv4Dictionary objectForKey:(NSString *)kSCDynamicStorePropNetPrimaryService];
if (primaryService) {
NSLog(@"primary service = \"%@\"\n", primaryService); /* When the Cisco VPN is active, I get "com.cisco.VPN" here */
}
[netIPv4Dictionary release];
}
CFRelease(dynamicStoreDomainState);
}
}
Using the above, you can tell if the Cisco VPN client is connected. You can then do something similar to get the DNS servers associated with the VPN connection. I compare the resulting DNS servers to the DNS server of my company to tell if I'm VPN'd into my company. Klunky, but it works and it's fast - no waiting for a ping to timeout.
Note that with the recent version of the Cisco VPN Client, Cisco published an API. Unfortunately, it's only for Microsoft Windows. Maybe they'll produce one for Macs some day.
回答5:
There are several ways, actually, without using the API (which I still cant find/DL)
One of the easiest ways is to check a registry setting found at: HKEY_LOCAL_MACHINE\SOFTWARE\Cisco Systems\VPN Client\AllAccess\TunnelEstablished (0 or 1)
Another way is to do it is to detect it by the name of the network interface it establishes via using ManagementObjectSearcher, sample code below:
ManagementObjectSearcher query = null;
try { query = new ManagementObjectSearcher("SELECT * FROM Win32_NetworkAdapterConfiguration WHERE IPEnabled = 'TRUE'"); }
catch (Exception ex)
{
}
// "native code call stack error"
try { queryCollection = query.Get(); }
catch (Exception ex)
{
}
int i = 0;
try
{
foreach (ManagementObject mo in queryCollection)
{
MojPopisDostupnih[i] = mo["Description"].ToString();
// networksListBox.Items.Add(mo["Description"].ToString());
i = i + 1;
}
for (int j = 0; j <= MojPopisDostupnih.Length - 1; j++)
{
if (MojPopisDostupnih[j] != null)
{
if (MojPopisDostupnih[j].IndexOf("Cisco Systems VPN Adapter") != -1)
{ }
else
{ }
}
}
}
catch (Exception ex)
{
}
Yet another way is to use process.start to run a CLI (command line) of "vpnclient stat", redirect standard output to a stringbuilder in your app and then check the string whether it contains appropriate data - for more info on this see here:
http://www.cisco.com/en/US/docs/security/vpn_client/cisco_vpn_client/vpn_client46/administration/guide/vcAch5.html
回答6:
Well if all else fails, parse the output of "route". The routing used by CiscoVPN has a telltale mark there.
来源:https://stackoverflow.com/questions/512365/programatially-determine-if-cisco-vpn-client-is-connected