以编程方式确定 Cisco VPN 客户端是否已连接

发布于 2024-07-13 08:31:36 字数 153 浏览 11 评论 0原文

我正在使用基本的 Cisco VPN 客户端(我相信是 v.5)。 无论如何,是否可以以编程方式确定特定配置文件(或与此相关的任何配置文件)是否已连接?

我希望以某种方式从客户本身获得状态。 我不想尝试 ping VPN 另一端的某个 IP 才能查看是否得到响应。

I am working with the basic Cisco VPN client (v.5 I believe). Is there anyway to determine programatically if a partciular profile (or any profile for that matter) is connected?

I'm looking to somehow get a status from the client itself. I don't want to have to try to ping some IP on the other end of the VPN to see if I get a response.

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(7

梦醒灬来后我 2024-07-20 08:31:36

有一个用于 思科 VPN (vpnapi.dll)。

There is an API for Cisco VPN (vpnapi.dll).

梦境 2024-07-20 08:31:36

我不知道 Cisco VPN 客户端有任何 API,但您可以使用底层操作系统。

在 Mac OS X 上,您可以查询系统配置框架,因为当 Cisco VPN 客户端连接时,它会在配置目录(DNS 等)中创建许多密钥:

$ printf "get State:/Network/Service/com.cisco.VPN" | sudo scutil

可以在纯 C Carbon 或 ObjC Cocoa 中实现与上述内容等效的编程。

I am unaware of any APIs for Cisco VPN client but you could use the underlying OS.

On Mac OS X, you can query the System Configuration framework because when Cisco VPN client connects it creates a number of keys in the configuration directory (DNS and stuff):

$ printf "get State:/Network/Service/com.cisco.VPN" | sudo scutil

The programmatic equivalent of the above can be achieved in plain C Carbon or ObjC Cocoa.

半世蒼涼 2024-07-20 08:31:36

实际上,有几种方法可以不使用 API(我仍然找不到/DL),

最简单的方法之一是检查注册表设置:
HKEY_LOCAL_MACHINE\SOFTWARE\Cisco Systems\VPN Client\AllAccess\TunnelEstablished(0 或 1)

另一种方法是通过使用 ManagementObjectSearcher 建立的网络接口的名称来检测它,示例代码如下:

  ManagementObjectSearcher query = null;
                try { query = new ManagementObjectSearcher("SELECT * FROM Win32_NetworkAdapterConfiguration WHERE IPEnabled = 'TRUE'"); }
                catch (Exception ex)
                {

                }
                // "native code call stack error" 
                try { queryCollection = query.Get(); }
                catch (Exception ex)
                {

                }
                int i = 0;
                try
                {
                    foreach (ManagementObject mo in queryCollection)
                    {
                        MojPopisDostupnih[i] = mo["Description"].ToString();
                        // networksListBox.Items.Add(mo["Description"].ToString());
                        i = i + 1;
                    }
                    for (int j = 0; j <= MojPopisDostupnih.Length - 1; j++)
                    {
                        if (MojPopisDostupnih[j] != null)
                        {
                            if (MojPopisDostupnih[j].IndexOf("Cisco Systems VPN Adapter") != -1)
                            {  }
                            else 
                             {  }
                        }
                    }
                }
                catch (Exception ex)
                {

                }

另一种方法是使用 process.start 运行“vpnclient stat”的 CLI(命令行),将标准输出重定向到应用程序中的字符串生成器,然后检查字符串是否包含适当的数据 - 有关详细信息,请参阅此处:

http://www.cisco.com/en /US/docs/security/vpn_client/cisco_vpn_client/vpn_client46/administration/guide/vcAch5.html

There are several ways, actually, without using the API (which I still cant find/DL)

One of the easiest ways is to check a registry setting found at:
HKEY_LOCAL_MACHINE\SOFTWARE\Cisco Systems\VPN Client\AllAccess\TunnelEstablished (0 or 1)

Another way is to do it is to detect it by the name of the network interface it establishes via using ManagementObjectSearcher, sample code below:

  ManagementObjectSearcher query = null;
                try { query = new ManagementObjectSearcher("SELECT * FROM Win32_NetworkAdapterConfiguration WHERE IPEnabled = 'TRUE'"); }
                catch (Exception ex)
                {

                }
                // "native code call stack error" 
                try { queryCollection = query.Get(); }
                catch (Exception ex)
                {

                }
                int i = 0;
                try
                {
                    foreach (ManagementObject mo in queryCollection)
                    {
                        MojPopisDostupnih[i] = mo["Description"].ToString();
                        // networksListBox.Items.Add(mo["Description"].ToString());
                        i = i + 1;
                    }
                    for (int j = 0; j <= MojPopisDostupnih.Length - 1; j++)
                    {
                        if (MojPopisDostupnih[j] != null)
                        {
                            if (MojPopisDostupnih[j].IndexOf("Cisco Systems VPN Adapter") != -1)
                            {  }
                            else 
                             {  }
                        }
                    }
                }
                catch (Exception ex)
                {

                }

Yet another way is to use process.start to run a CLI (command line) of "vpnclient stat", redirect standard output to a stringbuilder in your app and then check the string whether it contains appropriate data - for more info on this see here:

http://www.cisco.com/en/US/docs/security/vpn_client/cisco_vpn_client/vpn_client46/administration/guide/vcAch5.html

梨涡少年 2024-07-20 08:31:36

下面是一个检查连接状态的vbs脚本:

bIsVPNConnected = False

Set objWMIService = GetObject("winmgmts:\\.\root\CIMV2") 
Set colItems = objWMIService.ExecQuery("SELECT * FROM Win32_NetworkAdapterConfiguration",,48) 

For Each objItem in colItems 
   strConnection = LCase(objItem.Description)

   If(InStr(strConnection, "cisco") > 0) Then
      wscript.echo (strConnection)
      bIsVPNConnected = objItem.IPEnabled
   End If
Next

If(bIsVPNConnected) Then
   WScript.echo  "VPN connected"
Else
   WScript.echo  "Not VPN connected"
End If

Below a vbs script to check the connection status:

bIsVPNConnected = False

Set objWMIService = GetObject("winmgmts:\\.\root\CIMV2") 
Set colItems = objWMIService.ExecQuery("SELECT * FROM Win32_NetworkAdapterConfiguration",,48) 

For Each objItem in colItems 
   strConnection = LCase(objItem.Description)

   If(InStr(strConnection, "cisco") > 0) Then
      wscript.echo (strConnection)
      bIsVPNConnected = objItem.IPEnabled
   End If
Next

If(bIsVPNConnected) Then
   WScript.echo  "VPN connected"
Else
   WScript.echo  "Not VPN connected"
End If
偏闹i 2024-07-20 08:31:36

好吧,如果一切都失败了,请解析“route”的输出。 CiscoVPN 使用的路由在那里有一个明显的标记。

Well if all else fails, parse the output of "route". The routing used by CiscoVPN has a telltale mark there.

哆兒滾 2024-07-20 08:31:36

正如“diciu”所写,您可以查询系统配置框架。 他给出的 scutil 命令的编程等效项类似于

#import <SystemConfiguration/SystemConfiguration.h>

- (void)printPrimaryService {

    SCDynamicStoreRef dynamicStoreDomainState = SCDynamicStoreCreate(NULL,
                                                                     CFSTR("myApplicationName"),
                                                                     NULL,
                                                                     NULL);
    if (dynamicStoreDomainState) {
        NSString *netIPv4Key = [NSString stringWithFormat:@"%@/%@/%@/%@",
                                kSCDynamicStoreDomainState,
                                kSCCompNetwork,
                                kSCCompGlobal,
                                kSCEntNetIPv4];
        NSMutableDictionary *netIPv4Dictionary = (NSMutableDictionary *) SCDynamicStoreCopyValue(dynamicStoreDomainState, (CFStringRef)netIPv4Key);
        if (netIPv4Dictionary ) {
            NSString *primaryService = [netIPv4Dictionary objectForKey:(NSString *)kSCDynamicStorePropNetPrimaryService];
            if (primaryService) {
                NSLog(@"primary service = \"%@\"\n", primaryService);   /* When the Cisco VPN is active, I get "com.cisco.VPN" here */
            }
            [netIPv4Dictionary release];
        }
        CFRelease(dynamicStoreDomainState);
    }
}

使用上面的命令,您可以判断 Cisco VPN 客户端是否已连接。 然后,您可以执行类似的操作来获取与 VPN 连接关联的 DNS 服务器。 我将生成的 DNS 服务器与我公司的 DNS 服务器进行比较,以确定我是否通过 VPN 连接到我的公司。 笨拙,但它有效且速度快 - 无需等待 ping 超时。

请注意,在最新版本的 Cisco VPN 客户端中,思科发布了 API。 不幸的是,它仅适用于 Microsoft Windows。 也许有一天他们会为 Mac 生产一款。

As "diciu" wrote, you can query the System Configuration framework. The programmatic equivalent of the scutil command that he gave is something like

#import <SystemConfiguration/SystemConfiguration.h>

- (void)printPrimaryService {

    SCDynamicStoreRef dynamicStoreDomainState = SCDynamicStoreCreate(NULL,
                                                                     CFSTR("myApplicationName"),
                                                                     NULL,
                                                                     NULL);
    if (dynamicStoreDomainState) {
        NSString *netIPv4Key = [NSString stringWithFormat:@"%@/%@/%@/%@",
                                kSCDynamicStoreDomainState,
                                kSCCompNetwork,
                                kSCCompGlobal,
                                kSCEntNetIPv4];
        NSMutableDictionary *netIPv4Dictionary = (NSMutableDictionary *) SCDynamicStoreCopyValue(dynamicStoreDomainState, (CFStringRef)netIPv4Key);
        if (netIPv4Dictionary ) {
            NSString *primaryService = [netIPv4Dictionary objectForKey:(NSString *)kSCDynamicStorePropNetPrimaryService];
            if (primaryService) {
                NSLog(@"primary service = \"%@\"\n", primaryService);   /* When the Cisco VPN is active, I get "com.cisco.VPN" here */
            }
            [netIPv4Dictionary release];
        }
        CFRelease(dynamicStoreDomainState);
    }
}

Using the above, you can tell if the Cisco VPN client is connected. You can then do something similar to get the DNS servers associated with the VPN connection. I compare the resulting DNS servers to the DNS server of my company to tell if I'm VPN'd into my company. Klunky, but it works and it's fast - no waiting for a ping to timeout.

Note that with the recent version of the Cisco VPN Client, Cisco published an API. Unfortunately, it's only for Microsoft Windows. Maybe they'll produce one for Macs some day.

榆西 2024-07-20 08:31:36

根据 @Joshua 的回答,如果您打开或关闭 VPN,这都会回显。

if (-not(route print | select-string AnyConnect)) { echo "Not on VPN" } else { echo "On VPN" }

关闭 VPN 时:

PS C:\
> if (-not(route print | select-string AnyConnect)) { echo "Not on VPN" } else { echo "On VPN" }
Not on VPN

打开 VPN 时:

PS C:\
> if (-not(route print | select-string AnyConnect)) { echo "Not on VPN" } else { echo "On VPN" }
On VPN

Building on @Joshua's answer, this will echo if you're on or off VPN.

if (-not(route print | select-string AnyConnect)) { echo "Not on VPN" } else { echo "On VPN" }

While off VPN:

PS C:\
> if (-not(route print | select-string AnyConnect)) { echo "Not on VPN" } else { echo "On VPN" }
Not on VPN

When on VPN:

PS C:\
> if (-not(route print | select-string AnyConnect)) { echo "Not on VPN" } else { echo "On VPN" }
On VPN
~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文