如何使用 Delphi 连接到 VPN 服务器?
我需要连接到 VPN 服务器,我无法使用 Windows 连接,我的应用程序应该独立工作!
我使用 RAS Api 测试了一些组件,它们有效!但通过使用 Windows 连接。
我怎样才能做到这一点而不依赖于 Windows 连接?
I need to connect to a VPN Server , I can`t use windows Connections , My Application should work independently !
I tested some Components using RAS Api , they works ! but by using windows connections .
how can i do that without any dependency to windows connections ?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
这个问题的问题
“VPN”代表“虚拟专用网络”。这是一种使专用网络可供您的计算机使用的方法(可能以安全的方式),因此您的计算机可以使用标准 IP 协议,就好像它物理连接到专用网络一样。
操作系统需要了解该网络,因此所有 VPN 实现当然都使用“Windows 连接”。 从不同的角度来看:当您连接到 VPN 时,您可以打开与专用网络上的 IP 的 TCP 连接,就像在本地网络上一样。由于操作系统的工作是建立 TCP 连接并路由 TCP/IP 数据包,因此它当然需要了解 VPN!如果没有,它只会将您对给定 IP 的所有请求转发到其默认路由器,并失败并显示
“没有到目的地的路由”消息(或“超时”,如果你的路由器不够友善地告诉你的系统它不知道私有IP是什么)。能做到吗?
当然,从理论角度来看,您可以完全绕过 Windows,但随后您将不得不“自己动手”一切。您不能使用 Windows IP 服务,您必须实现自己的 TCP。我确信还有大约一百万个其他小事情需要重新实施。
首先,我会看看 Open VPN:它是开源的,可用于 Windows。它使用 UDP 协议作为 VPN 实现的基础,这与 Windows VPN(使用 GRE - 通用路由封装,协议 47)不同。当然,Open VPN 本身使用“Windows 连接”来完成其工作,因为它的目的是提供有用的服务,但您可以使用源代码作为您自己实现的基础。
我个人根本不会考虑这样做,我只是向您展示方法并证明这是可能的。
应该做什么
我假设您想要某种安全的通信通道来连接您自己的服务。研究简单的安全连接、隧道协议和代理。
如果需要对一台服务器上的一项服务执行此操作,我会考虑一个简单的 SSL 实现。更好的是,考虑使用 HTTPS。
如果您需要访问给定专用网络上可能不同的服务器上的许多不同服务,我会考虑代理。
The problem with this question
"VPN" stands for "Virtual Private Network". It's a way to make a private network available to your computer, possibly in a secure way, so your computer can use standard IP protocols as if it were physically connected to the private network.
The operating system needs to know about that network, so of course all VPN implementations use "windows connections". From a different perspective: When you're connected to a VPN you can open a TCP connection to an IP on the private network as if it were on your local network. Since it's the operating system's job to set up your TCP connection and route your TCP/IP packets, of course it needs to know about the VPN! If it doesn't, it'll simply forward all your requests for the given IP to it's default router and fail with a
"no route to destination"message (or a"time out", if your router is not kind enough to tell your system it has no idea what the private IP is).Can it be done?
From a theoretical point of view, of course, you can bypass Windows completely, but then you'll have to "roll your own" everything. You can't use the Windows IP services, you'll have to implement your own TCP. I'm sure there are about a million other little things that need re-implementing.
For a starting point I'd look at the Open VPN: it's Open Source and available for Windows. It uses the UDP protocol as the bases for the VPN implementation, unlike the Windows VPN (that one uses GRE - General Routing Encapsulation, protocol 47). Open VPN itself, of course, uses a "windows connection" to do it's job, because it aims to provide a useful service, but you can use the source code as the bases for your own implementation.
I personally wouldn't even think about doing this, I'm just showing you the way and proving it's possible.
What should be done
I assume you want some kind of secure communication channel to your own service. Look into simple secure connections, tunneling protocols and proxies.
If this needs to be done for one service on one server, I'd look into a simple SSL implementation. Even better, look into using HTTPS.
If you need to access many different services on possibly different servers on the given private network I'd look into proxies.