get callbacks on ipsec tunnel in windows xp - windows

I want to open an IPsec tunnel from the Windows XP PC (I can do it using MMC GUI) and get callbacks(some Windows API) on the connection status in my application(it can be C, C++ or any other application) like CONNECTION_ESATBLISHED, CONNECTION_FAILED or NEGOTIATION_FAILED.
In other words, I want to know if the tunnel was established, if it's running properly or had being closed through my application code.
I've googled a lot on the subject, but couldn't find any useful information...
Anyone has any ideas?
Thanks a lot!

If you want to create a VPN connection (IPSec) you can configure it with the Remote Access Client API. Create a Ras Entry with RasSetEntryProperties with your IPSec configuration and dial with RasDial. A callback function will notify you about the connection state.

Related

gRPC stopped working with APO on Windows 11

I have a Windows application (APP) and Audio Processing Object (APO) loaded by AudioDG.exe that communicate via gRPC:
APP part that is written in C# creates server via Grpc.Core.
APO part creates client via grpc++.
Server is on 127.0.0.1:20000 (I can see it's up and listening with netstat -ano).
I can confirm that APO is loaded into audio device graph by inspecting it with process explorer.
Everything worked like a charm on Windows 8 and 10, but on 11 it cannot communicate at all - I get either Error Code 14, Unavailable, failed to connect to all addresses or 4, Deadline Exceeded.
After enabling debug traces, I now see "socket is null" description for "connect failed" error:
I0207 16:20:59.916447 0 ..\..\..\src\core\ext\filters\client_channel\subchannel.cc:950: subchannel 000001D8B9B01E20 {address=ipv4:127.0.0.1:10000, args=grpc.client_channel_factory=0x1d8bb660460, grpc.default_authority=127.0.0.1:10000, grpc.internal.subchannel_pool=0x1d8b8c291b0, grpc.primary_user_agent=grpc-csharp/2.43.0 (.NET Framework 4.8.4470.0; CLR 4.0.30319.42000; net45; x64), grpc.resource_quota=0x1d8b8c28d90, grpc.server_uri=dns:///127.0.0.1:10000}: connect failed: {"created":"#1644240059.916000000","description":"socket is null","file":"..\..\..\src\core\lib\iomgr\tcp_client_windows.cc","file_line":112}
What I've tried so far:
Updating both parts to the latest grpc versions.
Using "no proxy", "Http2UnencryptedSupport" and other env variables.
Using "localhost" or "0.0.0.0" instead of "127.0.0.1".
Updating connection to use self signed SSL certificates (root CA, server cert + key, client cert + key).
Adding inbound / outbound rules for my port, and then disabling firewall completely.
Creating server on APO side and trying to connect with the client in APP.
Everything works (both insecure and SSL creds) if I create both client and server in C# part, but as soon as it's APP-APO communication it feels blocked or sandboxed.
What has been changed in Windows 11 that can "block" gRPC?
Thanks in advance!
In your input you write:
Server is at 127.0.0.1:20000
Further looking at the logs, you can see that:
The server is located at
grpc.server_uri=dns:///127.0.0.1:10000
Based on the question posed and the amount of data provided, I would check which port the server is really using and which port the client is looking for a connection on.
The easiest way to do this is to use the built-in Resource Monitor application. On the Network tab, in the TCP Connections list, you can find the application and the port it uses.
You can also use the PowerShell command
Test-NetConnection -Port 10000 -InformationLevel "Detailed"
Test-NetConnection -Port 20000 -InformationLevel "Detailed"
At least this is the first thing I would check based on what you described.
Regarding your question about the changes in Windows 11, I do not think that this is something that's causing problems for you. However, Windows 11 has additional security features compared to Windows 10, try disabling the security features completely as a test. Perhaps this will help solve the problem.
As for ASP.NET Core 6.0 itself (if I understood the version correctly), then there is a possibility that the server part, working not in the sandbox of the programming environment, still does not accept the client certificate. At the program level, you can try to fix this by adding the following exception to the code:
// This switch must be set before creating the GrpcChannel/HttpClient.
AppContext.SetSwitch(
"System.Net.Http.SocketsHttpHandler.Http2UnencryptedSupport", true);
// The port number(5000) must match the port of the gRPC server.
var channel = GrpcChannel.ForAddress("http://localhost:5000");
var client = new Greet.GreeterClient(channel);
More troubleshooting issues with ASP.NET Core 6.0 Microsoft described in detail here.
https://learn.microsoft.com/en-us/aspnet/core/grpc/troubleshoot?view=aspnetcore-6.0
I hope it was useful and at least one of the solutions I suggested will help solve your problem. In any case, if I had more information, I think I could help you more accurately.

How do I find out whats closing my port?

On a Windows Server 2016 Standard, 64-bit, x64-based server, I try to connect to a specific port (1807) to access a third party application using Eclipse. However, an as yet unidentified process is closing it.
How do I find out what?
There seems to be lots of info about how to close ports on SO, but can't find anything about how to monitor what is closing it.
According to a co-worker who looks after the firewall the port is open. Although I also tried running Eclipse on the server and connection to the port inside the firewall. Tried connecting via a testing tool and get "The underlying connection was closed. The connection was closed unexpectedly."
The message connecting via Eclipse is "Cannot join host http://myHost:1807 - Possible reasons could be the host is temporarily unavailable, DNS cannot resolve this name. The port is not open to the outside. The host name is mispelt. The host response has timed out. The host has multiple network cards but one of them is not responding. The newtwork infrastructure does not allow the access to this host".
Eclipse connects via another port OK.
Please let me know if you have any ideas about how to solve this.
You can get the PID of port closing program by netstat -a -n -o. Then by using
tasklist /fi "pid eq 6368" you can find the name of program. 6368 is the pid of program that's blocking the port

Connection Manager Compact 7 connectivity

I am working to create a wifi connectivity for a windows ce 7 device using connection manager. I am new to wince. Can anyone suggest how to establish a connection with a network. I actually wanted to have a list of available networks and to select a network from that. Please help me out in this situation. Awaiting your valuable responses. Thank you.
You mean listing all the available wi-fi networks and then connecting to one of them?
Do you need to have a UI for this (to enter the wlan password etc.) or you'll provide your own UI and just need low-level function to activate the connection?

Ports with C++ Server/Client applications

If I create a c++ server/client application, the port I used to communicate does it need to be open on the router of the server and client machine
Or what other approach could I take? the client computer needs to receive information from the server but I am not able to have any ports opened because it is on a school network....
[edit]
Hmm My setup is a php page running on a server say when I press hello, the server makes a ssh connection through php and sends shell commands to the machine. The server is running off of a school server which I do have ssh access to and run all my things from there. The client computer will be my pc running off of the school wifi which is not connected to the server. The server will try to make a ssh connection to the public ip of my computer running off of the school wifi(no ports open/can ssh out but no ssh in). Will these methods you mention make this possible, in particular the connect.c since I can't run putty off of the server, and the connect.c I could call from the php.
The choice of language is highly irrelevant here.
There don't need to be ports 'open' on any router, unless your traffic must pass through it. On normal peer hosts in the same network (or subnet) there would hardly be any firewall policy, not even in schools.
Technically it is possible for the switch to block peer-2-peer traffic (meaning traffic not destined to the outgoing gateway), but that is not very usual.
Of course, if the school doesn't allow outbound (WAN) traffic on most ports, tough luck, and they're absolutely right :)
You can look at
ssh (with tunnels -L, -D and -R options, perhaps -o GatewayPorts on)
stunnel
connect.c
http-tunnel
All very readily googled
To establish a TCP/IP connection, only the server port needs to be accessible by the client. The connection is full-duplex, therefore data can flow from the client to the server and vice-versa.
If you are using UDP for your application, which is a connection-less protocol, what happens depends heavily on the firewall or router and whether it performs connection tracking for your service or not.
Unless you provide some additional information on your service and the network setup on both the client and the server side, we cannot provide more concrete information.

How to allow incoming connections to ServerSocket in Windows7?

I made a custom http server using java. It runs properly on XP machines and when I open connection to that server from a different machine using its IP address and port it used to work. But in windows 7 it is not working. When I see the firewall it shows several rules. It would be great if someone lets me know which rule I should enable to allow incoming connections.
Regards,
Lalith
Please go through http://windows.microsoft.com/en-US/windows7/Allow-a-program-to-communicate-through-Windows-Firewall

Resources