Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Shaun E on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Automate VPN connection Through VFP7

Status
Not open for further replies.
kstocker

kstocker

Programmer
Jan 17, 2002
6
US
I may be missing something here, but is there a way to automate starting a VPN connection through VFP7?

We are on a LAN and have a permanent connection to the internet. We download files from a remote site and import them into a VFP 7 application. Because of the HIPAA rules we have to use a VPN connection over the internet to the remote site. I would like to automate the whole process so I don't have to stand over the operator and say "Don't forget to open and close your connection to XXXXX."

TIA
 
Sort by date Sort by votes
Is it possible for you to FTP it instead?
There are a couple good routines I use for that.
Dave S.
 
Upvote 0 Downvote
Thanks for your answer, but the FTP thing is no problem. I just use a script file and access ftp through the run command(!)(might seem archaic, but works great). Due to security issues we have to connect to the ftp server via VPN. I need to try to programatically connect and disconnect this VPN connection if possible.
 
Upvote 0 Downvote
I'm afraid I'm confused. If you're connected to the internet, you're connected to the VPN. FTP only opens a connection to the remote server for that FTP session.
Dave S.
 
Upvote 0 Downvote
Let's see if I can clear this up.

We don't connect to the internet via VPN. We have a full time internet connection through a router and firewall that we use to do all of our email and other internet business. We only use the VPN when we want to connect to the remote site. The VPN is used to create a secure tunnel over the internet between us and the remote site.

Steps are

1. We fire up our computers and login (at this point we are on the internet)

2. When we want to connect to this particular ftp site, which is not available to the general public and hidden behind a firewall, we fire up the VPN connection which creates a secure tunnel via the internet through the remote site's firewall.

3. We fire up the old ftp protocol and download our files.

4. When file transfer is complete, we disconnect from the ftp site and then disconnect the VPN connection.

Hope this clars things up some. What I want to be able to do is automate step 2.
 
Upvote 0 Downvote
That's the part I'm missing. How do you establish the VPN connection? I'm not trying to get you to divulge proprietary information, but I don't get what you are doing to connect. Is it some 3rd party package that says to the remote server "Let me in!", or some sort of RAS, Citrix, ....
Dave S.
 
Upvote 0 Downvote
Nothing fancy. We have just used widows networking and created a VPN connection that uses IP addresses instead of dialup. There are several ways to create a VPN connection on the receiving end. In this case, the remote location is using a Cisco router that has a VPN option. The Windows VPN module works well with it. Very basically, when you use VPN over IP you are creating a highly secure pathway between two sites using the internet connection. This is known as a tunnel. Theorectically (you noticed I said theoretically) no-one can tap into this tunnel and hack the data in this stream. As far as the windows user is concerned, once this connection is created it works just like having a second network card in your computer. I don't want to get too deep into the theory here since this is a VFP forum.

Once all the settings are in place, we have an icon in the "Networking and Dial-up Connections" folder that we click on to create the tunnel. When we have the data we need, we right click and disconnect. Having a VPN connection like this is like having a wire runnning between us and the remote site that disappears when we are not using it.
 
Upvote 0 Downvote
I got it now. It's basically a dial-up networking connection.
I know there's a way to strat up a DUN connection, but I can't seem to find it. If there's no graceful way to clear the connection, you could always use an API call such as TerminateProcess().
Dave S.
 
Upvote 0 Downvote
Hi kstocker,

There are many ways to create a VPN. If the target computer uses a cisco router and the VPN and VPN software is built into the router, the target router may be dependant on you having a cisco router to connect to it. You should check the hardware doc to see if this is possible. A VPN of this kind usually uses high encryption between the two routers, even during the login authentication step. Once logged into the target, you would be a local network node rather that remote, complete with a local IP address. You would only be using the internet infrastucture to create the VPN. If this process were automated, with scripts for example, it seem to me it would create a major security hazzard. Most people using VPNs do so to obtain security feature a VPN provides like encryption, intrusion detection, inspection of IP packets, etc. You might want to check with the target system to see if this would permitted/recommended by them.

LelandJ

Leland F. Jackson, CPA
Software - Master (TM)
Nothing Runs Like the Fox
 
Upvote 0 Downvote
I don't want to create a new VPN connection.

I want to programmatically turn an existing one on and off.

The app we are using is only used here, and only by us. My users grouse about having to remember to connect to the VPN connection, run the download part of the program, and then disconnect from the VPN connection so that they can continue their work. Since the remote site has their internet connection almost completely locked down, when my users are connected vis the VPN they can't access the internet or get their email. You don't know how many complaints I've had and help desk calls I have had over this one issue.
 
Upvote 0 Downvote
Hi kstocker,

I don't have the foggiest idea of how to automatically turn on/off a VPN connection after the original connection has been made. It seem like the target computer would have a timer that would disconnect a user after a certain period of inactiveity (e.g. timeout the connection). For security reason it seem like a bad idea to have a user pull the plug on the connection, leaving the target VPN connection dangling. It seem like it would be a better idea to have the user log out when closing the VPN connection. I would suspect the the cisco router is logging all connection including your real IP address, as well as you local IP, so just turning off the computer might eventually bring a responce from the target VPN about this. I'm not sure exactly how your VFP is constructed, but I would talk to whoever provides the hardware and software to see if they could tell me how this might be done and whether an automatic mechanism to turn a VPN connection on and off is a good idea. Since the VPN needs to be configured over a designated port, you should have port 80 avaliable of the internet.

You might consider putting a second NIC (e.g. Network Interface Card) in each computer and run a second C5 cable to the modem. The you could fire up a browser with whatever http address you wanted and it would be routered through port 80 leaving the VPN connection undistrubed.



Leland F. Jackson, CPA
Software - Master (TM)
Nothing Runs Like the Fox
 
Upvote 0 Downvote
Hi kstocker,

Before testing using a second network card, be sure that the proper ports on your router, firewall software, etc, are open as follows:

Port
____

SMTP Simple Mail Transfer Portocol-send email 25
HTTP Hypertext Transfer Protocol-Browse Internet 80
POP3 Post Office Protocal-Pickup email 110

If your using a router, you may be able to have a persistent VPN connection while sending/receiving email, and browsing the internet at the same time. You may also need a DSL/Cable modem always on connection to your ISP.
Leland F. Jackson, CPA
Software - Master (TM)
Nothing Runs Like the Fox
 
Upvote 0 Downvote
First, what VPN service are you connecting to? If you are using Cisco routers and connecting via Cisco's VPN client I can help there. I automated this simply by creating a bat file to run command switches on the application. When I connect I execute a bat in the vpn client directory called VpnConnect.bat inside the bat I launch vpnclient and provide parameters as listed below. Very simple if you have the client configured. You can also setup a bat for disconnecting.

ConnectVpn.Bat
vpnclient.exe connect myoffice

Thats it

DisconnectVpn.bat
vpnclient.exe disconnect


The following I did just to show the various options when using the vpnclient.exe with its various parameters.

If you are not connecting to Cisco routers provide the routers brand and client you currently use.


C:\PROGRA~1\Cisco Systems\VPN Client>vpnclient connect
Cisco Systems VPN Client Version 3.6.1 (Rel)
Copyright (C) 1998-2002 Cisco Systems, Inc. All Rights Reserved.
Client Type(s): Windows, WinNT
Running on: 5.0.2195

The command you are trying to execute requires additional parameters.
Usage:
vpnclient connect <profile> [user <username>] [eraseuserpwd | pwd <password>]
[nocertpwd] [notrayicon | sd]
vpnclient disconnect
vpnclient stat [reset] [traffic] [tunnel] [route] [firewall] [repeat]
vpnclient notify
vpnclient verify [autoinitconfig]

C:\PROGRA~1\Cisco Systems\VPN Client>
 
Upvote 0 Downvote
Thanks to all for your input.

A second network card is not an option at this time. It would mean pulling additional cable to 30 computers and buying an additional switch.

To robsutonjr-- We are using the Windows 2K VPN client through a Cisco firewall on both ends. We can't use the Cisco client software because it causes problems with some of the other applications we run.
 
Upvote 0 Downvote
Kstocker,

I know it's been some time since you posted this question and I'm not sure whether your problem's been resolved, but I was combing the archives for an answer to a problem I'm having and ran into your post.

I'm doing something similar, but I'm simply connecting to an ftp site and downloading/uploading files to and from our remote/corp locations.
I use wininet.dll InternetDial and InternetHangup functions to establish connections to the internet using the dialup connections. I also have access to a VPN acct, which I connect to using a dialup connection.
In the office I'm connected to the internet via a T1. If I need access to the VPN, I simply use the VPN dialup connection (it does dial, it just used for user/passwd).

I was able to use the InternetDial function to dialin to the internet and then use it again to connect to the VPN acct.

I posted a question yesterday about a problem I'm having with InternetDial not returning a connection handle. That post has a sample of the code I'm using...

Chet
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

dylim
  • Locked
  • Question
Correct Connection String VFP to MariaDB
2 3
Replies
56
Views
4K
dylim
dylim
Vince Wen
  • Locked
  • Question
How do you check leasingmode setting through the program?
Replies
3
Views
486
Chriss Miller
C
zazzi
  • Locked
  • Question
Sending multiple commands to MySql backend through TEXT...ENDTEXT 2
Replies
10
Views
1K
Chris Miller
Chris Miller
Steve Yu
  • Locked
  • Question
Westwind Web Connection server on LAN: can SPT (MS SQL) work ? 4
2 3
Replies
44
Views
4K
Steve Yu
Steve Yu
ravicoder
  • Locked
  • Question
Mysql Connection String using latest driver
Replies
3
Views
1K
Chris Miller
Chris Miller

Part and Inventory Search

Sponsor

Back
Top