Capturing VPN usage statistics
https://stackoverflow.com/questions/565734
-
05-09-2019 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
We're monitoring usage statistics of a network interface using NetworkInterface.GetIPv4Statistics() in .NET 2.0. This isn't reporting correct statistics for connections over which VPN traffic is being tunneled. Instead - in the case of the Cisco VPN client - the usage is just attributed to a new network interface that just looks like an Ethernet connection.
Windows itself (Vista, at least) adds the VPN statistics to the actual physical interface correctly, so viewing the 'Status' dialog for the original connection shows the correct byte counts. However, the results of the call in .NET do not merge the traffic together.
Is there a way to associate the VPN connection back to the network connection over which it's being tunneled? Failing that, does anyone know which API is being used by the status dialog to retrieve correct statistics?
At the moment we're having to manually detect connections that look like they're VPNs and add their usage to whatever other connection is active, and this doesn't seem like a robust solution.
Solution 3
As Rob suggests, the answer lies within WMI. Win32_PerfFormattedData_RemoteAccess_RasPort seems to be exactly what Windows uses itself - the numbers are the same, byte for byte, whether the VPN is up or not.
I tested with:
static class Program
{
static void Main()
{
var query = new WqlEventQuery("__InstanceModificationEvent", TimeSpan.FromSeconds(1),
"TargetInstance ISA 'Win32_PerfFormattedData_RemoteAccess_RasPort' AND TargetInstance.BytesReceived > 0");
var watcher = new ManagementEventWatcher(query);
watcher.EventArrived += EventArrived;
watcher.Start();
Console.ReadLine();
}
static void EventArrived(object sender, EventArrivedEventArgs e)
{
var mo = e.NewEvent["TargetInstance"] as ManagementBaseObject;
Console.WriteLine("{0:#,0}: {1:#,0} bytes sent, {2:#,0} bytes received", mo["Name"], mo["BytesTransmitted"], mo["BytesReceived"]);
}
}
OTHER TIPS
Here's a program written in Delphi (with full source and explanation) that will help you to collect network information, including VPN data. This is using the open-source Indy components, which is also available for use with C#.
I'd suggest browsing through the source, and you'll find the exact Windows API calls it makes. It relies HEAVILY on the IP Helper API (IPHlpApi).
If you are looking for C# only examples, I'd suggest doing some google-ing for "C# and IpHlpApi".
Regards
I'll have to check when I get to work to see what my config looks like.
One thing that Cisco VPN does is, if configured, disabling split tunneling. What that means is that you are prevented from accessing your local subnet on the connection that is connected to VPN.
The way I can see this, is when my ethernet connection is configured with an IP Address, but doesn't have a Default Gateway.
Supposing that you identify the VPN connection, that gateway-less connection would be your other connection.
Also, have you looked into any WMI classes. Cisco VPN may interact with a WMI class perhaps.
