This project is read-only.

Dotras Authication

Jul 1, 2011 at 1:40 PM

I registered with a vpn service provider and the gave me these files to connect to there server. client.key, ta.key, ca.crt and client.crt how can i login the server using these certificates? Here is my code:


Imports DotRas
Imports System.Net

Public Class Form1

     Private Sub newButton_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles newButton.Click
        Dim VpnName As String = "Tunnel"
        Dim Destination As String = "76.**.**.**"
        Dim PresharedKey As String = "Don't know what to put here"
        Dim PhoneBook As New RasPhoneBook
        Dim VpnEntry As RasEntry = RasEntry.CreateVpnEntry(VpnName, Destination, DotRas.RasVpnStrategy.PptpOnly, DotRas.RasDevice.Create(VpnName, DotRas.RasDeviceType.Vpn))
        VpnEntry.Options.RemoteDefaultGateway = False
        VpnEntry.EncryptionType = RasEncryptionType.Optional
        VpnEntry.Options.RequireDataEncryption = False
        VpnEntry.Options.ShowDialingProgress = False
        VpnEntry.Options.PreviewUserPassword = False
        VpnEntry.PhoneNumber = Destination
        VpnEntry.UpdateCredentials(RasPreSharedKey.Client, "value")
    End Sub

End Class

Jul 4, 2011 at 3:13 PM

If you were going to use a preshared key, that would need to be identified before hand and you'd know what value to use. The preshared key may be what's in the client.key file, though I don't know. You'd need to work out which values are contained in which files.

As for your certs, DotRas only has limited support for certificates... the EAP mechanism it uses is not very well documented and there are some known problems around using certificates with DotRas. I did my best to get the support added, but without any real way of testing it (I couldn't get the certificate based server to work with clients I was using) I can't guarantee anything will work.

For configuring the entry, you'd be better off creating the entry through the Windows "Add new connection" interface than trying to guess which settings you need to use. Once you have the connection authenticating to the server and allowing you to connect correctly from that generated entry, look at that entry in code, copy the settings down, and replicate those settings in your code. Also, you'll probably need to install the ca.crt and client.crt files on the machine in order for the certificates to be picked up.