Re: How to get client IP address assigned by Cisco VPN client
Re: How to get client IP address assigned by Cisco VPN client
- Subject: Re: How to get client IP address assigned by Cisco VPN client
- From: Josh Graessley <email@hidden>
- Date: Thu, 20 Apr 2006 13:33:57 -0700
While this may not help with the Cisco VPN, you should consider
asking the stack itself what the local IP addresses are, not system
config. It is possible that people may use ifconfig to bypass system
config and your software should do its best to live in this
environment. There is one other bit to keep in mind, the local
address will depend on the destination. Some VPNs are set to only
route traffic to a certain subnet. There are two good ways to get
this information. The first is to connect a socket, forcing the stack
to pick a local address to bind to. You can get the local address
using getsockname. The other good way to do this is to use a routing
socket to get the route entry for a destination address you are
interested in. If you are simply interested in listening for inbound
connections on all local addresses, your best bet is to either bind
to the INADDR_ANY address (all zeros) or use getifaddrs to get a list
of the local addresses to bind to.
Why do you want to know the address assigned to the Cisco VPN? There
are valid reasons to figure out what the local addresses are, but if
you can avoid it, your code will be more robust. The local addresses
change. If you bind to INADDR_ANY (all zeros address), you may not
have to worry about address changes or what the local addresses are.
In addition, if you are advertising a service with Bonjour, Bonjour
services are associated with a dot-local host name. That dot-local
host name will resolve to all of the addresses assigned to an
interface, regardless of which addresses your service may be binding
to. If you bind to one address on an interface, it is possible that
the Bonjour service will resolve to both addresses and the client on
the other side may give up after trying only the first address,
possibly the address you didn't bind to. Flaky code like this can be
hard to diagnose.
If the Cisco VPN is creating an interface or adding an address to the
stack, the suggestions in the first paragraph will work. If the Cisco
VPN is doing some packet massaging, there may be no good way to tell
what the local address is. You can use ifconfig on the command line
while running the Cisco VPN to tell if the VPN did add an interface
or an address to an interface.
-josh
On Apr 20, 2006, at 1:17 PM, Martin Bestmann wrote:
Hi,
this is not a specific OS question but I know some Cisco people are
also on this list.
When I use the Mac OS X build-in VPN services I can get via the
SystemConfiguration the IP that is assigned by the VPN. Its setup
correctly in the "Addresses" Array of the IPv4 dictionary.
When I connect using the Cisco VPN client (latest version 4.9) the
IP in the "Addresses" Array is still the one from my local network.
Is there anyone who knows how to get the IP assigned by the VPN
router.
Thanks,
Martin
_______________________________________________________
Martin Bestmann Pole
Position Software GmbH
Phone: +49-9134-9942-0 Weingasse 26
Fax: +49-9134-997911 91077 Neunkirchen
am Brand
e-mail:email@hidden Germany
Web: http://www.poleposition-sw.com
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Macnetworkprog mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
40apple.com
This email sent to email@hidden
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Macnetworkprog mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden