Can I Create a VPN application without Virtual miniport driver?

2
votes

I want to create a simple VPN like with User application. I went though different VPN application software. I can see most of them uses a Miniport Virtual adapter for example: OpenVPN use Windows TAP driver. Another VPN software uses both miniport and a filter driver. Note : Filter driver sends and receives data from the real physical Miniport. Isn't?

Now I am beginner in driver development process. I have some doubts regrading that VPN drivers. If I want to create a simple VPN application in ะก++ on windows environment,

  1. Why most of the VPN software uses a Virtual adapter and filter driver (optional)?
  2. Is it mandatory to create a Virtual miniport adapter for VPN application?
  3. Can i create a VPN application with only filter driver? (reading / writing packets )

If I create a new virtual driver, should I undergo the HLK/HCK driver signing test for windows 10 and onward?

1
c++windowsethernetwdkndis

1 Answers

2
votes

In general unless an operating system exposes APIs through inbuilt filter drivers you do need to create your own. You will further see 2 basic types of usage.

  • Virtual Miniport/Nic - A VPN connection creates a virtual interface that can then also be referenced in other decisions like the routing table

  • Inline - These just sit between your the protocol stack and the physical interface and based on its own logic encrypts and redirects them.

That said atleast on Windows you have a few ways to create a VPN app which is user mode based. The newest and most active development is in the UWP api space of Windows.networking.vpn < https://docs.microsoft.com/en-us/uwp/api/Windows.Networking.Vpn>