Hi all,
Please help me with vpn monitoring. Here are the general description of my objectives:
Function:
Monitor VPN clients on server side, disconnect those suspicious connections. "Suspicious" means the client sents/receives bytes that exceeds specified numbers in a specified time, e.g., 100MB in 20 minutes.
Requirements:
Realtime. It should automatically and periodically check all the VPN clients' connection status, to see if they hit the disconnection criteria.
To my knowledge, in the RRAS snap-in I can view all the connection status, including each connection's up/download bytes. I can also kick those suspicious connection, only manually. And in the system event log, I can filter out Remote Access log recording up/download bytes, but the difference is that this log is generated after the client disconnected.
My progress:
Event Log is too late - it is recorded afterwards. The suspicious connection need to be disconnected by the server, instead of by itself.
I haven't found any ready-made program which meet my requirements(not too high, right?)
API is a good idea. I check MSDN but not a clue. I guess I will have to do a lot of programming in this way.
Please share anything you know regarding this. Many thanks!