My UWP VPN app add to username another symbols

Vlad Lopatynets 41 Reputation points
2023-01-15T14:20:22.0366667+00:00

I create vpn profile from my UWP app.

If I try to connect to a server, I see at server logs received EAP identity '?\test'.

My username credential transform from "test" to "?\test"

Sorry for my English :)

public async void connect()
        {
            string eapConfig = @"<EapHostConfig xmlns=""http://www.microsoft.com/provisioning/EapHostConfig""><EapMethod><Type xmlns=""http://www.microsoft.com/provisioning/EapCommon"">26</Type><VendorId xmlns=""http://www.microsoft.com/provisioning/EapCommon"">0</VendorId><VendorType xmlns=""http://www.microsoft.com/provisioning/EapCommon"">0</VendorType><AuthorId xmlns=""http://www.microsoft.com/provisioning/EapCommon"">0</AuthorId></EapMethod><Config xmlns=""http://www.microsoft.com/provisioning/EapHostConfig""><Eap xmlns=""http://www.microsoft.com/provisioning/BaseEapConnectionPropertiesV1""><Type>26</Type><EapType xmlns=""http://www.microsoft.com/provisioning/MsChapV2ConnectionPropertiesV1""><UseWinLogonCredentials>false</UseWinLogonCredentials></EapType></Eap></Config></EapHostConfig>";

            VpnNativeProfile profile = new VpnNativeProfile
            {
                ProfileName = "TestUWP",
                AlwaysOn = false,
                NativeProtocolType = VpnNativeProtocolType.IpsecIkev2,
                RememberCredentials = true,
                RequireVpnClientAppUI = true,
                RoutingPolicyType = VpnRoutingPolicyType.ForceAllTrafficOverVpn,
                TunnelAuthenticationMethod = VpnAuthenticationMethod.Eap,
                UserAuthenticationMethod = VpnAuthenticationMethod.Eap,
                EapConfiguration = eapConfig
            };
            profile.Servers.Add("test.test.com");

            var profileStatus = await windowsVpnManager.AddProfileFromObjectAsync(profile);
            Debug.Print($"profile status -> {profileStatus}\n");


            PasswordCredential credential = new PasswordCredential { UserName = "test", Password = "test123" };

            var connectionStatus = await windowsVpnManager.ConnectProfileWithPasswordCredentialAsync(profile, credential);

            Debug.Print($"connection status -> {connectionStatus}\n");
        }
Windows 10
Windows 10
A Microsoft operating system that runs on personal computers and tablets.
11,967 questions
Universal Windows Platform (UWP)
C#
C#
An object-oriented and type-safe programming language that has its roots in the C family of languages and includes support for component-oriented programming.
11,201 questions
{count} votes

Accepted answer
  1. Peter Smith 581 Reputation points Microsoft Employee
    2023-01-18T23:41:42.4733333+00:00

    I've just asked the VPN developer team about this. The short answer is that the code adds the "?" because that's what the Microsoft RRAS server is expecting to see. The Windows IKEv2 was designed to work as part of the entire Domain solution. Each user is part of some "Domain" -- in some companies, everyone is in one domain; in others people get put into different domains.

    The VPN developers think that because you're providing a user name ("test") without a domain name, a dummy domain name ("?") is added along with the needed backslash.

    1 person found this answer helpful.
    0 comments No comments

0 additional answers

Sort by: Most helpful

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.