How to detect an active VPN connection with a specific name

Asked 20/7, 2017 at 6:32 Answered 7/4, 2021 at 7:54

powershell powershell-2.0 vpn windows-server-2008-r2

I found an article which lists several ways to detect an active VPN:

Using Win32_NetworkAdapter:

Get-WmiObject -Query "Select * from Win32_NetworkAdapter 
where Name like '%VPN%' and NetEnabled='True'"

Using Win32_NetworkAdapterConfiguration:

Get-WmiObject -Query "Select * from Win32_NetworkAdapterConfiguration 
where Description like '%VPN%' and IPEnabled='True'"

Checking the presence of an active PPP adapter
```
ipconfig | Select-String 'PPP adapter'
```

Checking the IPv4 routing table

Get-WmiObject -Query "Select * from Win32_IP4RouteTable 
where Name like '10.0.99.%' or Name like '10.15.99.%'"

In my case approaches 1,2 & 4 simply didn't work. The third approach works well and it's really enough. But as far as I understand having multiple VPN connections configured can give an ambiguous result for method 3.

So my questions are:

Is there a way to be more specific (use combined approach maybe?) with method 3, to be able to check the connection name?

Why didn't methods 1 & 2 work for me? Querying it like this

$adapters = (Get-WmiObject -Query "Select * from Win32_NetworkAdapter")
foreach($a in $adapters) {
    Write-Host $a.Description
}

gives me a list of adapter names with no mention of 'VPN' in their description:

WAN Miniport (SSTP)
WAN Miniport (IKEv2)
WAN Miniport (L2TP)
WAN Miniport (PPTP)
and so on...

Adenovirus answered 20/7, 2017 at 6:32 Comment(1)

well, can you check the output of ipconfig on a PC with 2 active VPN connections to discern if they differ somehow and filter based on that? at the very worst you will get ppp adapter 2 times, but I'm sure they will differ and you can work out a way to filter stuff – Oquendo 20/7, 2017 at 8:28

Easiest way will be to use the Powershell Commamdlet

Get-VPNconnection -Name "VPN Name"

One of the items reported is "ConnectionStatus". Also if the VPN is an All user connection you will also have to use the switch "-AllUserConnection" with the commandlet

Koster answered 20/11, 2017 at 15:33 Comment(1)

This doesn't seem to work with all VPNs. I just tried while connected to Fortinet VPN (FortiClient) and got no results from Get-VPNconnection – Pederast 29/12, 2021 at 18:28

How about using this:

Get-NetAdapter -InterfaceDescription "VPN Name" | where {$_.status -eq "Up"}

Just Use Get-NetAdapter to get a list of the Network/VPN Names..

Submarginal answered 6/12, 2019 at 15:58 Comment(0)

In my scenario, the presence of TAP in the InterfaceDescription property signifies the VPN connection status, but you could put any string within the test

$NIC = Get-NetIPConfiguration | ? {$_.NetAdapter.status -eq "UP"} | Select-Object InterfaceDescription
    if ($NIC -match "TAP") {
#VPN active → go to work
} else { 
       Write-Host "~~~~~~~~~~~~~~~~~" -ForegroundColor Cyan 
       Write-Host "VPN DEACTIVATED ?" -ForegroundColor Cyan 
       Write-Host "~~~~~~~~~~~~~~~~~" -ForegroundColor Cyan 
    }

Aerophyte answered 7/4, 2021 at 7:54 Comment(3)

You are searching the whole filtered object for TAP. If you want to search only InterfaceDescription, you should do Select-Object -expandproperty InterfaceDescription per https://mcmap.net/q/513747/-powershell-format-table-without-headers – Ode 29/8, 2022 at 10:55

Agreed, it is a bit cleaner, but don't think it makes that much of a difference, does it? It is still just a single NoteProperty, right? Just FYI, the official docs on -ExpandProperty → learn.microsoft.com/en-us/powershell/module/… – Aerophyte 30/8, 2022 at 7:22

I found this because I needed -eq because VPN interface was substring of other interfaces. – Ode 7/9, 2022 at 14:5

If you also want to get the PPP-adapter and other hidden adapter info you should use this:

[System.Net.NetworkInformation.NetworkInterface]::GetAllNetworkInterfaces()

Vapor answered 13/1, 2021 at 18:8 Comment(0)

Recommended topics

Hot tags