Pango Platform
HomeConsole
  • What is Pango Developer Platform
  • Getting started
    • Sign up on the Management Console
    • Create a new project
    • Switch projects
    • Change console settings
    • Edit your profile
    • Try out the demo app
    • Keep exploring
    • Deprecation and Sunset
  • Console details
    • Dashboard
      • General
      • Location loading
    • Users
      • User page
    • Active sessions
    • Network
      • Countries
      • Locations
      • Pools
        • Optimal location
        • Location rules
    • Settings
      • General
        • Project config description (JSON format)
          • Server selector (JSON format)
          • Request selector (JSON format)
      • Authentication methods
        • Auth Plugin requirements
      • VPN
        • General
        • VPN Bypass list
        • Client Networks
      • Member
    • Export Data
    • Log
  • SDK
    • Unified VPN SDK for Android
      • Setup
        • Application Setup
        • Proguard Rules, Notification, and Analytics Configurations
        • Backend URL Configuration
      • Usage
        • Initialization
        • VPN Interface
        • Backend interface
      • Features
        • Hydra Protocol
          • Location profile (Hydra only)
        • Custom sdk dependencies
        • Deferred VPN Service Initialization
        • Authentication
        • Client Network List (CNL)
        • OpenVPN transport
        • Wireguard Transport
        • Reconnection strategy
        • Single Protocol SDK
        • Killswitch
        • Domain route via VPN
        • Process route via VPN
        • Process Bypass
        • Domain Bypass
        • Traffic rules
        • VPN Node DNS Configuration
        • Multihop
          • Optimal Location
      • Exceptions
      • Version migration
      • Changelog
    • Unified VPN SDK for Apple
      • Setup
        • Application Setup
        • Network Extension Setup
          • Network Extension Setup for tvOS
        • Backend URL Configuration
      • Usage
        • Single Protocol SDK
        • Unified SDK
        • Logging
        • Decoding Encoded VPN SDK Logs
      • Features
        • Deferred VPN Service Initialization
        • Authentication
        • Wireguard Transport
        • Reconnection strategy
        • Killswitch
        • Domain Bypass
        • Multihop
          • Optimal Location
        • Client Network List (CNL)
        • Domain route via VPN
      • Changelog
      • API Reference
    • IPSEC VPN SDK for Apple
    • Unified VPN SDK for Windows
      • Setup
        • Backend URL Configuration
        • Service command line arguments
        • ARM Platform Support
      • Usage
        • CoreAPI
        • Events
        • Generating a Unique Device Identifier
        • Error processing
        • Pipe Messaging
      • Features
        • Traffic protection
          • Killswitch
          • Prevent IP Leaks
          • Block Local Networks
        • Other
          • Firewall
            • DNS Monitor
            • Process Bypass
            • Domain Bypass
            • Process route via VPN
            • Domain route via VPN
          • Throttling
          • Optimal Location
          • Common issues
        • Hydra Protocol
          • CustomDNS, UserDNS, MultiHop, VpnProfiles
        • OpenVPN Protocol
        • Wireguard Protocol
        • IPSec Protocol
      • Collecting Debug Logs
      • Changelog
    • Unified VPN SDK for Routers
      • SDK. Shared library.
      • Configuration Interface (CI)
        • Unix Domain Sockets CI
        • REST API CI
    • Unified VPN SDK Feature Comparison By Platform
    • Unified VPN SDK
      • Features
        • Personal Bridge
    • Tunnel Vision and Tunnel Crack Prevention
  • REST API
    • Partner API
  • Sample applications
    • Unified VPN SDK demo for Windows
    • Hydra VPN SDK demo for iOS
    • IPSEC VPN SDK demo for iOS
    • Unified VPN SDK demo for Android
    • Hydra VPN SDK demo for OpenWRT
    • OpenVPN configuration file
  • Resources
    • Use cases
      • Public VPN
      • Business VPN
        • Creating a Business VPN Project
        • Wi-Fi Security for Business
      • Application anti-blocking
    • How-to
      • Create a Firebase project for User Authentication
      • AWS CloudFront Distribution of the Platform URL
      • How can I get Shared Secret key from iTunes Connect for In-App Purchase
  • FAQ
    • General
      • VPN Platform Flow
      • What data is collected by the Platform?
      • What analytic data is collected by your SDK?
      • How the Platform restricts access to our data?
      • Why DNS Leak tests often indicate positive result?
      • Do we need to perform endpoint health checks?
      • How is the VPN exit node found?
      • How are streams re-marked if VPN is enabled/disabled on an active flow?
      • Is there a maximum number of supported devices?
      • Are both IPv4 and IPv6 supported?
      • What is the MTU of the tunnel?
      • Are any redundancy measures in terms of reliability provided?
      • Is there any load balancing?
      • Do you block broadcast and multicast to/from the VPN?
    • List of Open Source libs
Powered by GitBook
On this page
  • General
  • VPN Overview
  • Architectural Diagram
  • Prerequisites
  • Supported protocols
  • Supported features
  • Getting Started
  • Changelog
  • Support

Was this helpful?

  1. SDK

Unified VPN SDK for Windows

PreviousIPSEC VPN SDK for AppleNextSetup

Last updated 1 month ago

Was this helpful?

General

The Windows SDK is part of the Pango Partner SDK, providing client-side libraries and server-side applications for implementing custom VPN infrastructure. The SDK enables developers to create secure and reliable VPN solutions for Windows users, leveraging the benefits of a VPN while offering a seamless integration experience.

VPN Overview

A Virtual Private Network (VPN) is a secure, encrypted connection between your device and a remote server operated by a VPN service provider. When you connect to a VPN, all your internet traffic is routed through this encrypted tunnel, making it difficult for others to intercept or monitor your online activities.

When you connect to a VPN, your device establishes a secure connection with the VPN server. This connection is encrypted using robust protocols like Hydra, OpenVPN, IPSec, or WireGuard. Once the connection is established, all your internet traffic is sent through the encrypted tunnel to the VPN server, which then forwards it to its final destination on the internet.

To the outside world, it appears as though your traffic is originating from the VPN server rather than your actual device. This effectively masks your real IP address, making it harder for websites or other third parties to track your online activities or determine your physical location.

Architectural Diagram

The client application communicates with the UnifiedSDK service, which includes a VPN Controller, Firewall Controller, Throttling Controller, and Events. These components manage various aspects of the VPN connection, such as establishing the VPN tunnel, controlling firewall rules, and managing bandwidth throttling. The Events component forwards UnifiedSDK notifications to the Client Application.

The UnifiedSDK also includes a Backend Provider component that communicates with the backend to obtain the necessary data for establishing the VPN tunnel connection. This data includes authorization and authentication information, lists of available countries and locations, traffic limits, user information, connection data, configuration patches, and more.

The Firewall includes multiple modules, some based on the Windows Filtering Platform (WFP) and others on Netfilter. The WFP modules focus on protecting VPN traffic. On the other hand, the Netfilter modules are used to manage traffic when necessary, providing fine-grained control over network traffic.

The DNS Monitor is a separate module that specifically handles DNS requests when the VPN tunnel is disconnected. Its distinct functionality sets it apart from the other modules in the Firewall component.

Finally, there is a VPN Node component, which represents the remote VPN server that the client application connects to through the established VPN tunnel.

Prerequisites

The following prerequisites are required to use the SDK:

  • OS: Windows 10 and Windows 11, including Windows ARM

  • Software:

    • .NET 8.0 is required if the provided build is not self-contained

Additionally, in order to be able to use the SDK, the following steps have to be done:

  • Create a project and use a name for your project as a Public key. Private key is optional.

  • Use SDK where carrierId equals given Public Key and backend url equals default SDK url or url provided by Pango team.

Supported protocols

Supported features

    • The SDK supports overriding default backend API URLs by providing reserved backend URL to Initialize method.

  • Traffic protection features

  • Supported only on Hydra protocol features

      • Custom DNS profile and UserDNS: Setting up custom DNS profile or use UserDNS to direct all their DNS requests to the desired server instead of the default ones.

      • MultiHop: Routes their VPN connection through an intermediate server before reaching the main VPN server.

      • VPN Profiles: Creating separate VPN profiles for various purposes (e.g. work, streaming, general browsing), allowing them to quickly switch between the appropriate servers without manually configuring the connection each time.

Getting Started

To begin using this project, please refer to Setup.

Changelog

Support

Sign in at .

Note that at this time, it is not possible for users to create their own accounts directly if they do not already have an account established with us. Please contact your sales representative to initiate account creation as part of the project and client onboarding process or . We apologize for any inconvenience.

: Can be enabled/disabled programmatically. When turned on, it acts as a mechanism that prevents traffic leakage outside the VPN-tunnel during an emergency rupture. A kill switch will stop your computer from transmitting data until your connection to the VPN server is restored, protecting from all leaks.

: Blocks IPv6 and DNS requests outside the VPN tunnel

: Block all local network connections during VPN session using BlockLocalNetwork property

: Supports enabling/disabling the firewall, updating bypass domains and processes, adding/removing processes to the killswitch exception list, enabling/disabling DNS monitoring, and getting the current killswitch state.

: Allows excluding certain domains from the VPN tunnel, routing them through the regular internet connection instead

: Allows excluding certain processes or applications from the VPN tunnel, sending their traffic outside the encrypted connection

: Allows you to select specific domains to be routed through the VPN tunnel while all other traffic remains unaffected

: Allows you to select specific processes to be routed through the VPN tunnel while all other traffic remains unaffected

: When the VPN tunnel is disconnected, this module monitors and logs all DNS requests made by the system to help identify potential DNS leaks or unusual domain queries. The DNS monitor is automatically disabled when the VPN tunnel is connecting or connected.

: Supports various one-line requests to configure the firewall, including managing processes, speed limits, and enabling/disabling throttling.

: Automatically select the best VPN server for your connection.

: Provide users with greater control and customization options for managing their VPN connections and DNS requests

The SDK version history and changes are documented .

If you encounter any issues or have questions regarding integrating the SDK, please visit .

pango-cloud.com
contact us
Hydra
OpenVPN
WireGuard
IPSec
Backend URL configuration
Killswitch
Prevent IP leaks
Block LocalNetwork
Firewall
Domain bypass
Process bypass
Domain route via VPN
Process route via VPN
DNS monitor
Throttling
Optimal Location
CustomDNS, UserDNS, MultiHop, VpnProfiles (Hydra Protocol)
here
here
The image shows a high-level architecture diagram for an application involving a VPN (Virtual Private Network) backend accessed by a client application.