Preventing Shadow Protect from running over a dialup VPN link

If you're using ShadowProtect and connect via VPN whilst remote back to the office then ShadowProtect may attempt to do a backup over the VPN link. Backups occur using the CIFS protocol which is very unfriendly with WAN links, and will result in extraordinarily high transfers (both upload and download).

Similarly, if you are in your regular office, and you connect to a VPN you should disable ShadowProtect, because it might end up being routed back to your own network via the VPN tunnel. This will occur if the backup target is in a different subnet than the computer Shadow Protect is running on. Not advisable at all!

Notes / caveats:

  • This will not help with IPSEC VPNs that are managed by a firewall device. You should block CIFs traffic on the firewall.
  • I initially tried to achieve this by blocking the process with the firewall but was unable to identify which specific process to block and build the custom conditions required. Stopping the service proved easier.

So, to prevent this behaviour, we setup a scheduled task that is triggered by appropriate events.

Firstly, some data you will need:

  • EventID to look for VPN connection being established: 20225
  • EventID to look for VPN connection being disconnectec: 20226
  • ShadowProtect service name: shadowprotectsvc

Steps (Windows 7):

  • Open Task Scheduler
  • Browse to Task Scheduler Library / Microsoft / Windows / Ras

  • Create a new task:
    • Name "Disable ShadowProtect on VPN connect"
    • Triggers on an event
    • Custom -> New Event Filter
      • Event level (don't select any == any event level OK)
      • By source --> Event source "RasClient"
      • Include EventID: 20225
    • Actions:
      • Start a program:
        • Program/script: net
        • Arguments: stop ShadowProtectSvc
    • Conditions:
      • Ideally this would be locked down to only when a specific VPN connection is available, but VPN connections don't appear in the list to choose from
      • If someone does know how to do this then please let me know!
    • Settings:
      • Step the task if it runs longer than 1 minute
      • Other settings are default

Save your scheduled task, connect to a VPN, and verify that the ShadowProtectSvc has been stopped. You should see a black box appear on the screen momentarily while it is stopping the service.

Next you need to configure the service to start again when the VPN is terminated:

  • Create another scheduled task under RAS again as per the above, but with the following differences:
    • The eventID to filter / match on should be 20226
    • The Name / description should be changed to something like "Start ShadowProtect Service when VPN disconnects"
    • Action is:
      • program: net
      • Arguments: start ShadowProtectSvc
    • Settings:
      • If the task fails, restart every 5 minutes up to 3 times
      • stop the task if it runs longer than 1 minute

And voila - you have created a scheduled task that will be triggered by you connecting / disconnecting to a VPN.

 

0
Creating a route automatically when a VPN tunnel i...
How to fix printing to local printer via CORD - HP...

Related Posts

Comments

 
No comments made yet. Be the first to submit a comment
Mobile Version | Desktop Version