Delivering a Secure Cross-Platform VPN with Custom Windows Support

A VoidStarIndia Case Study

Client Overview

The client, a leading cybersecurity provider from Palo Alto, had successfully implemented a Virtual Private Network (VPN) solution on Linux and macOS, built on top of StrongSwan, an open-source IPSec-based VPN. However, the solution could not be extended to Windows endpoints due to a critical limitation — Windows lacked built-in support for assigning Virtual IP Addresses, a mandatory requirement for the client’s VPN to function.

Challenges

  • No existing virtual adapter or plugins available on Windows for this use case.
  • The need to design a Windows-compatible TAP device equivalent from scratch.
  • Extensive kernel-level programming and OS internals expertise required to integrate securely with Windows networking.

Team Strength

VoidStarIndia deployed a specialized team of senior engineers with expertise across Windows, Linux, and macOS networking. With over 10 years of cybersecurity product development experience and strong knowledge of kernel programming across platforms, our team was able to architect and implement a tailored solution for the client’s Windows environment.

Our Approach

We engineered a custom Virtual Network Adapter for Windows, enabling the client’s VPN to operate seamlessly across platforms. Key components of the solution included:

  • Developing a TAP-like network adapter to capture packets at the Ethernet layer.
  • Processing traffic in user mode by removing Ethernet headers, adding IP headers, and applying encryption.
  • Securely transmitting encrypted packets to the client’s custom VPN server.
  • Receiving, decrypting, and reinjecting packets back into the Windows network stack for end-to-end functionality.

Results

  • Delivered a fully functional Windows VPN client, enabling true cross-platform support (Windows, macOS, Linux).
  • Helped the client launch a comprehensive VPN solution, strengthening their product portfolio.
  • Expanded their addressable market by adding Windows endpoint support for enterprise customers.
  • Established VoidStarIndia as a trusted long-term partner for kernel-level and network security engineering.

Technical Expertise Demonstrated

  • In-depth understanding of the Windows Network Stack.
  • Proficiency in Windows encryption/decryption mechanisms.
  • Advanced knowledge of network headers and packet manipulation.