Thanks to all the developers who put the bits & pieces together; without them it wouldn't be possible. You don't need to be an Android or Linux guru to get it working - SDK, ADB, etc. are not required.
What is OpenVPN?
OpenVPN is a free and open source software application that implements virtual private network (VPN) techniques for creating secure point-to-point or site-to-site connections in routed or bridged configurations and remote access facilities. It uses SSL/TLS security for encryption and is capable of traversing network address translators (NATs) and firewalls.
What's Covered in this Guide:
A step by step tutorial for configuring OpenVPN on the Evo 4G. Use at your own risk!
Not Covered:
Yea but how do I?
Requirements:
Rooted Evo
USB Data Cable
Amon RA Recovery - RA-evo-v1.8.0 (or above)
http://files.androidspin.com/downloads.php?dir=amon_ra/RECOVERY/&file=recovery-RA-evo-v1.8.0.img
Terminal Emulator (download from market)
Super Manager (download from market)
Busybox (download from market)
OpenVPN Installer (download from market)
OpenVPN Settings (download from market)
Tun.ko built for your specific kernel (recommend netarchy-toastmod, Stable: 4.1.9.1 or higher)
http://forum.xda-developers.com/showthread.php?t=719763&highlight=amon
Modified openvpn executable & matching iproute-wrapper script.
http://forum.xda-developers.com/attachment.php?attachmentid=385959&d=1282516002
An OpenVPN Account & config files.
GTech Net Tools (download from market).
Let's begin.
Root your Evo if not already done.
Install GTech Net Tools & run; select My IP & Get IP Address; External Address & Local Information are issued from your cell provider data network; record these values for later comparison.
Install Amon RA.
Install Busybox to /system/xbin.
Install OpenVPN Installer (binaries) to /system/xbin; select path to ifconfig: /system/xbin.
Install OpenVPN Settings (settings later in this guide).
Install custom kernel with built in tun.ko support; flash via Amon RA recovery & reboot.
Install Terminal Emulator.
Install Super Manager.
Open your openvpn config file & add the following to the last line, then save: 'iproute /system/xbin/iproute-wrapper.sh'.
***Make sure your config.ovpn file has NO_SPACES in name***
Connect Evo to PC via USB cable; select 'Disk Drive' & 'Done'.
Create folders on SDCard 'Downloads' (if not already there), and 'openvpn'.
Copy your config.ovpn files to SDCard/openvpn folder
Copy 'openvpn' & 'iproute-wrapper.sh' to Downloads folder on SDCard.
Disconnect USB cable.
Start Super Manager; select Settings; Enable ROOT function; press back button on phone; browse to SDCard/Downloads - copy & paste 'openvpn' & 'iproute-wrapper.sh' to /system/xbin.
Start Terminal Emulator.
@ $, type su & enter key; should now see #
Type 'chmod 755 /system/xbin/openvpn' & enter; then type 'exit' & enter.
Start Super Manager; select Settings; disable ROOT function.
Press Home button on phone.
Start OpenVPN Settings; press 'menu' button on phone; select 'advanced'; check 'load tun kernel module'.
Click 'TUN modules settings'; Check Load module using 'insmod'.
Enter Path to tun module: '/system/lib/modules/tun.ko'.
Select 'path to openvpn binary'; enter '/system/xbin/openvpn'.
Check 'Fix HTC Routes'.
Press Back button on phone.
Check OpenVPN; check your_server.ovpn; 'Username/Password required' should appear on Status bar at top of phone.
Slide Status bar down, click on 'Username/Password required', enter info & click 'OK'.
Under yourserver.ovpn view status - Wait for 'connecting...auth...get config'...should be 'connected to 111.111.111.111 as 222.222.222.222'.
Start GTech Net Tools; select My IP & Get IP Address; External Address & Local Information should now be issued from your OpenVPN provider; compare to original data you recorded earlier.
Press Home button on phone...do you see the 'Key' icon on Status bar?
If Yes.............You have done it!
Additional Resources:
OpenVPN
http://openvpn.net/
Wikipedia - OpenVPN
http://en.wikipedia.org/wiki/Openvpn
Enjoy!
Check 1st post for revisions & updates.
Thanks for the write up. However, can you dumb it down one more level. I started looking at OpenVPN when I realized that the Android VPN was broken. I have configured Windows VPN for my home Windows PC, but I assume that it won't directly work with OpenVPN.
What do I need to do to configure my PC?
I assume once I understand that, I'll also understand what you mean by "An OpenVPN account & Config Files.
I appreciate your help.
The guide is limited to OpenVPN on the Evo 4G Android platform.
I have a question also. I am stuck at the Open your openvpn config file & add the following to the last line, then save: 'iproute /system/xbin/iproute-wrapper.sh" step. Is this on the EVO or on the OpenVPN account?
Also, I signed up for the OpenVPN account and am using a Macbook-with Windows 7 installed via Parallels, an iMac and another laptop running Linux Ubuntu. Which program do I download for my setup on the OpenVPN site so that they all work? I don't see one for OSX? I have tried the EVOVPN app and it works great just for the phone....but computers won't hook up even though I have them set up using the same LAN settings.
I am hoping for something that will let me use a secure server using the EVO connecting all of my computers.
Thanks for your help and for the guide and for any advice you could share. Have a great day!
Good questions - focus on keeping things simple.
1Brite1 said:
I am stuck at the Open your openvpn config file & add the following to the last line, then save: 'iproute /system/xbin/iproute-wrapper.sh" step. Is this on the EVO or on the OpenVPN account?
Click to expand...
Click to collapse
Your OpenVPN provider posts config files to download required for their service to work. Normally no editing is necessary, but for Android it is at least for now (*more on why later).
Their config files package may include many different types of files, look for the one with .ovpn extension (there may be several - server_1.ovpn, server_2.ovpn, etc.); open the file(s) with your text editor; normally the last line of this file is 'auth-user-pass'; create a new last line 'iproute /system/xbin/iproute-wrapper.sh' (without quotation marks) and save. Copy this edited file & any other config files your provider requires to the Evo /sdcard/openvpn folder you created earlier.
1Brite1 said:
I signed up for the OpenVPN account and am using a Macbook-with Windows 7 installed via Parallels, an iMac and another laptop running Linux Ubuntu. Which program do I download for my setup on the OpenVPN site so that they all work? I don't see one for OSX? I have tried the EVOVPN app and it works great just for the phone....but computers won't hook up even though I have them set up using the same LAN settings.
Click to expand...
Click to collapse
The good news is whatever OpenVPN service provider you choose, it should work with whatever device you have. However, each operating system has different requirements, so there are clients specific to each of these OS's. For example, Windows client = openvpn client, Linux = gopenvpn, etc. For the Evo, & Android in general, the client is 'OpenVPN Settings', setup of which is included in the guide. 'EVOVPN' is not 'OpenVPN', we're not sure what it is, they don't offer any support or documentation; advise to stay away until more info is available.
1Brite1 said:
I am hoping for something that will let me use a secure server using the EVO connecting all of my computers.
Click to expand...
Click to collapse
As above, only one service provider is needed, the clients vary by operating system. If you're referring to remotely accessing your other computers via the Evo with OpenVPN running, well yes that works but is not covered here; setup for that would be the same whether or not you use OpenVPN.
*The edit to .ovpn config file is required at this time to let the Android client know which routing table is being used; it may become unnecessary with future updates.
Thank you sc10000.....I appreciate your time...nothing more frustrating than asking a question and never getting an answer or one that is so informative. I will try the set-up again...but I see also that you have to pay for the OpenVPN service. I have an OpenDNS account and wonder if that is the same type of service and it is free but not sure if it will work with EVO. I will look into that option also as I know I used to use that for my Linux system. But, as you said, that may be just operating system specific. Again, thank you for elaborating!!! Now, I get it.
Thanks for the tutorial sc10000. I just wanted to put a little bit of input into the mix.
OpenDNS is quite different from OpenVPN. OpenVPN is strictly for users who need to encrypt their connection and/or connect to another 'network' such as their work or school network. A lot of other people use OpenVPN for other reason (i.e., watch Hulu from another country outside of the US, etc.).
I use Private Internet Access ( privateinternetaccess.com ) as an OpenVPN provider and it works with your tutorial. Other great providers are listed here:
Private Internet Access ( privateinternetaccess.com )
WiTopia ( witopia.net )
Strong VPN ( strongvpn.com )
There are a few others, but I would stick to the big three for safety.
Some other great providers not listed above:
Anonyproz - anonyproz.com
blackvpn - blackvpn.com
There are many out there, find one that suits you.
I keep getting
FATAL:Linux ip link set failed: could not execute external program
I checked the permissions on the files and they are executabled, I checked the iproute-wrapper.sh script and it was looking for ip in /system/bin my EVO did not have it there but it was in /system/xbin so I changed that too.
I don't recommend changing anything in the scripts or files. Go back to guide & make sure you have completed all the steps exactly. Possibly you have installed something in a different location, etc.
If still not working, then try a different kernel - you did replace the kernel right?
This one is working as of now, with ROM 3.70.651.1
netarchy-toastmod-4.3-bfs-nohavs-noUV-sbc-universal (No Undervolting)
I am on CM 6.1.1 and using 12/25/10 - SBC for BC's Kernel SBC-bcnice-stable-v7.zip (2.62 MB) Kernel
sc10000, what purpose would vpn serve on the cell phone for general usage? I can understand if connecting to a company vpn for access to their network.
What would the application be? Why would I want/need vpn (openvpn) on my android device?
gpz1100 said:
Why would I want/need vpn (openvpn) on my android device
Click to expand...
Click to collapse
Why would you volunteer your unprotected data to anyone who seeks it?
Right, but why would I be connecting to my network using the handset? I'd have the vpn client running on my laptop or netbook.
gpz1100 said:
why would I be connecting to my network using the handset? I'd have the vpn client running on my laptop or netbook.
Click to expand...
Click to collapse
vpn is not openvpn. Why would you connect any device to the internet without security?
Big brother is watching. Really.
I was hacking away at this last night, but haven't been successful in getting my vpn connection up and running.
I have copied my openvpn config from my linux box and have gone over the instructions multiple times to verify, but keep getting the following error in the log:
D/OpenVPNDaemonEnabler( 963): Received OpenVPN daemon state changed from Unknown to Disabled
D/OpenVPNDaemonEnabler( 963): Received OpenVPN network state changed from Connected to Exiting
D/OpenVPN-DaemonMonitor[/sdcard/download/openvpn/connect.ovpn]-mgmt( 963): attach(): using management port at 27860
E/OpenVPN-DaemonMonitor[/sdcard/download/openvpn/connect.ovpn]-mgmt( 963): attaching to OpenVPN daemon: /127.0.0.1:27860 - Connection refused
W/OpenVPN-DaemonMonitor[/sdcard/download/openvpn/connect.ovpn]( 963): start(): choosing random port for management interface: 32537
D/OpenVPN-DaemonMonitor[/sdcard/download/openvpn/connect.ovpn]-daemon( 963): invoking external process: /system/bin/su
D/OpenVPN-DaemonMonitor[/sdcard/download/openvpn/connect.ovpn]-daemon( 963): invoking command line: /system/xbin/openvpn --cd '/sdcard/download/openvpn' --config 'connect.ovpn' --writepid '/data/data/de.schaeuffelhut.android.openvpn/files/com.d/_sdcard_download_openvpn_connect.ovpn-pid' --script-security 1 --management 127.0.0.1 32537 --management-query-passwords
D/OpenVPNDaemonEnabler( 963): Received OpenVPN daemon state changed from Unknown to Startup
D/OpenVPNDaemonEnabler( 963): Received OpenVPN daemon state changed from Unknown to Disabled
D/su ( 4167): 10165 de.schaeuffelhut.android.openvpn executing 0 /system/bin/sh using shell /system/bin/sh : sh
D/OpenVPN-DaemonMonitor[/sdcard/download/openvpn/connect.ovpn]-daemon-stdout( 963): Options error: Unrecognized option or missing parameter(s) in connect.ovpn:22: iproute (2.1.1)
D/OpenVPN-DaemonMonitor[/sdcard/download/openvpn/connect.ovpn]-daemon-stdout( 963): Use --help for more information.
I/OpenVPN-DaemonMonitor[/sdcard/download/openvpn/connect.ovpn]-daemon-stderr( 963): terminated
I/OpenVPN-DaemonMonitor[/sdcard/download/openvpn/connect.ovpn]-daemon-stdout( 963): terminated
Click to expand...
Click to collapse
If I comment out the "iproute /system/xbin/iproute-wrapper.sh" from my config file, then the vpn will say it is connected, but I won't be able to access anything.
Any help is appreciated!
enormous said:
If I comment out the "iproute /system/xbin/iproute-wrapper.sh" from my config file, then the vpn will say it is connected, but I won't be able to access anything.
Click to expand...
Click to collapse
Most likely a kernel issue, try replacing with one that has known tun.ko support. Do not comment out 'iproute /system/xbin/iproute-wrapper.sh' or it won't work.
So I follow these steps EXACTLY yesterday (Evio 1.7.7 rom; Netarchys latest stable kernel) and I was able to connect! The tun.ko I used was one I found i believe for the Desire.. but it seemed to work, and I was able to ping my DB server at the data center.
After a restart last night, today I try and re-connect and continue to get "cannot allocate tun tap dev dynamically"
I checked permissions on tun.ko and openvpn but still having issues. WEIRD that it worked and restart causes it to fail now
Any ideas are appreciated as this will be very convenient for work! Thanks!
UPDATE: I just flashed Ziggy471's kernel (Jan 21 2011) and rebooted..
I disabled the "Load tun.ko module" from the advanced settings in OpenVPN Settings app, and connected fine again! so it apparently is using the built-in tun.ko driver in the kernel.
Just followed the directions to setup openvpn binary, openvpn settings paths, EXCLUDING the "load tun.ko module" check box and I am GOOOOOOD!
Thanks!
Related
This is a set of changes to JF1.5 ADP image to enable pan bluetooth tethering. The pan service will be available whenever bluetooth it turned on as you would expect from most other phones.
It includes all the normal changes from JF1.5
Changes
armooo1.50.1
Added support for multiple clients (updated pand_up.sh, pand_down.sh).
Added logging.
Added /system/xbin/pand.start. Works around what looks like an init bug with long lines.
Updated /system/init.rc to use pand.start and logwrapper.
armooo1.50
The pand service was added to /system/init.rc .
The library bluedroid (/system/lib/libbluedroid.so) was updated to start and stop the pand service.
Pan support scripts were added to /system/xbin (pand_up.sh, pand_down.sh).
Added dnsmasq to /system/xbin.
Changes for JFv1.50 ADP1.5 Build Environment
armooo1.5 ADP1.5
So now the question is how can I get this on another build besides the JF?
is this a non-wipe update, and will it break wifitether by harry_m?
twistedumbrella
You should be to manualy install the files in armooo1.50.tar.gz. It will need pand, iptables, awk and a kernel with netfilter/iptables. All of which were in the JF image I am not sure about the others.
andonnguyen
I was able to upgrade from JF1.5 ADP to this image without wiping. As long as you are not trying to use wifitether and the bluetooth tethering at the same time is should not be a problem. Stopping wifitether or disconnecting a bluetooth connection will disable ip forwarding and remove iptables rules which could cause problems.
Thanks it's working perfectly on Dude's build.
I prefer this over network as Ubuntu laptop don't like ad-hoc network and I never managed to connect.
I wonder if someone one if this PAN thing can provide connection to multiple computer simultaneously or is it just one?
Thanks again! good job
An integration in TheDude firmware is available here : http://android.smartphonefrance.info/actu.asp?ID=133 (In french).
armooo said:
twistedumbrella
You should be to manualy install the files in armooo1.50.tar.gz. It will need pand, iptables, awk and a kernel with netfilter/iptables. All of which were in the JF image I am not sure about the others.
andonnguyen
I was able to upgrade from JF1.5 ADP to this image without wiping. As long as you are not trying to use wifitether and the bluetooth tethering at the same time is should not be a problem. Stopping wifitether or disconnecting a bluetooth connection will disable ip forwarding and remove iptables rules which could cause problems.
Click to expand...
Click to collapse
Tried moving the files over and got stuck in a boot loop. Couldn't get the init.rc to work. Didn't try just loading the rest of the files. Wasn't sure if that would work. I'll have to give it a try. Thanks.
twistedumbrella said:
Tried moving the files over and got stuck in a boot loop. Couldn't get the init.rc to work. Didn't try just loading the rest of the files. Wasn't sure if that would work. I'll have to give it a try. Thanks.
Click to expand...
Click to collapse
The image you are using may have different loopback mounts in /system/init.rc you should only need to copy the pand service.
Does anyone know how to use it?
After I updated the firmware, and launch pand_up.sh
an error show on next line:
error: SIOCSIFNETMASK (No such device)
I tried to pair with my MBP, it will show PAN network, but no IP address shows up
armooo said:
The image you are using may have different loopback mounts in /system/init.rc you should only need to copy the pand service.
Click to expand...
Click to collapse
Yeah, I am using a different apps2sd method and general startup than the JF. My image is based on 5.0.2H but I wasn't sure if the service would run without having that. I will try it without. I am sure it'll still work just wasn't sure how efficiently. Thanks again.
Thanks for the update!
In case someone is having issues installing this, here is a little how-to I've been using with Dude's latest rom.
using extracted armooo1.50.1_ADP1.5.zip as YOUR_armoo1.5_adap1.5_DIRECTORY
adb remount
adb push YOUR_armoo1.5_adap1.5_DIRECTORY/system/init.rc /system/init.rc
adb push YOUR_armoo1.5_adap1.5_DIRECTORY/system/lib/libbluedroid.so /system/lib/libbluedroid.so
adb shell umount /system/xbin
adb push YOUR_armoo1.5_adap1.5_DIRECTORY/system/xbin/xbin.cramfs /system/xbin/xbin.cramfs
adb shell reboot
Click to expand...
Click to collapse
what does it actually let us do??
does it allow bluetooth file sharing?
It's simply internet sharing through bluetooth.
Key advantage is that there is not extra app/layer, it's included in Android as bluetooth is on.
Hi!
I tried to include this in JF 1.43 RC9.
Integrated the xbin stuff in xbin.cramfs and the bnep.ko module in modules.cramfs.
Didnt know how to get the module auto-loaded, so added the insmod command to pand.start.
The module is loaded correctly, however the pand service is not added.
running pand.start manually yields some kind of success, the pan service is visible and connectable to, but not allowing to get any kind of transfer, no ip
any advice would be great. i would prefer staying with 1.43 until jf comes out with his 1.5 RC9 version, but i also really would like to get this running to not have to use wifi tethering anymore...
thanks in advance
lilithpro said:
Hi!
I tried to include this in JF 1.43 RC9.
Integrated the xbin stuff in xbin.cramfs and the bnep.ko module in modules.cramfs.
Didnt know how to get the module auto-loaded, so added the insmod command to pand.start.
The module is loaded correctly, however the pand service is not added.
running pand.start manually yields some kind of success, the pan service is visible and connectable to, but not allowing to get any kind of transfer, no ip
any advice would be great. i would prefer staying with 1.43 until jf comes out with his 1.5 RC9 version, but i also really would like to get this running to not have to use wifi tethering anymore...
thanks in advance
Click to expand...
Click to collapse
Sorry, but it looks like part of 1.5 was changing to use libbluedroid.so. So it is not going to start automatically for you. You should be able to get some debugging info from logcat. While you are trying to connect you may also want to try iptables, ifconfig and ps.
iptables -L should show
Chain FORWARD (policy DROP)
target prot opt source destination
ACCEPT 0 -- 192.168.5.0/24 anywhere
ACCEPT 0 -- anywhere anywhere state RELATED,ESTABLISHED
ifconfig bnep0 should show
bnep0: ip 192.168.5.254 mask 255.255.255.0 flags [up broadcast running multicast]
ps should have two pand and a dnsmasq
logcat should output
I/pand.start( 341): pand[348]: New connection from 00:22:69:C7:71:A2 at bnep0
I/pan ( 354): Starting BT pand for bnep0 192.168.5.0/24
After just installing JF1.51 EU, i replaced xbin.cramfs and copied init.rc to /system and the lib to /system/lib and everything is working great. My speed is actually a hint better than with wifi tether (0.36M vs 0.39M on a 3G 384kBit line).
Great thing there...
I would really appreciate it If someone could post how to connect to the phone on linux using console. Thanks.
PS: I am using JF1.5_ADP build. If I change libbluedroid.so and run the pand service (pand.start), should it be enough for it to work? Am I missing something?
Dimath said:
I would really appreciate it If someone could post how to connect to the phone on linux using console. Thanks.
PS: I am using JF1.5_ADP build. If I change libbluedroid.so and run the pand service (pand.start), should it be enough for it to work? Am I missing something?
Click to expand...
Click to collapse
I believe nobody cares, so I answer to myself
The problem was pretty much a firewall which blocks pings. So stupid. Anyway.
So, the way to do it without flashing, start from JF 1.5. ADB shell commands. Copy the libbluedriod.so into /system/lib/ (not sure if even need). Copy pand_up.sh and pand_down.sh to some G1 directory "your_dir". To start pand, run in terminal:
pand -n --listen --role NAP --devup "your_dir"/pand_up.sh --devdown "your_dir"/pand_down.sh
On linux pc (tried on Mandriva linux) find the G1 device id:
Code:
hcitool scan
(also can be found somewhere in the phone settings)
Connect to the device by
Code:
pand -c "device_id"
Start interface:
Code:
ifconfig bnep0 up
Get ip, gate etc (using dhcp):
Code:
dhclient bnep0
It works.
armooo:
You should really promote this more and have the rom cookers include it in their creations. In fact, the #1 reason for not switching my current rom (jf1.51) to any rogers, ion etc is because i use it really often and it works just flawlessly...
I am using this with Ubuntu 9.04 (with Blueman), and for some reason it disconnects from the PAN service on the phone after a couple uses. Once this happens, I have to reboot the phone and it works again. Any ideas as to what's happening? I have tried cycling the Bluetooth service on the handset, and rebooting the laptop, but neither of those make a difference. When this occurs, I can stay connected for 15 seconds up to about 4 minutes before it dies, and the syslog in Ubuntu reads bnep0 disconnected.
Easy way - OpenVPN on rooted/S_OFF Incredible with BusyBox installed:
This is by far the easiest way to set up OpenVPN. Make sure you copy your config file and any relevant keys to a folder on your sdcard. First, you need to know where BusyBox is installed, and if you already have the tun.ko module. For BusyBox, for most Roms based off the 2.2 8/1 leak, the location is /system/xbin. An easy way to check on your phone:
adb shell
find / -iname "iptunnel"
The path containing the file is where BusyBox is installed. If you don't have it installed, you can follow the instructions at the bottom of this post to install it.
The tun.ko module depends on your kernel. With the hydra 2.2 kernels, the location is /system/lib/modules/tun.ko . Easy way to check:
adb shell
find / -iname "tun.ko"
If you do not have tun.ko on your system, then you can download it for 2.2 (tun.zip) or 2.1 (inside openvpn.zip) attached to this post.
Next, download the following two apps from the Android Market:
OpenVPN Installer
OpenVPN Settings
Next, run OpenVPN installer, click install, give it an install path (I prefer /system/xbin), and give it the path to BusyBox.
Finally, run OpenVPN Settings. Go to Menu -> Advanced, make sure "Load tun kernel module" is checked.
Click on "TUN module settings"
Change "Load module using" to insmod
Change "Path to tun module" to... the path to your tun.ko file. Click back.
Update "Path to configurations" and "Path to openvpn binary".
That should be it!
This is how to run OpenVPN on a rooted Incredible using unrEVOked root and the stock 2.1 ROM with S_ON
NOTE: This is only for rooted Stock 2.1 without S_OFF. If you have S_OFF via unrevoked forever, just use Openvpn Installer and Openvpn Settings, both available in the market. Much easier!
This is my first time doing something like this, so bear with me if it is a little rough!
You must have root access to set this up. You do NOT need to go back into recovery adb though.
First, download the attached openvpn.zip containing the following:
tun.ko - kernel module for 2.1.
openvpn-static - statically compiled openvpn
If you are using 2.2, tun.zip contains the module compiled for the 2.2 kernel (thanks Apalyan!)
You will already need to have a working client.conf, and any associated keys. Copy the following files into a folder named 'openvpn' on the sdcard, or push with the following:
adb mkdir /sdcard/openvpn
adb push tun.ko /sdcard/openvpn/tun.ko
adb push client.conf /sdcard/openvpn/client.conf
adb push client.key /sdcard/openvpn/client.key
adb push client.crt /sdcard/openvpn/client.crt
adb push ca.crt /sdcard/openvpn/ca.crt
adb push openvpn-static /sdcard/openvpn/openvpn-static
The following must be done in a root shell:
adb shell
su
mkdir /data/openvpn
dd if=/sdcard/openvpn/openvpn-static of=/data/openvpn/openvpn
chmod 700 /data/openvpn/openvpn
Use the OpenVPN Settings configuration below to start/stop openvpn.
Note: All of the code was already written and ported to Android by the guys behind OpenVPN Settings. I just compiled a new tun.ko from the Incredible kernel source, and recompiled the statically linked openvpn with updated paths to ifconfig and route.
ADDED (thanks wraithdu!):
If you have trouble with post-connection routing, you may need to install busybox for a more powerful route/ipconfig. Instructions are here:
---
busybox is installed by the latest rooting process, but it's not a full install, ie it does not create all the command links. I got the file from the Titanium Backup site:
http://www.matrixrewriter.com/android/files/busybox-1.15.3.zip
To install:
1) extract and push busybox to your sdcard, reboot into recovery
2) mount /system
3) if you don't have /system/xbin (you should), create it
adb shell:
# mkdir /system/xbin (if necessary)
dd if=/sdcard/busybox of=/system/xbin/busybox
cd /system/xbin
chmod 755 busybox
./busybox --install .
4) reboot and done
OPTIONAL - before rebooting replace the busybox installed by the root process in /system/bin
1) mv /system/bin/busybox /system/bin/busybox.bak
2) cp /system/xbin/busybox /system/bin/busybox
OpenVPN Settings Instructions
OpenVPN Settings v. 4.6 works flawlessly with this! Here are setup instructions:
Install OpenVPN Settings v. 4.6 from:
Can't post links yet, do a google search for OpenVPN Settings, go to the Google Code download page, and download version 4.6.
Then, launch OpenVPN Settings, press Menu -> Advanced, and fill in the following settings:
Load tun kernel module - Checked
TUN module settings:
Load module using - insmod
Path to tun module - /sdcard/openvpn/tun.ko
Path to configurations - leave default
Path to openvpn binary - /data/openvpn/openvpn
It should work beautifully then.
any way to do it with non certicate based connections? i.e., group/psk configs?
The certificate setup isn't important, it is just how mine is set up. Any valid .conf should work.
ifconfig error
i got it all installed , it connects, but then in the end it says fatal error, ifconfig failed, could not execute external program. any ideas
You can run it manually to see what exactly is happening. Try the following:
adb shell
su
/data/openvpn/openvpn --config /sdcard/openvpn/client.conf
What generates the error?
error
Wed Jun 16 08:52:50 2010 /system/xbin/bb/ifconfig tap0 192.168.200.2 netmask 255
.255.255.0 mtu 1500 broadcast 192.168.200.255
Wed Jun 16 08:52:50 2010 Linux ifconfig failed: could not execute external progr
am
Wed Jun 16 08:52:50 2010 Exiting
and ifconfig is under /system/bin not /system/xbin/bb/. do you guys know where i need to change that?
The ifconfig stuff is hardcoded. I uploaded the wrong version - try this one.
Works perfectly
THANK YOU , works great
fang0654 said:
The ifconfig stuff is hardcoded. I uploaded the wrong version - try this one.
Click to expand...
Click to collapse
Thanks very much for this! Will be trying it later today.
Fang - Thanks again. Do you have any suggestions on a util or tutorial on making a conf file? I've access to our Cisco ASDM for our ASA, the URL for the ASA, group name, Group key, and of course my username and pw.
For that, you need vpnc instead of openvpn.
I know the problem with using the VPN Connections app is that the tun.ko autoload doesn't work. There are a couple of things you may be able to do as a workaround.
1. Load the module by hand:
adb shell
su
insmod /sdcard/openvpn/tun.ko
or 2. Use the OpenVPN Settings app from above to load the tun module (just start openvpn, then stop it), then try out the VPNC app.
I don't have a Cisco vpn so I don't have any way of testing whether this works.
Gets "failed to connect" immediately. know of any way to launch the vpn connections via command line to see where it is failing?
This worked like a charm! Thanks very much for this guide.
Stupid question, how do I get to a adb shell? I already rooted the phone. I don't have to do the rooting process all over do I?
If your running Linux, just type "adb shell" in you terminal window - make sure your phone is connected via USB cable - you should get the "$" after this command and then your in your phone's shell.
I believe windows is the same way, but I only have Linux stuff running now...
Thanks a lot for putting this together!
mattwood2000 said:
If your running Linux, just type "adb shell" in you terminal window - make sure your phone is connected via USB cable - you should get the "$" after this command and then your in your phone's shell.
I believe windows is the same way, but I only have Linux stuff running now...
Click to expand...
Click to collapse
With the phone connected via USB (Disk drive or anything), I type "adb shell" and get device not found. I'm running Windows 7. Phone has been rooted (have Wifi Tethering installed). Just having issues getting it back to the shell command like when I first rooted it :/
make sure USB Debugging is enabled
OK, had a misspell in the tun.ko file.
I'm connected now. But unable to connect to anything on my network. Still looking into it.
Any ideas? I've restarted the phone. I'm connected to my OpenVPN server. I cannot ping the IP assigned to it (from OpenVPN status page). I cannot ping anything on my internal network from the shell. Shows no data moving. Do I need to do something?
I did a netconf and i have this:
tap0 UP 172.30.100.255 255.255.0.0 0x00001043
Hey all,
I'm trying to spoof my MAC address on the Galaxy Ace, though nothing seems to be working. [Details and attempts listed below]
Phone Details:
Samsung Galaxy Ace GT-S5830
OS: Stock Gingerbread 2.3.5
Rooted
Installed Software:
Superuser
ES File Explorer (with show hidden (. prefix) files turned on & up to root enabled, root R/W)
Busybox (Free)
Android Terminal Emulator
(all with Superuser permissions)
What I've tried:
First I cleared the phone's IP DCHP lease in the router.
In Terminal on the phone whist not connected to a network, but wifi turned on I:
su
ifconfig wlan0 down
ifconfig wlan0 hw ether 112233445566
ifconfig wlan0 up
iplink show wlan0
Click to expand...
Click to collapse
also tried
su
ifconfig wlan0 down
iplink set wlan0 address 11:22:33:44:55:66
-->At which point I get (even with busybox prefixed)
iplink: SIOCSIFHWADDR: Operation not supported
Click to expand...
Click to collapse
The first code I quoted gave me no errors and appeared to execute successfully, but iplink show wlan0, the router (once the phone had connected), and several other tools (to see if ANY could see the change) also displayed the phone's default MAC.
(I also tired: ifconfig wlan0 hw link 112233445566, offsetting the existing MAC by only 1, and prefixing commands with busybox - busybox ifconfig wlan0 hw ether 112233445566 -resulted in ifconfig: SIOCSIFHWADDR: Operation not supported)
Looking for /data/misc/wifi/nvram.txt. Can see /data/misc/wifi/nvram.info containing my MAC. Have edited this and tried joining network again, but no MAC change is showing. Have read it's a rather bad idea to restart the phone before changing the MAC in files back, [Why?] so am yet to do a restart to test the file change...
Various apk tools (preceded by clearing DHCP lease for phone's IP & proceeded by checking router & iplink show wlan0) including:
Wireless MAC Changer - Osama Abukmail
Mac Address Ghost - diewland
MAC Spoofer for HD2 - Ian Kim (as the description stated although for a HD2, there was a change it may work for other types [later found out mine doesn't use/have /system/etc/calibration])
(all with super permissions)
Does anyone know of, or have any other ideas that may work?
Is this possible with only Custom ROM's?
Much thanks in advance,
Blue
MAC address spoofing is a type of discussion that XDA does not allow. For that reason, thread closed.
Before we start I have to throw out props to Eschelon, NxtGenCowboy, Virus, Ziggy471 and of course to the wifi-tether guys as well as cyanogen for the needed source/binaries (pre-11/18 versions) which allowed me to find the right path to get this 100% working. Also had awesome testers proxhack / jlmr731 and especially joshbeach. They all were essential to getting this all working. I still don't have a GS3 so poor Eschelon/NxtGenCowboy probably wiped/installed about 100 builds before this worked (and after when I lost source... grumble). Thanks to everyone that helped.
Legal/GPL Stuff
Carriers hate tethering, you all know that. Use at your own risk/with common sense & dont blame me for anything that goes wrong
WifiTether is under the GPLv3 license, so below is the source for the mods
Code:
Original Source - https://code.google.com/p/android-wifi-tether/
Modded Source - http://svn.ziggy471.com/treve-tether
Configuration:
*Latest Build recommended, these are just a few devices I have tested on*
Setup-Method:: (auto should have right defaults, might need to force)
Galaxy S3 - Netd-ndc with driver reload 2
Evo 3d SoftAP with driver reload 2
Sensation SoftAP with no driver reloads
Evo 4g SoftAP with no driver reloads
Click to expand...
Click to collapse
Other Settings
-Device-Profile: Leave this on auto (default)
-Netdndc Max Client Cmd: Required for GS3ish devices. If not enabled you will likely get an AP but cannot connect.
-MSS clamping: on (default)
-Routing fix: on (default)
Click to expand...
Click to collapse
Heres some geek details on basic binaries how the backend of wifi-tether works. The main modes I played with and required files are as detailed below:
Code:
[B]Netd-ndc mode[/B] (Wifi Tether JB Default)
-/system/bin/ndc (wrapper for netd)
-/system/bin/netd (actual netd service)
--Commands Executed
/system/bin/ndc softap stopap
/system/bin/ndc softap stop wlan0
/system/bin/ndc softap fwreload wlan0 AP
/system/bin/ndc softap start wlan0
/system/bin/ndc softap set wlan0 wlan0 SSID encryption key channel (maxclients) 0 8
/system/bin/ndc softap startap
/system/bin/ndc interface setcfg wlan0 192.168.2.254 255.255.255.0 up
[B]Netd mode[/B]
-/system/bin/netd (netd service)
--Commands are basically the same as above, but direct to netd service
[B]HostAP mode[/B] (used by stock tether app/fallback mode)
-/system/bin/hostap (hostap service, init.qcom.rc looks for config /data/hostapd/hostapd.conf)
New Options
Framework Tether(Fallback)
Use this if you have issues with wifitether mode. It forces on a wifihotspot using just framework. This has been reported to not throw up the paywall nag screen on some devices/carriers but YMMV. It may be able to be used nonroot as well if you ignore the initial warning.
Send NetdNDC Max Client CMD
This modifies the standard ndc command string to add in the Max Client parameter. More details are in post here
Wifi-Driver reload
This is the standard driver reload for wifi tether. It runs inside one script "./tether start|stop".
Wifi-Driver reload 2
This is a modified command that reloads firmware in a separate su request before the tether-edify code is run. May require SuperSU.apk
Use Cyanogen Hostapd Binary
This is the old method and is totally removed stating with the 11/20 update
The hostapd binary contained in atleast touchwiz JB contains extra fields explained above. If the extra commands are not working on X device you can try to fall back to this binary. This uses a dirty hack which installs hostapd and symlinks between versions for native or WifiTether mode. As long as you start and stop wifitether things should always line up. If you get into an issue where you crash things might get out of sync but should fix themselves next toggle of wifi tether. I have also added in menu items for the gs3 to manually swap binaries around.
*You must have a proper setup busybox for the GS3 code to work right. It moves system files around - you might win a reflash if things really go bad*
*Cyanogen Hostapd Symlink option only*- Make a system backup, it modifies sys files so theres a chance it will break something
Bugs
You might have to toggle stuff on and off once first if you run into errors. I think there's an error on first creation of config
If you switch modes between native wifitether and fallback mode (or stock tethering), your phone may spontaneously combust(wifi crashes) after the routing mess that ensues. Just reboot and you'll be all set again.
Seems to work better on SuperSU - Probably due to the per-app permissions vs per command.
Download:
**EVERY BUILD YOU MUST UNINSTALL OLD VERSIONS FIRST OR ATLEAST CLEAR APP DATA, IT DOES NOT UPGRADE NICELY**
-If you have problems, scroll down and read FAQ in post2 before posting
WifiTether-TrevE_Mod_04-17-2013.apk - Link Soon
Older Versions:
WifiTether_TrevE_Mod_11_22_2012 (defaults to Wifi Driver Reload 1) - http://www.androidfilehost.com/?fid=9390195663897100312
WifiTether-TrevE_Mod_11_22_2012_driverReload2 (defaults to Wifi Driver Reload 2) - http://www.androidfilehost.com/?fid=9390208427046731813
Try to merge together what worked for everyone across different devices. There are 2 options in settings with mild enhancements
-Wifi-Driver Reload - Driver reload inside of tether script. Similar to 11/20 version
-Wifi-Driver Reload 2 - Driver reload outside of tether script. Similar to 11/18 version
Please report in with Carrier/Device and what option works best for you. Valid combinations are no reloads checked or one of the reload methods. Do not check both (theres no code to stop you from doing it now)
There is no code differences between the two apk versions, I just recently added in reload method 2 so rom devs can cook in whatever apk just works without changing settings.
Click to expand...
Click to collapse
Apparently I botched code along the line somewhere between 18-20. Please let me know which one of these versions you are on and what works.
WifiTether_TrevE_Mod_11_20_2012_insmodv3.apk - If v2 doesnt work this should - http://www.androidfilehost.com/?fid=9390169635556426691
If insmod v2 doesnt work, insmod v3 switches to insmod on load, rrmod to unload, then reloads the driver when finished with with mfgloader -u / mfgloader -l
WifiTether_TrevE_Mod_11_20_2012_insmodv2.apk - Hopefully working- http://www.androidfilehost.com/?fid=9390169635556426686
Driver Reload did not like loading with mfgloader in original build. This switches to insmod on load, mfgloader/rrmod to unload, then reloads the driver when finished with mfgloader -u / mfgloader -l
WifiTether_TrevE_Mod_11_20_2012.apk - Broken - Thanks halmo20 for catching that
GS3/E3D driver load/unload methods cleaned up, wifi driver reload checkbox should now be used, it was forced previously in code.
NetDndc Max client mode ported down to netd as well. Setting enables/disables with netd
all superuser code removed outside of tether binary, should have less popups for non-supersu users
Framework tether mode moved to setup
Fixed settings being applied reverting user settings at first start
All Cyanogen hostapd binary leftovers removed
Busybox check removed
WifiTether_TrevE_Mod_11_18_2012.apk - http://www.androidfilehost.com/?fid=9390190389996027907
Bam - Symlinks gone by default thanks joshbeach for all testing
New option Netdndc Max mode, this should be devices default setting.
Encryption works starting this build with netdndc max mode
WifiTether-TrevE_Mod_11-17-2012.apk - http://www.androidfilehost.com/?fid=9390188424645836869
cut down symlinks to only move hostapd around.
Made a checkbox that controls symlink code. Trying to axe it all. Moved this and fallback to settings screen. now save/load
define wifi.interface where it is undefined like on t0ltespr (hack to wire it to ndc settngs)
try to work with t0ltespr's /lib/ directory
cut down root code significantly (hopefully spam/timing issues resolved)
WifiTether_TrevE_Mod_11_15_12.apk -
Code cleanup
e3d code driver reload mess moved
samsung symlink mess in separate class, hoping to ditch this all soon
fallback mode in separate class, wired up to wifitether settings (encryption should work)
WifiTether_TrevE_Mod_11_12_12.apk - http://www.androidfilehost.com/?fid=9390169635556426338
Click to expand...
Click to collapse
***This app is signed with my certificate, you will need to uninstall old versions of wifitether first to use this***
FAQ
AP Starts but unable to connect - Make sure Send Netd max client mode option is on if your on JellyBean. read p1 for required settings
Tether does not start / Adapter does not work after tether- Try to turn off Wifi-Driver Reload #1 and turn on Wifi-Driver Reload #2
Tether cuts off on on charger connect/disconnect- Try to turn off connection optimizer. More here from eyecon82 http://forum.xda-developers.com/showpost.php?p=34467459&postcount=148
mystery_tx_man suggests removing connection manager apk - http://forum.xda-developers.com/showpost.php?p=34838831&postcount=218
Phone takes back control of wifi- Youll notice a "What the hell" toast message. Somehow the phone moved wifi state, either you toggled an app that turns on wifi or some system process was thinking for you. Disable whatever is doing it.
cyrnel suggests disabling wireless network location services - http://forum.xda-developers.com/showpost.php?p=34721619&postcount=200
If you get it on screen shut off try changing "Wifi During Sleep" - on htc its menu -> settings - wifi -> menu -> Advanced -> Keep Wifi on during sleep -> Always
You get a Tmobile Hotspot page-
Changing APNs is reported to work by Gandoff without changing useragent- http://forum.xda-developers.com/showpost.php?p=34629321&postcount=191
Changing user agents works as described by mad_unix http://forum.xda-developers.com/showthread.php?p=34388089#post34388089 and free_man http://forum.xda-developers.com/showthread.php?p=34500399#post34500399
open1your1eyes0 has some vpn setup links which should also work - http://forum.xda-developers.com/showpost.php?p=34798223&postcount=211
XXXX still doesnt work - First try SuperSU. This will avoid a lot of headaches. Then make sure you are on latest version and that you have uninstalled/cleared app data when you went to a newer version. Read over the last few pages of thread at least too to make sure its not a known issue then go for it and post away. Make sure you include Carrier / Device / Rom / SU application.
Debugging Issues
For those people having issues on other gs3 like devices / roms / whatever I do not even have a gs3 so this is all blind. To try to help debugging I created a script to hopefully grab information needed. This should help from both working/nonworking devices to help eliminate the stupid symlink code and fix up other devices.
The scripts point is to try to get a working AP. If you can post how you did it and we can get source changed. By default it does no driver reloads and starts an Open AP with SSID TrevScript.
First grab the latest script from svn (ill update it with more info after I get some logs so make sure you have latest)
http://svn.ziggy471.com/treve-tether/ grab tetherdebug.sh
Code:
adb push tetherdebug.sh /system/xbin/
adb shell chmod 755 /system/xbin/tetherdebug.sh
adb shell busybox dos2unix /system/xbin/tetherdebug.sh
Make sure wifi is on but do not start witfitethering. All you want to do is run "Set Binaries to WifiTether" option in the menu of app then follow below code
Code:
adb shell su -c tetherdebug.sh
adb pull /data/local/tmp/tether.log
rename the file to tether_wifibinaries.log. Check to see if any AP is available.
now run "Set Binaries to Native" option in app and reboot device
adb reboot
When the device comes back up, rerun the script.
Code:
adb shell su -c tetherdebug.sh
adb pull /data/local/tmp/tether.log
rename the file to tether_nativebinaries.log. Check to see if any AP is available.
reboot after you get the file.
adb reboot
ADVANCED
If you know what you are doing you can try to find a working combo. I added in the following command line args
ARG1 = ENCRYPTION. NONE/WPA2
ARG2 = DRIVERRELOAD. NONE/insmod/mfgloader
ARG3 = DRIVERTOLOAD. /system/lib/modules/dhd.ko (or whatever module is, required if ARG2 is set)
Examples:
Make sure wifi is on but do not start witfitethering. All you want to do is run "Set Binaries to WifiTether" option in the menu of app to start with a known working base then follow below code
try no encryption with insmod where your wifi module is /system/lib/modules/dhd.ko
Code:
adb shell su -c tetherdebug.sh NONE insmod /system/lib/modules/dhd.ko
try no encryption with mfgloader where your wifi module is /system/lib/modules/dhd.ko
Code:
adb shell su -c tetherdebug.sh NONE mfgloader /system/lib/modules/dhd.ko
try wpa2 (password is Trev) with insmod where your wifi module is /system/lib/modules/dhd.ko
Code:
adb shell su -c tetherdebug.sh WPA2 insmod /system/lib/modules/dhd.ko
There shouldn't be personal information in the debug logs, the most I can think of that would be displayed is if you have an encryption passphrase set in wifitether. Sending the 2 files named with what mode you were in will help get it going elsewhere and hopefully kill the symlink code
mineeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee
askldfjalskdnflkasf
Worked great right out the box on Synergy Rev 111. Great job Trev. :good:
worked like a charm
Thanks guys
downloading now. Thank you very much... great work...
And working great....
BAM!
Sent from the 3rd Galaxy
Confirmed working on Beans build2, you totally rock.
+1 encryption breaks, unsecure works great.
Sent from my SCH-I535 using xda premium
cannot connect with wifi encryption
other than that working
big thanks
Works great without enabling the WiFi-Encryption, but when I do, it doesn't work...btw I'm on Synergy R111.
Confirmed working on CleanROM 4.5!! (unsecured)
+1 setting encryption breaks it. (setting it back to open fixes it)
progress!
Thank you so much!!
Thank you very much for this. Been wanting to punch myself in the nuts every time I have to use the hotspot app because of the constant data drops.
Sent from my SCH-I535 using Tapatalk 2
VRBLJ1 stock. Not working no matter what settings I use. Not the one from the play store, neither this one. :/
Can't get it to show up in the Wifi list of connections on my laptop under any condition.
Ended up using this: https://play.google.com/store/apps/details?id=kr.core.technology.wifi.hotspot&hl=en
Bypasses the stock security check perfectly and uses native tethering.
How can I make this work on sprint gs3 tw jb leak
Sent from my SPH-L710 using xda app-developers app
open1your1eyes0 said:
VRBLJ1 stock. Not working no matter what settings I use. Not the one from the play store, neither this one. :/
Can't get it to show up in the Wifi list of connections on my laptop under any condition.
Ended up using this: https://play.google.com/store/apps/details?id=kr.core.technology.wifi.hotspot&hl=en
Bypasses the stock security check perfectly and uses native tethering.
Click to expand...
Click to collapse
^^^This! Thank you this worked after trying the moded wifi tether with no success.
Sent from my GT-N8013 using Tapatalk 2
Working on Jelly "Beans" build 2
Awesome! Works great! I was about to switch back to ICS because of not being able to tether and I am glad I waited! Thank you so much for this!
Works for me on stock SPRINT JBTW gs3. Amazing!
Not working for me on stock Sprint JB LJ7.
Few things I've seen
-Encryption doesnt work.
Ill look into it, but I know its a longrunning bug for some devices. Use access control for now. I dont actually have a GS3 so its kinda a wonder this works at all
-Tether doesnt work
Please give some more details- what mode are you in regular or fallback?
does tethering turn on and show statistics at bottom of screen? if not what does the log show inside of wifitether? if so does windows see the accesspoint?
As far as Sprint LJ7 ill download the rom and check it but answers to above will help. a logcat of it turning on and off would be most helpful I threw a bunch of debugging lines in
With the lolipop update a new security feature was enforced that an executable must be position independent (PIE) see:
http://en.wikipedia.org/wiki/Position-independent_code
I am trying to run an openvpn binary in a terminal emulator (command line/shell whatever you want to call it) on a rooted sprint s5 extracted from the openvpn installer apk:
https://play.google.com/store/apps/details?id=de.schaeuffelhut.android.openvpn.installer&hl=en
There is a thread on xda regarding disabling the pie security but it talks about nexus and not an s5 and I even tried the patches but it didn't work for me (I didn't get the same error about pie but it still didn't help) it works perfectly fine from a kitkat note 3.
http://forum.xda-developers.com/google-nexus-5/development/fix-bypassing-pie-security-check-t2797731
I am looking for any possible solutions (ie lolipop compatible openvpn binary or a working pie patch for the s5)
Thanks so much!
binary
hi ejgreenwald try the attached binary. it almost worked for me (Galaxy S5 5.0.1 i think) but should work now samsung have done some updates.
Error with this binary
When running this binary on 5.1.1, I get the following error:
linux ip link set failed: could not execute external program
A search on this error suggests that iproute2 may need to be included in the core
Any ideas, anyone?
SHKaminski said:
When running this binary on 5.1.1, I get the following error:
linux ip link set failed: could not execute external program
A search on this error suggests that iproute2 may need to be included in the core
Any ideas, anyone?
Click to expand...
Click to collapse
it might need busybox?
SHKaminski said:
When running this binary on 5.1.1, I get the following error:
linux ip link set failed: could not execute external program
A search on this error suggests that iproute2 may need to be included in the core
Any ideas, anyone?
Click to expand...
Click to collapse
Copy /system/xbin/ip /sbin
Hi guys! Thank you jamie_clarke_jc and gRUblo !!!
Thanks to your answers and binary I managed to finally run openvpn on my Note 3.
I can confirm that it works also beautifully on Samsung N9005 Android 5.0 :good:
EDIT: Smalll Update ...
I'm sorry, it turns out that I still have no connection through OpenVPN!
I thought that everything is fine because OpenVPN settings showed that I am connected, and I even getting an IP form VPN, but cannot ping to other devices on the same network. At first glance, I thought that it works, but it turned out that the web pages load of a devices loads from web browser cache ::crying:
wydziub said:
Hi guys! Thank you jamie_clarke_jc and gRUblo !!!
Thanks to your answers and binary I managed to finally run openvpn on my Note 3.
I can confirm that it works also beautifully on Samsung N9005 Android 5.0 :good:
Click to expand...
Click to collapse
Using this binary, latest busybox, and with the ip copied to /sbin ... I still get ... "unable to redirect default gateway - VPN gateway parameter (-route-gateway or -ifconfig) is missing".
Any ideas y'all?
rmedure said:
Using this binary, latest busybox, and with the ip copied to /sbin ... I still get ... "unable to redirect default gateway - VPN gateway parameter (-route-gateway or -ifconfig) is missing".
Any ideas y'all?
Click to expand...
Click to collapse
I think i might be because your ifconfig.
I have ifconfig in:
- /system/bin/ifconfig (link to /system/bin/toolbox) -stock ifconfig, not able to create tunnel,
- /system/xbin/ifconfig (link to /system/xbin/busybox) -created by busybox, that one works.
Path to ifconfig is fixed in the OpenVpn binary, and in the binary sent by jamie_clarke_jc, it is:
"/system/xbin/ifconfig", (since it works in my case).
Same for "route", path should be: "/system/xbin/route" (link to /system/xbin/busybox).
Please check if you've installed busybox in correct path, if yes, maybe try another version of busybox.
My openvpn binary is also located in "/system/xbin/".
It might have something to do with a client.
Mine is great" Open VPN Settings" by Friedrich Schäuffelhut.
wydziub said:
I think i might be because your ifconfig.
I have ifconfig in:
- /system/bin/ifconfig (link to /system/bin/toolbox) -stock ifconfig, not able to create tunnel,
- /system/xbin/ifconfig (link to /system/xbin/busybox) -created by busybox, that one works.
Path to ifconfig is fixed in the OpenVpn binary, and in the binary sent by jamie_clarke_jc, it is:
"/system/xbin/ifconfig", (since it works in my case).
Same for "route", path should be: "/system/xbin/route" (link to /system/xbin/busybox).
Please check if you've installed busybox in correct path, if yes, maybe try another version of busybox.
My openvpn binary is also located in "/system/xbin/".
It might have something to do with a client.
Mine is great" Open VPN Settings" by Friedrich Schäuffelhut.
Click to expand...
Click to collapse
Hmm, I have busybox from Stephen Erickson installer ... in /system/xbin, same 5.27MB openvpn binary above, and same client by Friedrich. Are you using TAP device? (Note, no problem here with TUN device ... but really need bridged connection)
Is there a chance to get this binary recompiled to the latest openvpn code? Looking to get this patch included to help with my TAP configuration:
http://article.gmane.org/gmane.network.openvpn.devel/10111
I've been using the paid version of 'OpenVPN Client' app by colucci-web.it for a month or so now ... their TAP emulator has been working fine with no issues so far as I can tell.