[Q] how to install OPENVPN? - HTC Desire S

i have install OpenVPN Installer and OpenVPN Settings, and seemly they are all functioning OK(it indicate the phone is connected and a new ip is assigned). But when I ping the computers through the IP assigned by OpenVPN, The phone can not reach the computers. I tested on MIUI and CM7.1, the Vpn function well, which means the server is ok. MY ROM is 2.6.35.10-g2ee27f5 HTC sense 2.1. Thanks for your kind help!

Related

[Q] Android router that can do port forwarding??

I am looking for an Android router app (wired or wireless) than can do port forwarding. I have searched for a while and not found anything that can do this. I have tried using Android Wireless Tether (v2.0.5 -pre9) and Barnacle Wifi Tether, neither of which seem to be configurable enough to do this.
My setup is Sprint Evo 4G, rooted, running Fresh v. 3.3.0.1.
I would like to be able to use my phone as an internet connection for a computer that runs a specialized software that listens on TCP port 9323. I would like to be able to have my server call the IP address of my phone (it is public, and I don't care that it is dynamic), and have my phone forward the request to the computer listening on port 9323.
How can i do this?
Thanks!
im taking a wild guess this would require some severe kernel patching since even on x86 linux variants iptables is done in kernel modules...
alot of work i would imagine, especially manipulating those tables from the dalvik vm...
use Port Forwarder
hi,
I had exactly the same problem as jhenderson019. I just recently solved it by using an app called "Port Forwarder". Its in the market.

[Q] OpenVPN on HTC Thunderbolt Issue

Ok. I am no newb to tinkering with the inner workings of an android device. I have also worked with VPN before too. However Android and OpenVPN have me stumped. My old router (Linksys WRT54G) worked fine with a standard VPN set up in Windows XP, and the Android device (both my old Motorola Droid and current HTC Thunderbolt) connected right up no problem. However, My new router (Linksys WRVS4400N) is terrible when it comes to VPN, and the dang thing has a built VPN application supporting IPSec. I failed passing everything through to the standard windows VPN and I failed trying to use VPNC along with a supported tun.ko file. I now have attempted OpenVPN. I am new to OpenVPN (installed on Server 2003) and took from multiple online sources to configure it all.
That was the back story, sorry for it, but I thought it was necessary to explain my situation. Now for the issue. I have successfully connected to my OpenVPN server using the following:
- OpenVPN Installer Version 0.2.3
- OpenVPN Settings Version 0.4.7
- HTC Thunderbolt supported tun.ko
- - Running insmod /system/lib/modules/tun.ko from terminal emulator using su level permissions
- OpenVPN generated config files
The issue:
- OpenVPN Settings connects to my server and displays the following: "Connected to XX.X.XXX.XXX as"
- I am new to this, but I would imagine it should give me a IP address regestered on my network.
The question:
- Is this an issue with the way OpenVPN is configured on my server or is this an issue with my phone and the way its configured to connect to OpenVPN? Anyone ever encounter this? What are steps I can take from here?
** Please note: If this thread has been placed in the wrong forum, please advise where it should be started and I will do so accordingly. Thank you.

TUN/TAP driver for openvpn available yet?

As the subject states, non of the current roms/kernels appear to have the TUN/TAP driver to run openvpn.
Side note.. ATT pissed me off today (okay so I had it coming for tethering but still..) So, new solution is to run openvpn and force all the traffic through my openvpn gateway, this will keep ATT from spying, and also prevent them from using TTL (still speculation, but one of the methods to detect tethering)
Just out of curiosity, how did you confirm that the TUN/TAP driver was non-existant or not operating properly on the skyrocket?
I'm in the midst of doing the same ... installing openvpn. I have the server set up on my home PC and verified through another laptop off-network. But I have problems when trying to run openvpn settings. Here is what I did:
1) Copied .ovpn file, ca.crt, client1.crt, client1.key, ta.key FROM server TO /sdcard/openvpn directory on skyrocket
2) Installed busybox
3) Installed openvpn installer
4) Installed openvpn using #3
5) Installed and opened openvpn settings
6) Under "OpenVPN Settings" I checked the box saying "OpenVPN"
7) Under "OpenVPN Configurations", I selected my .ovpn file's checkbox
8) The .ovpn checkbox immediately disables and I have no openvpn
Was your approach similar?
I just checked via lsmod. I did not bother going through the process of moving my config files from my captivate to the skyrocket.
Samsung does not include the tun/tap driver in the stock kernel, so it will require a custom kernel, or at least someone to create the module with the same libraries as the stock kernel and just the tun.ko module file to copy across to our current phones.
Actually TUN/TAP is compiled directly into the stock kernel and not compiled as a module so you won't find it with lsmod. You also don't need to do an insmod to use it. I'm running openvpn just fine in tap mode.
There IS a bug in the OpenVPN Installer though that requires you to have ifconfig and route in /system/xbin/bb. It won't work if you select anything else during the openvpn install.
Here's what I did...
Install busybox to /system/xbin
Install openvpn to /system/xbin and select /system/xbin/bb as the location of ifconfig/route
adb shell or use a terminal on the device and do a su.
mount -o rw,remount /dev/block/mmcblk0p24 /system
mkdir /system/xbin/bb
cd /system/xbin/bb
ln -s ../busybox ifconfig
ln -s ../busybox route
mount -o ro,remount /dev/block/mmcblk0p24 /system
Configure and start openvpn.
Good to know.
Will try it in abit, I tried to run openvpn, but it failed on the tun driver, which is why I stopped, but I did not link bb, will give that a try when I get a chance... stupid ATT busted me for unauthorized tethering again.. so cannot get my existing openvpn config from my server yet...
gtj0:
I tried the directions you provided but with using tun and no luck. I'll try and reconfigure my openvpn server to run tap and will try agian.
jvanbrecht:
let me know if you make any progress
plarser48 said:
gtj0:
I tried the directions you provided but with using tun and no luck. I'll try and reconfigure my openvpn server to run tap and will try agian.
jvanbrecht:
let me know if you make any progress
Click to expand...
Click to collapse
I just reconfigured my server over to tun mode and it's still working fine.
Can you try running openvpn from a command line and see what errors it spits out?
I.E. openvpn --config server.ovpn
Also can you check if /dev/tun exists?
edit.....
Here's my config...
client
dev tun0
proto udp
float
remote vpn.example.com 21194
resolv-retry infinite
nobind
persist-key
persist-tun
ca vpn.example.com.ca.crt
cert zzz.crt
key zzz.key
tls-auth vpn.example.com.ta.key 1
cipher AES-256-CBC
comp-lzo
verb 4
mute 20
plarser48 said:
gtj0:
I tried the directions you provided but with using tun and no luck. I'll try and reconfigure my openvpn server to run tap and will try agian.
jvanbrecht:
let me know if you make any progress
Click to expand...
Click to collapse
I had no problems getting it to work, I borrowed my co workers usb modem to pull down my configs from my old Captivate (I use ssl-admin and store the configs with the certificates in zip format).
The problem I am having at the moment is getting tethering to work while openvpn is running.
Laptop can talk to the phone (using wifi tethering, usb tethering kills the adb session, but I suspect it would work just fine), and phone can talk to the world, but laptop will not connect to the world.
The routes are in place, I checked the sysctl options, and ip forwarding is enabled. Just no traffic will pass... it is driving me nuts... heh.
Success for me too! Not sure what was wrong. The server was always working no problem and was always able to connect directly over home wifi from laptop. But I wasn't able to connect on the Skyrocket.
But I used gtj0's config file, changed the remote ip address/port, and worked perfectly. Thanks!
jvanbrecht: I haven't tried it with tethering yet and probably won't get to until at least a few days. Hope to be able to help by trying on my phone sometime soon.
Everyone: Any idea if it is better to run tun or tap for mobile phone openvpn? Regarding tethering, do both tap and tun hide detectable elements like TTL at the IP layer?
EDIT: VPN Not Porting Properly?
Hmm. It seems I am able to connect no problem and openvpn on the phone says it's connected. But when I go to www.whatismyip.com from my phone, it still says an AT&T address. I expected with openvpn running that it should show my home server ip address no? Also, openvpn on skyrocket indicates that it is connected as 10.3.0.6. But if I try to ping 10.3.0.6 from the server I get no response. Is that expected?
plarser48 said:
Success for me too! Not sure what was wrong. The server was always working no problem and was always able to connect directly over home wifi from laptop. But I wasn't able to connect on the Skyrocket.
But I used gtj0's config file, changed the remote ip address/port, and worked perfectly. Thanks!
jvanbrecht: I haven't tried it with tethering yet and probably won't get to until at least a few days. Hope to be able to help by trying on my phone sometime soon.
Everyone: Any idea if it is better to run tun or tap for mobile phone openvpn? Regarding tethering, do both tap and tun hide detectable elements like TTL at the IP layer?
EDIT: VPN Not Porting Properly?
Hmm. It seems I am able to connect no problem and openvpn on the phone says it's connected. But when I go to www whatismyip com from my phone, it still says an AT&T address. I expected with openvpn running that it should show my home server ip address no? Also, openvpn on skyrocket indicates that it is connected as 10.3.0.6. But if I try to ping 10.3.0.6 from the server I get no response. Is that expected?
Click to expand...
Click to collapse
TAP provides a bridged connection so broadcasts on the server's network are propagated across the connection. For network-to-network connections this may be needed for things like dhcp and windows networking. For end users, this usually isn't a good thing because it eats up bandwidth. TUN, which is routed instead of bridged, is the better way to go.
My config only routes traffic destined for the server's LAN over the vpn connection so the behavior you see with whatsmyip is normal. Check openvpn's config file paramters to make the vpn the default route for all traffic.
See my other post. I included my configs.
Just add redirect-gateway option to your client configuration, or the server side client configuration in the ccd directory.
I have everything working. As for what att will see. Only an encrypted tunnel initiated from you phone to your vpn server. Ttl, ip options etc will not be visible to att.
Sent from my SAMSUNG-SGH-I727 using XDA App
Cool thanks again. I'll try updating my configs and trying again tonight. I'm sure not being able to ping across the tunnel was probably a configure issue a well.
You also need the Client to Client option enabled if you want the openvpn server to advertise routes to other vpn client devices and their associated networks. That would be another reason why you cannot ping across the tunnel if you are trying to ping another vpn device.
jvanbrecht:
I'm not seeing your config files on the board here. I'm fairly new here so maybe I'm not looking at the right place. But I didn't see an attachment.
The configs are posted in my other thread.
http://forum.xda-developers.com/showthread.php?t=1378970
Thank you. I'll try out the details in that post. If I have any questions I am going to post over there from now on because that post is more closely aligned with my goal and thus more relevant.

DS and L2TP/IPsec VPN connection

Hello
Is anyone using VPN L2TP/IPsec PSK connection on his/her Desire S with stock HTC ROM with latest OTA updates, please?
If I define the connection with all required parameters and try to connect to my home VPN gateway, my DS gets completely frozen... Only possibility is to remove and insert battery (dangerous I know, but also power+vol buttons did not help).
In logs on VPN gateway I see that connection has been successfully initiated but anyway the phone gets frozen... :-(
VPN connections works fine from PC with Win7 and also from HTC with Windows Mobile OS. I tried also from another Android phone (ZTE Blade) Android 2.2 version and that phone just reboots during connection... terrible. Searching forums on internet I see I'm not the only to have such issues, I saw also users with SGS2 and other phones reporting reboots/freezing issues with VPN...
Any positive experience with VPNs among DS users?
thanks
Fero

[Q] Connect to OpenVPN + pem certificate + tap device

I want to connect my android device (nexus 7 2013) to an openvpn server which is not administrated by me, meaning I have no access on the configuration.
On my windows7-pc, I do this with the windows version of openvpn, the provided settings file for the openvpn server and the also provided pem-certificate.
Since the server uses the tap device of openvpn, alternative clients like openvpn for android by arne schwabe[1] don't work (this app doesn't support tap).
Since I don't have a private key file (*.key), I cannot generate a p12-file[2] which could be imported by the official openvpn app[3].
The pem-fileformat is compatible to *.cer and *.crt, meaning, I can simply change the file extension to "convert" them. The crt-file can be imported by the android systems (security -> import), but this doesn't help openvpn as it seems to only use it's own certificates.
Any suggestions on how to achieve a successful connection?
[1]: play.google.com/store/apps/details?id=de.blinkt.openvpn
[2]: blog.max.berger.name/2010/01/pem-fromto-p12.html
[3]: play.google.com/store/apps/details?id=net.openvpn.openvpn
wifi
i think if you have ICS_P740AV1.0.0B07 + you can't find open hot spot and if you can see you can't connect.
Try to make one hostop secured with wpa2 and try it.
k0tsompakos said:
i think if you have ICS_P740AV1.0.0B07 + you can't find open hot spot and if you can see you can't connect.
Try to make one hostop secured with wpa2 and try it.
Click to expand...
Click to collapse
Whoa, i only understand half of it
I have android 4.3 JSS15Q rooted with flo (?). I have superSU and Busybox installed. I followed the default instructions of the nexus root toolkit. My wifi is connected for sure, but it has blocked ports (which is the reason for all this). However, since I'm failing at an earlier stage, and, since it works from my pc from the same network with the same openvpn on the same ports I suppose the error is not in the network settings...
The wifi i'm connected to has wpa2+pkip etc. but I'm not sure how this is relevant...
rom
you have installed a custom rom?
you have try to enable and disable airplane mode?
you have data conenction?
k0tsompakos said:
you have installed a custom rom?
you have try to enable and disable airplane mode?
you have data conenction?
Click to expand...
Click to collapse
I have stock android rooted. I only have wifi and the connection works perfectly, I tried rebooting the device, I consider this counts as "dis/enable airplane mode". I have good wifi signal strength.
I have no issues accessing websites over port 80/443, only the blocked ports don't work. The openvpn server is reachable on port 443 (it works from my pc).
Hello,
did you ever manage to solve this? I'm looking to configure my nexus 7 2013 to connect to an OpenVPN server using TAP and it doesn't seem to be working. I'm using OpenVPN settings with certificate-based authentification. I'm able to connect to my server, however I don't get a local IP address assigned and when I browse the internet, my IP is still showing up as from the original connection instead of the VPN endpoint. Computers with windows 7 can connect to the server no-problem and all their traffic is directed to the tunnel. Any ideas for guides and walkthroughs?
Thanks. Any help is very much appreciated.

Categories

Resources