Hello!
I have Poco X3 NFC with built-in MIUI 12 (Android 10) with latest secpatch.
I didn't unlock the bootloader due to security concerns, so phone doesn't have root / custom recovery.
Problem is related to OpenVPN app, I got the settings file (*.ovpn) from my sys admin, and it was imported correctly, the app even tells me connection was established with no errors, however in fact no traffic goes through the VPN, everything goes through default connection - IP not changed, no access to intranet and internal web resources. On my PC everything works OK.
May it be related to the MIUI specifics? Or is there some Android bug?
Please, tell me if you faced same issue, and it would be very-very cool if someone here knows the solution for this problem.
Related
Hello Everyone,
I recently upgraded to CM 12.1 and discovered that my WiFi won't automatically connect to my router anymore if it doesn't detect access to the internet (I'm in China and Google is Blocked). I believe this explains why this is happening as there is internet and having to manually connect each time is annoying at least Is there a way to disable this "new feature" ?
Regards,
Bob
In Settings, got to WiFi, press the menu button in the top right and there should be an Advanced settings section or something similar (sometimes varies based on ROM/Language). Then untick the Avoid poor connection option. This should resolve your problem. If not, you may not have the correct firmware for 5.1.1
I already have Avoid poor connections unchecked. Any other way to fix this?
Does anyone have any ideas? Any help would be appreciated. Thanks
Try disable mobile data before connect to wifi, maybe this way should help
Sent from my A0001 using Tapatalk
viper134 said:
Hello Everyone,
I recently upgraded to CM 12.1 and discovered that my WiFi won't automatically connect to my router anymore if it doesn't detect access to the internet (I'm in China and Google is Blocked). I believe this explains why this is happening as there is internet and having to manually connect each time is annoying at least Is there a way to disable this "new feature" ?
Regards,
Bob
Click to expand...
Click to collapse
I have the EXACT same problem - it really does happen because you're in China and the method of internet access testing is through Google servers blocked in here.
I'm still trying to figure out how to disable the test or maybe reroute the destination.
It would definitely be a temporary solution to make the VPN active 24/7 if you put it on the router instead of on the phone / computer etc.
Let us know if you find a solution!
Itai
this was a very popular and general problem for every Chinese user with google service device.
you have to root your phone and manually change the google server address to a local substitute site, or just turn off the google server detect.
the easiest way is to use an APK developed by Chinese to have all these things done in a click.
search NoExclamation Portal Server 1.5
+1
syzkk said:
this was a very popular and general problem for every Chinese user with google service device. you have to root your phone and manually change the google server address to a local substitute site, or just turn off the google server detect. the easiest way is to use an APK developed by Chinese to have all these things done in a click. search NoExclamation Portal Server 1.5
Click to expand...
Click to collapse
came here with a google search. this problem is generic to later android versions. i'm on cyanogenmod 12.1 which is i gather is android 5.1.
looking at DNS logs, it tries to access: http://connectivitycheck.android.com - which redirects to google and fails as it's blocked by the GFW.
just downloading the chinese apk to fix it... the link to it i found is: http://m.hiapphere.com/apk-org.foxteam.noisyfox.noexclamation
EDIT: so now got noexclamation the app running, but not sure it's doing anything. UI is in chinese, not sure what options to deal with and how. anyone have success with it?
EDIT2: it's like this: install the app. leave it at defaults where it's using the developers website for connectivity check. toggle it ON if it's not already (i believe needs root). reset network settings by toggling airline mode ON/OFFl. you're good.
however - conceptually better fix would is to take the "feature" OUT, not alter the server that it's checking the accessibility of. from the chinese thread, i gather this will get done by:
su
settings put global captive_portal_detection_enabled 0
this seems to survive reboot as well. problem solved, end of monologue!
Has anyone got an L2TP/IPSEC vpn connecting on the s7 at all?
Everything I try just results in a failed attempt to connect, however, if I try the exact same connection settings on my N4 running 5.1.1 then it connects first time every time.
did you manage to get this to work ?
L2TP/IPSEC PSK here and not able to connect via S7 but does fine with my Windows 8 laptop. OpenVPN works on S7 though
Nope, not at all.
Marshmallow fails totally still. Did find a google link which suggests it is an OS issue.
https://code.google.com/p/android/issues/detail?id=196939
Trixster101 said:
Nope, not at all.
Marshmallow fails totally still. Did find a google link which suggests it is an OS issue.
https://code.google.com/p/android/issues/detail?id=196939
Click to expand...
Click to collapse
thanks for that https://code.google.com/p/android/issues/detail?id=196939#c70
I have found a work around. If you can force your VPN server (assuming you
are in control of it the way I am with mine), and can force it to use SHA1
instead of SHA2 then it works. It seems the version of SHA2-256 that
Android 6.x.x is using is an older draft specification and the one
implemented in many other IPsec implementations uses the official SHA2-256
implementation with the correct padding and whatever else.
Has anyone else tried this? I have it set on my server and works with both
new and old Android. Though I am not fond of having to intentionally
weaken my security strength by having to run an older hash algorithm but
considering we can't use Diffie Hellman group larger than 1024 bits anyhow,
seems like a moot point.
Sly
Click to expand...
Click to collapse
and https://code.google.com/p/android/issues/detail?id=196939#c35
In your ipsec.conf file you should add three additions,
add ,aes256-sha2_256 to both ike= and phase2alg=
Then add a newline with sha2-truncbug=yes
reload ipsec
You should now be able to connect to your VPN. I've tested it on my Nexus 5x now, and works like a charm!
Click to expand...
Click to collapse
I had a problem too connecting it to my Synology DS214+ L2PT/Ipsec. I got it by removing my capital letters in my password and after I was able to connect. I don't know the capital character was the problem but now it's working for me.
I am trying to set up a L2PT/IPSec VPN profile for my S7 running on Superman Rom (Android 6.0.1) but always when I connect to the VPN, it says "Unfortunatelly System UI has stopped" and the phone then crashes. Not sure, if this is Custom-ROM specific error, OS-specific error or something else.. Somebody too experiences this problem? Any solutions/ideas, how I can get the VPN connection work? Maybe there are some apps, capable of doing this (I found none capable of L2PT)?
blaukraut said:
I am trying to set up a L2PT/IPSec VPN profile for my S7 running on Superman Rom (Android 6.0.1) but always when I connect to the VPN, it says "Unfortunatelly System UI has stopped" and the phone then crashes. Not sure, if this is Custom-ROM specific error, OS-specific error or something else.. Somebody too experiences this problem? Any solutions/ideas, how I can get the VPN connection work? Maybe there are some apps, capable of doing this (I found none capable of L2PT)?
Click to expand...
Click to collapse
I have same problem with NOBLE rom did you fix it?
No. I then recognized that my VPN provider also supports the VPN connection via Cisco AnyConnect (also for Android), which was very simple and straight forward.
when I connect to a captive wifi, I want to use the connection as is (maybe I want to login without telling google - since the builtin authenticator uses their gstatic domain, or maybe I want to probe the network as it is being redirected, or maybe I just want firefox to manage my password to the portal, etc)
but after I select "use wifi as is" on the android webview builtin auth screen, android starts to route all and every traffic to my 3g/4g data connection instead, until I disable and re-enable wifi.
it will only ever redirect traffic to wifi after it successfully got the correct 204 from gstatic.com
is there anyway to work around this?
I am on android6, but I think I has always been like that.
gcbxda said:
when I connect to a captive wifi, I want to use the connection as is (maybe I want to login without telling google - since the builtin authenticator uses their gstatic domain, or maybe I want to probe the network as it is being redirected, or maybe I just want firefox to manage my password to the portal, etc)
but after I select "use wifi as is" on the android webview builtin auth screen, android starts to route all and every traffic to my 3g/4g data connection instead, until I disable and re-enable wifi.
it will only ever redirect traffic to wifi after it successfully got the correct 204 from gstatic.com
is there anyway to work around this?
I am on android6, but I think I has always been like that.
Click to expand...
Click to collapse
Do you have any kind of Linux ide? Have you tried making a tunnel?
Or is that what your looking for. I'm not 100% sure what your looking for. If your trying to skip Hotspot authentication? Or anything like that Then a tunnel would work fine.
Sorry I can't be of much else help
If your phone is rooted or has a custom ROM (Which would obviously indicate that the phone is rooted), there is a solution that you can try using a terminal (Or ADB shell).
Issue the command: "settings put global captive_portal_detection_enabled 0" That should prevent captive portal detection and gstatic confirmation. This should work, I haven't tried it personally though.
Additionally, you can setup a captive server.
Issue the command: "settings put global captive_portal_server g.cn"
Restart your phone, and you should have access to the pages.
Basically, connecting as is, requires you to reach a site that does not require 204 confirmation and afterward other sites should be accessible. Let me know if this helps.
Josh Ross said:
If your phone is rooted or has a custom ROM (Which would obviously indicate that the phone is rooted), there is a solution that you can try using a terminal (Or ADB shell).
Issue the command: "settings put global captive_portal_detection_enabled 0" That should prevent captive portal detection and gstatic confirmation. This should work, I haven't tried it personally though.
Additionally, you can setup a captive server.
Issue the command: "settings put global captive_portal_server g.cn"
Restart your phone, and you should have access to the pages.
Basically, connecting as is, requires you to reach a site that does not require 204 confirmation and afterward other sites should be accessible. Let me know if this helps.
Click to expand...
Click to collapse
no root on the phone (damn blackberry priv) and no control of the portal.
this is so infuriating. This is trivial, banal even, on any device i control. Feel like a kid on training wheels every time i touch my phone.
Why is this a problem?
A: Your phone will likely have trouble connecting to public WiFi at airports, Hotels, Business for BYOD programs, etc.
802.11r is what allows you to seamlessly hop from one Access Point to another without bother. Hotels, Corporate offices, etc can't possibly use just one WiFI access point to provide WiFi coverage to all areas so instead they use multiple WiFi access points with the same network name but it's 802.11r that allows you to remain connected while you move between WiFi access points!
I have tested OOS 10.0.06, OOS 10.3.3, OOS 10.3.2 I have additionally tested these rom's with Revolution Remix as well as latest Smurf kernel available on XDA; so I have tried Stock and Custom and am here to report; 802.11r is broken on all of these builds and to really bad extent as well! So much so, that it appears my router is no longer able to assign the device an IP address after to many hops as I am eventually presented with the message in WiFi Settings of OOS "Access point temporarily full"
Steps to re-produce;
In my home I have set up 3 AP flashed with OpenWRT working together harmonious with 802.11r.
I am able to make one round from Access Point 1>2>3 but when I come back around; 3>2>1, I remain connected to Access Point 2, in the Access Point 1 zone. If I manually try to force a connection to access point 1 then I am presented with either no message at all, just can' connect of "Access point temporarily full"
The only way to resolve the issue is with a reboot of all routers. Simply rebooting the phone does not resolve the issue!?
Now I am back on OOS 9.5.13 GM21AA and I am able to approach anyone of these AP zones any number of times and it is successfully 802.11r transitioning seamlessly as it should without any bother.
All routers are flashed with OpenWrt and software pushed to the device was from the un-brick tools found in the New/Guides Thread of XDA.
Let me know if you need me to test new test builds.
Update;
https://forums.oneplus.com/threads/...sted-works-fine-on-pie.1237736/#post-21701766
Update 2, Seems this is an issue is widespread For Q on One Plus devices...
https://forums.oneplus.com/threads/...-not-working-after-android-10-update.1164774/
Update 3, A One Plus Engineer has reached out to me; I have provided them with logs for both OOS 10 and Pie for comparison using their logkit tool. Was able to re-produce the issue 7 times in the logs provided.
Fingers crossed this gets fixed in the next update
Update: Sept 30 2020; still broken on OOS Beta 18FW...
Update: Oct 05 2020;
Solved my 802.11r issue on my end currently on Open Beta 18.
The issue is/was using 802.11r with 802.11w Management Frame Protection set to Optional or Required. For 802.11r to function properly on OOS Q you have to set 802.11w Management Frame Protection to disabled (default) in router settings.
On OOS Pie 802.11r works fine with 802.11w Management Frame Protection set to Optional or required... So there is still a regression here and perhaps we need to open up another bug report.
Its also worth mention; 802.11w also breaks Volte and VoWIFI (WiFi calling) on Q where on Pie, it does not.
UPDATE OCT 9 2020; seems 802.11r is still broken. While disabling 802.11w helps, it's still failing to seamlessly transfer and dropouts are occurring.
Back to PIE I go!
Title: Random mac adress when using device's adress
Device: OnePlus 9
Software Version: LE2115_11_C.61
Probablility of occurance: 100%
Topic: Bug Report
Photos:
Carrier/Network:
Actual behavior:
Was this a problem in previous software versions: didn't happen in OOS11 but happend in OOS12 C36~C61
Expected behavior:
Any other comments:
From:
My OSS12 can't fixed the devices Mac addres when "use the device adress".
Every time I connect into the Wifi after reboot, the device MAC address changed even I have made setting "use the device adress" correctly.
I already tried to enable / disable the wifi non persistent mac randomization under the developer settings and keeps doing the same thing.
This started to happen just after the major android version update to OOS12, never happened in OOS11
Does anybody face to the same issue?
Yes, I do face the same issue after I rooted my phone/flashed firmware. I searched many times for the solution of this issue, but I never found a proper solution to fix it and I don't even know why this happens.